urlscan.io logo urlscan.io
SecurityTrails logo

3seclab.com Open in urlscan Pro
3.70.101.28  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://3seclab.com/
Effective URL: https://3seclab.com/
Submission: On January 17 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 44 IPs in 6 countries across 34 domains to perform 338 HTTP transactions. The main IP is 3.70.101.28, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is 3seclab.com.
TLS certificate: Issued by R3 on January 2nd 2024. Valid for: 3 months.
This is the only time 3seclab.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 18.192.231.252 16509 (AMAZON-02)
15 3.70.101.28 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
60 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:710... 20940 (AKAMAI-ASN1)
4 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 1 2400:52e0:1e0... 200325 (BUNNYCDN)
4 2606:4700::68... 13335 (CLOUDFLAR...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
14 2606:50c0:800... 54113 (FASTLY)
1 21 2a00:1450:400... 15169 (GOOGLE)
3 2001:4860:480... 15169 (GOOGLE)
5 2606:4700:e4:... 13335 (CLOUDFLAR...)
2 151.101.129.44 54113 (FASTLY)
1 2a02:2638:3::12 44788 (ASN-CRITE...)
34 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638:3::c 44788 (ASN-CRITE...)
7 2a02:2638:3::3 44788 (ASN-CRITE...)
1 178.250.1.6 44788 (ASN-CRITE...)
2 2a02:2638:3::10 44788 (ASN-CRITE...)
2 2a02:2638:3::1a 44788 (ASN-CRITE...)
1 2a02:2638:3::9 44788 (ASN-CRITE...)
6 2a00:1450:400... 15169 (GOOGLE)
12 26 216.58.206.34 15169 (GOOGLE)
6 14 104.18.36.155 13335 (CLOUDFLAR...)
6 10 37.252.171.149 29990 (ASN-APPNEX)
10 2a00:1450:400... 15169 (GOOGLE)
57 2a00:1450:400... 15169 (GOOGLE)
12 2607:f8b0:400... 15169 (GOOGLE)
1 4 2a00:1450:400... 15169 (GOOGLE)
9 142.250.184.194 15169 (GOOGLE)
1 2 54.73.100.143 16509 (AMAZON-02)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
4 4 3.76.149.124 16509 (AMAZON-02)
2 2 151.101.194.49 54113 (FASTLY)
1 1 18.158.149.85 16509 (AMAZON-02)
2 2 2a05:d018:d29... 16509 (AMAZON-02)
1 34.160.236.64 15169 (GOOGLE)
1 2620:116:800d... 16509 (AMAZON-02)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 34.150.170.96 396982 (GOOGLE-CL...)
1 18.197.244.187 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
4 2600:9000:223... 16509 (AMAZON-02)
2 142.250.186.130 15169 (GOOGLE)
6 2600:1f18:1ac... 14618 (AMAZON-AES)
5 142.250.185.98 15169 (GOOGLE)
338 44
1    18.192.231.252 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-231-252.eu-central-1.compute.amazonaws.com
3seclab.com
15    3.70.101.28 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-70-101-28.eu-central-1.compute.amazonaws.com
3seclab.com
1    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
60    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a02:26f0:7100::1720:ee90 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
t1.daumcdn.net
4    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700:4400::ac40:93bc (United States)

ASN13335 (CLOUDFLARENET, US)
kit.fontawesome.com
1    2400:52e0:1e00::1081:1 (Germany)

ASN200325 (BUNNYCDN, SI)
cdn.rawgit.com
4    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
4    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
14    2606:50c0:8000::154 (United States)

ASN54113 (FASTLY, US)
user-images.githubusercontent.com
21    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
3    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
5    2606:4700:e4::ac40:a407 (United States)

ASN13335 (CLOUDFLARENET, US)
ka-f.fontawesome.com
2    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
1    2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
34    2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
6    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
7    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl3.eu.criteo.com
2    2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
imageproxy.eu.criteo.net
2    2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
1    2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl3.eu.criteo.com
6    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
26    216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f2.1e100.net
cm.g.doubleclick.net
14    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
10    37.252.171.149 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
10    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
57    2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
12    2607:f8b0:400e:c03::78 (The Dalles, United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
4    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
9    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
googleads4.g.doubleclick.net
2    54.73.100.143 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-73-100-143.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com
1    2a02:fa8:8806:20::2040 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
4    3.76.149.124 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-76-149-124.eu-central-1.compute.amazonaws.com
pm.w55c.net
2    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    18.158.149.85 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-149-85.eu-central-1.compute.amazonaws.com
d.agkn.com
2    2a05:d018:d29:3601:fb9e:de5f:307d:4267 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    34.160.236.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.236.160.34.bc.googleusercontent.com
odr.mookie1.com
1    2620:116:800d:21:7eb1:3826:be7e:d981 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    34.150.170.96 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 96.170.150.34.bc.googleusercontent.com
um.simpli.fi
1    18.197.244.187 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-244-187.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    2600:9000:223f:ba00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
2    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
www.googleadservices.com
6    2600:1f18:1aca:4282:d34e:2c1b:3408:57ec (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dt.adsafeprotected.com
5    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
ade.googlesyndication.com
Apex Domain
Subdomains		 Transfer
99 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
ade.googlesyndication.com — Cisco Umbrella Rank: 356
995 KB
66 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
cm.g.doubleclick.net — Cisco Umbrella Rank: 260
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 594
571 KB
57 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 336
20 MB
19 gstatic.com
www.gstatic.com
csi.gstatic.com
fonts.gstatic.com
63 KB
16 3seclab.com
3seclab.com
16 KB
14 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622
8 KB
14 githubusercontent.com
user-images.githubusercontent.com — Cisco Umbrella Rank: 12090
2 MB
12 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 1004
static.adsafeprotected.com — Cisco Umbrella Rank: 721
dt.adsafeprotected.com — Cisco Umbrella Rank: 719
120 KB
11 criteo.net
static.criteo.net — Cisco Umbrella Rank: 657
imageproxy.eu.criteo.net — Cisco Umbrella Rank: 9386
csm.eu.criteo.net — Cisco Umbrella Rank: 8850
79 KB
10 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 253
9 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 230
389 KB
6 fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 1448
ka-f.fontawesome.com — Cisco Umbrella Rank: 3140
176 KB
5 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 369
fonts.googleapis.com — Cisco Umbrella Rank: 28
87 KB
4 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 875
4 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 2
579 B
4 criteo.com
ads.eu.criteo.com — Cisco Umbrella Rank: 8778
gum.criteo.com — Cisco Umbrella Rank: 423
cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10462
rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 15457
48 KB
4 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
15 KB
4 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 324
472 KB
3 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2029
313 B
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 145
22 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 874
s.tribalfusion.com — Cisco Umbrella Rank: 2405
1 KB
2 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 495
1 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 716
990 B
2 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1024
218 KB
1 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 373
146 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 856
758 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 764
463 B
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 1375
204 B
1 agkn.com
d.agkn.com — Cisco Umbrella Rank: 776
785 B
1 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 3445
104 B
1 rawgit.com
cdn.rawgit.com — Cisco Umbrella Rank: 11673
723 B
1 daumcdn.net
t1.daumcdn.net — Cisco Umbrella Rank: 22093
54 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
87 KB
0 gemius.pl Failed
googlecm.hit.gemius.pl Failed
338 34
Domain Requested by
60 pagead2.googlesyndication.com 3seclab.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
s0.2mdn.net
57 s0.2mdn.net 3seclab.com
s0.2mdn.net
googleads.g.doubleclick.net
34 tpc.googlesyndication.com googleads.g.doubleclick.net
3seclab.com
tpc.googlesyndication.com
s0.2mdn.net
pagead2.googlesyndication.com
26 cm.g.doubleclick.net 12 redirects googleads.g.doubleclick.net
3seclab.com
21 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
3seclab.com
16 3seclab.com 1 redirects 3seclab.com
14 dsum-sec.casalemedia.com 6 redirects googleads.g.doubleclick.net
14 user-images.githubusercontent.com 3seclab.com
12 csi.gstatic.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
10 securepubads.g.doubleclick.net googleads.g.doubleclick.net
s0.2mdn.net
10 ib.adnxs.com 6 redirects googleads.g.doubleclick.net
9 googleads4.g.doubleclick.net 3seclab.com
7 static.criteo.net ads.eu.criteo.com
6 dt.adsafeprotected.com googleads.g.doubleclick.net
6 www.gstatic.com googleads.g.doubleclick.net
6 www.googletagservices.com googleads.g.doubleclick.net
3seclab.com
5 ade.googlesyndication.com 3seclab.com
5 ka-f.fontawesome.com kit.fontawesome.com
3seclab.com
4 static.adsafeprotected.com googleads.g.doubleclick.net
srcdoc
4 pm.w55c.net 4 redirects
4 www.google.com 1 redirects googleads.g.doubleclick.net
tpc.googlesyndication.com
4 cdnjs.cloudflare.com 3seclab.com
cdnjs.cloudflare.com
4 cdn.jsdelivr.net 3seclab.com
cdn.jsdelivr.net
4 fonts.googleapis.com 3seclab.com
googleads.g.doubleclick.net
3 region1.google-analytics.com www.googletagmanager.com
2 www.googleadservices.com 3seclab.com
2 pr-bh.ybp.yahoo.com 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 fw.adsafeprotected.com 1 redirects 3seclab.com
2 csm.eu.criteo.net ads.eu.criteo.com
2 imageproxy.eu.criteo.net ads.eu.criteo.com
2 cdn.taboola.com 3seclab.com
cdn.taboola.com
1 fonts.gstatic.com fonts.googleapis.com
1 x.bidswitch.net googleads.g.doubleclick.net
1 um.simpli.fi 1 redirects
1 s.tribalfusion.com 3seclab.com
1 a.tribalfusion.com 1 redirects
1 cms.quantserve.com googleads.g.doubleclick.net
1 odr.mookie1.com googleads.g.doubleclick.net
1 d.agkn.com 1 redirects
1 dclk-match.dotomi.com googleads.g.doubleclick.net
1 rtb.nl3.eu.criteo.com googleads.g.doubleclick.net
1 cat.nl3.eu.criteo.com ads.eu.criteo.com
1 gum.criteo.com cdn.taboola.com
1 ads.eu.criteo.com googleads.g.doubleclick.net
1 cdn.rawgit.com 1 redirects
1 kit.fontawesome.com 3seclab.com
1 t1.daumcdn.net 3seclab.com
1 ajax.googleapis.com 3seclab.com
1 www.googletagmanager.com 3seclab.com
0 googlecm.hit.gemius.pl Failed googleads.g.doubleclick.net
338 51

This site contains links to these domains. Also see Links.

Domain
www.instagram.com
Subject Issuer Validity Valid
*.3seclab.com
R3		 2024-01-02 -
2024-04-01		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.daumcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-06-07 -
2024-06-07		 a year crt.sh
*.fontawesome.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-04 -
2025-01-03		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.github.io
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-21 -
2024-03-20		 a year crt.sh
ka-f.fontawesome.com
GTS CA 1P5		 2024-01-06 -
2024-04-05		 3 months crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-11-22		 a year crt.sh
*.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-15 -
2024-03-10		 3 months crt.sh
*.nl3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-03 -
2024-02-28		 3 months crt.sh
*.eu.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-27 -
2024-03-21		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M02		 2023-03-29 -
2024-04-27		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-08-15 -
2024-09-15		 a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-27 -
2024-03-29		 a year crt.sh
quantserve.com
R3		 2023-12-27 -
2024-03-26		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M02		 2023-05-09 -
2024-06-07		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh

This page contains 40 frames:

Primary Page: https://3seclab.com/
Frame ID: B508925B40DD7A99E4B5189181828930
Requests: 62 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240116/r20190131/zrt_lookup_fy2021.html
Frame ID: DCD796EEEDCAAA443749BE2631C02EE1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052384650666721&output=html&adk=1812271804&adf=3025194257&lmt=1705504204&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1048576%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x1080_l%7C500x1080_r&format=0x0&url=https%3A%2F%2F3seclab.com%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.5&asamct=0.5&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705504203825&bpp=214&bdt=243&idt=524&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7814081595830&rume=1&frm=20&pv=2&ga_vid=440884274.1705504204&ga_sid=1705504204&ga_hid=1558612209&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31080431%2C95320892%2C95321627%2C95322163%2C95322325%2C31061691%2C31061692&oid=2&pvsid=593978333931182&tmod=1091228091&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=541
Frame ID: 277EEFEB3141680172A4A73922B86AAF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052384650666721&output=html&h=280&slotname=8309648592&adk=3127313283&adf=97736722&pi=t.ma~as.8309648592&w=1200&fwrn=4&fwrnh=100&lmt=1705504204&rafmt=1&format=1200x280&url=https%3A%2F%2F3seclab.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705504204039&bpp=7&bdt=457&idt=330&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7814081595830&rume=1&frm=20&pv=1&ga_vid=440884274.1705504204&ga_sid=1705504204&ga_hid=1558612209&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=3706&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31080431%2C95320892%2C95321627%2C95322163%2C95322325%2C31061691%2C31061692&oid=2&pvsid=593978333931182&tmod=1091228091&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=1152&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=334
Frame ID: 2C2B67207345393A1BA9382F5A8B9B89
Requests: 10 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaftzAAHSfAIjpMfAATrsTNCspt873sIeBAbPw&u=%7CvxOjmpYt4c5bWNppj4a%2FcATBqo9ouGngG0TmeF5gn5o%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86wfSmyRjLjQ2HlU1snrP-kKGzdzDuHb3ffNqbpvK0_-3myhivls6z-eT_707RfgKbR8RiA0vQe5r5udZ7kOeUKLBKxw_uoTtN80_Ykd7-ZeAFSAC0P4YbG2OLzLbZzBJIu29H6cIx5VPybDOhRfaYBfFBbcJNWIxdybf8QG67I-ZH-wj0Ewr9XCaJLN8ekfKA6IWGUoLqQcie5NYXxfisZPrCsCB35C5wN8AKIMJV4sqQRTBX3vZJXUEhXVX_jaKS_12uWtKY5roMCV4xyQp42zME8CsFh1yuQP9vM2i-ttyzUJIFor484ipyitoELBZQ78x8_xOWQ2dxMloUGtaWLk0pxubP1IAeScNNHSLHRcvejGwjaQJJbN6YtNex4jBMGrZ6zBYTx1tKaU5MI84yLT2FqGvfvFmdAjJoxbyOpEi7Uw5o8cq5SoGgw8e8ruFQ-E0dj6iNcdAu6Buz8cpUl5WsSfSK-e1WduNcSqCTntnuwGNABt7ygR4lcXJyClGsu7hBhWvjV0LyzncxLtv337GR6EZ7lz6VdxVbNwjP7wcft2tOiLoZq08faEjWKWWJC5EooCJEaBo5DuiZgyHu7U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQdcbzO2nZfCTHZ-muvQPsdeT0AvJntKxXLWY49aTAcCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi03MDUyMzg0NjUwNjY2NzIxyAEJqQJTBsBb_z-yPqgDAcgDAqoE3AFP0CWYPcdQ3NTXTZlUpBa__eY_B9kHRSmEO0wpEV3umIVLST3tOJwtG9kSr-pS6fkT0bSKmVHnx8xZ_xLYJnq3UvvvbzAtTVV31VRKf2qwEjYOgMJZynNAyx8yoxhKCza4Uiu0UGpmnibm-6PtPns8ng29vtYiYEAfHCz94tkvAFTkhe7_v_Ret_FeIn-fZ0am2-551jGcTEQ_JXSgjkBbuDsHgjvRur67-78erJ6bUPwtngnEdSmJh1CIxRDmWzluTSCuC7_wrJN3ttEzKkyC0W8Gh9dCAsCh-_ttgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYtvKQotrkgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3Bqm_lEAp3k2R6jEV3mV600ymZRA%26client%3Dca-pub-7052384650666721%26adurl%3D
Frame ID: 5A3B63AFE639D0BF48909F669E943254
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052384650666721&output=html&h=280&adk=3232636341&adf=3254513062&pi=t.aa~a.4122652283~rp.1&w=500&fwrn=4&fwrnh=100&lmt=1705504205&rafmt=1&to=qs&pwprc=8885713159&format=500x280&url=https%3A%2F%2F3seclab.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705504205281&bpp=1&bdt=1699&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85f5c5c159c77a69%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_Mb93ZQYCJF9PNRrdD0nXxMvr4sL5w&gpic=UID%3D00000d43700928e7%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_MYzgamZlVuSn9boNcaAHLj5-qNlIw&prev_fmts=0x0%2C1200x280&nras=2&correlator=7814081595830&rume=1&frm=20&pv=1&ga_vid=440884274.1705504204&ga_sid=1705504204&ga_hid=1558612209&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31080431%2C95320892%2C95321627%2C95322163%2C95322325%2C31061691%2C31061692&oid=2&psts=AOrYGsl95Ya7pY9kXAFmbNgL7fy4ghf-ulzrwF1d6HFUVvqvJwDESaqv5gDxcdYSHGP0kk2oC1kI7vRjWjmX9Q&pvsid=593978333931182&tmod=1091228091&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=3
Frame ID: 561F1CEDEAE01C75AF5D53DB74358592
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052384650666721&output=html&h=280&adk=1958173566&adf=867136312&pi=t.aa~a.2964258233~rp.1&w=500&fwrn=4&fwrnh=100&lmt=1705504205&rafmt=1&to=qs&pwprc=8885713159&format=500x280&url=https%3A%2F%2F3seclab.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705504205281&bpp=1&bdt=1699&idt=0&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85f5c5c159c77a69%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_Mb93ZQYCJF9PNRrdD0nXxMvr4sL5w&gpic=UID%3D00000d43700928e7%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_MYzgamZlVuSn9boNcaAHLj5-qNlIw&prev_fmts=0x0%2C1200x280%2C500x280&nras=3&correlator=7814081595830&rume=1&frm=20&pv=1&ga_vid=440884274.1705504204&ga_sid=1705504204&ga_hid=1558612209&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=2001&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31080431%2C95320892%2C95321627%2C95322163%2C95322325%2C31061691%2C31061692&oid=2&psts=AOrYGsl95Ya7pY9kXAFmbNgL7fy4ghf-ulzrwF1d6HFUVvqvJwDESaqv5gDxcdYSHGP0kk2oC1kI7vRjWjmX9Q&pvsid=593978333931182&tmod=1091228091&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=5
Frame ID: 03EFB2EE07CF4577E04E37E6DE6173A2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240116/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 3A24F7036D07DA7629B5FD044C736C98
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240116/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 8337DBA7810125373CCDADBBC9F7FBFF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240116/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 9FE96231516422BD33FF85185095D6E3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240116/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: FC86DC299663E047E71C21F5A71D44E4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYmL35xgEwAQ&v=APEucNUpgrBBLWkigMvXQkDdzwDS8aC-B_qik7x_gIBgZgzNGUjiRCVuP6o6j_e4OlY2EELTu5z-Gjq2sPQeSgCv_XTXSXhnryJ96k9Ehf6VWh_Cu5q-Pb9UkQnyNr3lo9bd9WyGUdfH_9odkbB4Usi-kRdcRw-2mJY7KL0dNyFza_vNwAZZ3kk
Frame ID: FFF64FC15D1536ECC99211D33FFB7F9B
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: F18AC13162363FB68524EC6E37C0A0E4
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY8rvx0wEwAQ&v=APEucNXwhLqRBOkJsgel1XP2ETh-xrt5lKlOPXT42jRxnoAs7o7jZxxyEUT3FlL2yoduQSynPg8OYyyqpAIYJLXZbNTIiSIyzZLYg-0BuPuq3R46-srKEuSCtoCqDlCp8yLdw0gG_h3gzm6_lSGOIy90wtXIeTPFkNcmbZZQXULwhmjIYcbdd0E
Frame ID: 97A20FDCE82467624DC07E69CFCB5E07
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 4145FFEEFC20FD003C169E5431F74543
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYx7n5xgEwAQ&v=APEucNXLA_RXSJldRjqUgGP0z4hXZ6CwbhGVSMUhCSu2xPfWDb3lQyEBaqSpVkVtvsE6Vw_MJ_7iHVWb5pVtzMMWyU0jmHPeeF12g7RF_kpWotq9ddhveRS6gz0v_9a1vrlFiViCX8KtwLM7gmaIm7mDJg3nNtnsbWpcLu2HTPBje9uJ7ny3wN8
Frame ID: 5ACE85A6D773A378F345F6EF3BA317EF
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: C5519CF7EB0430F04B2BC439C371293C
Requests: 21 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Poppins%3A400%2C600
Frame ID: C597813614DE31CE47026C27FE72263F
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js
Frame ID: 03837B1EFCFD3C979D1A22F468DDD9A8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 3BCF5DC8D21D534088983F2638C938AE
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 50F8DA49E1AFEA88C52A643F7FD5888A
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 846F43048D7A838C23A13859F3C8E804
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKo89UCEOuOtqEDGKWd_YICMAE&v=APEucNUDaJ-iKXPqJ_bOYqrbS-21FCKRytLTxN9eiLUwCdSwtpT5I8HZ1tqytFkjATgDjlL5tBSNJQaz5mHcKal-eYPzX9fHIPBX0viR0sujoR6OA-CpZ8J2ng9Y1DlUAb-Rnt0f-wE3PycfKl4v4sFFMCAzKN5hsuZhqUA5_v9maPiuHw1C5Zc
Frame ID: A9E77F934D398434FF3819DE240582F8
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 08B7BF72976CE1767AF451F8E501E693
Requests: 28 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/16194089670991452542/index.html?e=69&leftOffset=0&topOffset=0&c=Hv1rQvFnSe&t=1&renderingType=2&ev=01_250
Frame ID: AFEE5D8F28898F327373757F2C3ED116
Requests: 20 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/16194089670991452542/index.html?e=69&leftOffset=0&topOffset=0&c=CSTZhzLPkK&t=1&renderingType=2&ev=01_250
Frame ID: CDFEBB4232D621D417F30F753E41FDEF
Requests: 19 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12977775661556909822/index.html?e=69&leftOffset=0&topOffset=0&c=2MW6RW6pHX&t=1&renderingType=2&ev=01_250
Frame ID: 48B1336ECBDDC37827CFA4BEFD257F58
Requests: 20 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C74F77D907B34CF4AE70DE48BA9D5937
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 8524944C52E326BCDD15739CB967B662
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F5C698AECE5E5BF3C2BC27BA71E4CCCC
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 77B62E590D67BA222F7B3916582CC682
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2697211176333753978/index.html?ev=01_250
Frame ID: E229DC44D11FC0D7971C26AB38B8A77F
Requests: 6 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: C46AEE4827A945FEB139E10DCF4F6515
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js
Frame ID: 6BA6F99CCEC95CEA5099AE8549374A31
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Frame ID: E03161789DEEED2FECB8DD796A7C916A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Frame ID: 91AE67A22A58E421B01EC03E23C2DEEA
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Frame ID: FCBF8940AF54B0C424E537A487CC8C38
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/passback_300x250.js
Frame ID: 5D1B876B438B38AF78B6E0EACD2E3858
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 842D1BDD49AFBB38CA67B9C76018B00A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7826F28DDCAA2D0B044BAB9BC12404B6
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

3초 연구소

Page URL History Show full URLs

  1. http://3seclab.com/ HTTP 301
    https://3seclab.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • kit\.fontawesome\.com/([0-9a-z]+).js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

338
Requests

91 %
HTTPS

66 %
IPv6

34
Domains

51
Subdomains

44
IPs

6
Countries

25909 kB
Transfer

32291 kB
Size

24
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://3seclab.com/ HTTP 301
    https://3seclab.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://cdn.rawgit.com/moonspam/NanumSquare/master/nanumsquare.css HTTP 301
  • https://cdn.jsdelivr.net/gh/moonspam/NanumSquare@master/nanumsquare.css
Request Chain 106
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDT2T2jmCq1gCQfLxyF11rw&google_cver=1
Request Chain 107
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaftzbSKeWwN67RCUif7OQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOAndp_XQTBq17hEtuuZCM8&google_cver=1
Request Chain 108
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMEFyzo_2zG3LAo1py0FNIw&google_cver=1
Request Chain 109
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzc4MDQ2ODgzOTQ5NDM1OTgwMg%3D%3D
Request Chain 121
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIEQJuOiOe3UA-EUc_UMfoA&google_cver=1
Request Chain 122
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaftzYCNVkzpUeaiHYkyzAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOAndp_XQTBq17hEtuuZCM8&google_cver=1
Request Chain 123
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEAmJXALEgW7pf9RypHyBMI0&google_cver=1
Request Chain 124
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzc4MDQ2ODgzOTQ5NDM1OTgwMg%3D%3D
Request Chain 131
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOAndp_XQTBq17hEtuuZCM8&google_cver=1
Request Chain 132
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaftzbSKeWwN67RCUif7OQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOAndp_XQTBq17hEtuuZCM8&google_cver=1
Request Chain 133
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKU0nSojlmvpSKGlHeBKN7I&google_cver=1
Request Chain 134
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzc4MDQ2ODgzOTQ5NDM1OTgwMg%3D%3D
Request Chain 171
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBuFcC0xuS1jWKGprg6eIys&google_cver=1
Request Chain 172
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaftzbSKeWwN67RCUif7OQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBuFcC0xuS1jWKGprg6eIys&google_cver=1
Request Chain 173
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEHdSe9yZq2VOAI4sVyI9USg&google_cver=1
Request Chain 174
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzc4MDQ2ODgzOTQ5NDM1OTgwMg%3D%3D
Request Chain 214
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELv3UIUs6RM8RbxcATef6K0&google_cver=1&google_push=AXcoOmSsGuDjYHHGLk9kHUa0m_pjp-jlFTaRrWwKmCeNXFBRtPk_yeTA20YW9bF-vh2Jhdgg80G22kIDMZFoZ-5fvseFgBR2YsLaIiByay2AO7HEM-I8sPxTnR_ywzKiixc06MZ-p4gRb6EU3jBc3sdJbVS0Uzw HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELv3UIUs6RM8RbxcATef6K0&google_cver=1&google_push=AXcoOmSsGuDjYHHGLk9kHUa0m_pjp-jlFTaRrWwKmCeNXFBRtPk_yeTA20YW9bF-vh2Jhdgg80G22kIDMZFoZ-5fvseFgBR2YsLaIiByay2AO7HEM-I8sPxTnR_ywzKiixc06MZ-p4gRb6EU3jBc3sdJbVS0Uzw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TVJiNUFZT3MxUnE3eW01&google_gid=CAESELv3UIUs6RM8RbxcATef6K0&google_cver=1&google_push=AXcoOmSsGuDjYHHGLk9kHUa0m_pjp-jlFTaRrWwKmCeNXFBRtPk_yeTA20YW9bF-vh2Jhdgg80G22kIDMZFoZ-5fvseFgBR2YsLaIiByay2AO7HEM-I8sPxTnR_ywzKiixc06MZ-p4gRb6EU3jBc3sdJbVS0Uzw
Request Chain 215
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEFQlNeu-g22OWr6HS93hhAI&google_cver=1&google_push=AXcoOmTe5kiuJl-hUp9oCJLQjhZUnd2Q05yrdpX7jjRLbjpwcXDyUWluXBqgsntZ2J6oSOCpNV9L4bpOxyjGBnPFSMwqj4jdMnkE7V_Nx6RAym8YUNhiBW56knkUrxa4EtC9Et4EPnZF3qiaZB5VkJsVbaxh4cA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFQlNeu-g22OWr6HS93hhAI&google_push=AXcoOmTe5kiuJl-hUp9oCJLQjhZUnd2Q05yrdpX7jjRLbjpwcXDyUWluXBqgsntZ2J6oSOCpNV9L4bpOxyjGBnPFSMwqj4jdMnkE7V_Nx6RAym8YUNhiBW56knkUrxa4EtC9Et4EPnZF3qiaZB5VkJsVbaxh4cA
Request Chain 216
  • https://d.agkn.com/pixel/2175/?google_gid=CAESED2S9quWEFbEgOwBZMJWZog&google_cver=1&google_push=AXcoOmTdGNfFkJi2yJBOwSnF-8NqqAr5f0vthW0CBWyWNtO-2aQNwCmbiWI67lwmkOv0tqSR9wPYcLeRxJcbWs5bIpUKhiueYDVyhbywV7k5ey3LRAFqEaHZX33nl_Bv4T-JWjtiPQWWN9ojBOZXKMG4-d2fQQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmTdGNfFkJi2yJBOwSnF-8NqqAr5f0vthW0CBWyWNtO-2aQNwCmbiWI67lwmkOv0tqSR9wPYcLeRxJcbWs5bIpUKhiueYDVyhbywV7k5ey3LRAFqEaHZX33nl_Bv4T-JWjtiPQWWN9ojBOZXKMG4-d2fQQ&google_hm=Q0FFU0VEMlM5cXVXRUZiRWdPd0JaTUpXWm9n
Request Chain 217
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEAee0AGkfAPk5Uj8bmkQdOw&google_cver=1&google_push=AXcoOmRKStOisA2UU7hdF8kbeZZT_nqbzEAtchmda5UxvrhByOYWaco27FUYjHZSl6kCjhpzz5E5j4I702Xiw3Hg1Kv83gNrFQQbPUPvVqmySSQIRjAv-1nnwL6ww0SqZVISBwLFi4YzDaRwpg1uGOIp5CIetfg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRKStOisA2UU7hdF8kbeZZT_nqbzEAtchmda5UxvrhByOYWaco27FUYjHZSl6kCjhpzz5E5j4I702Xiw3Hg1Kv83gNrFQQbPUPvVqmySSQIRjAv-1nnwL6ww0SqZVISBwLFi4YzDaRwpg1uGOIp5CIetfg&google_hm=eS01OXk3ekdCRTJwRkxmOFdTcHFtMWZKZEJORUpDS0JmTn5B
Request Chain 228
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEG-6gj7fqTi59cBRQFZBU-g&google_cver=1&google_push=AXcoOmSo9neS5kVf1FZgOcHKRffVxGWB1SpndhIGlU3J2K_zqQpRW5B_cdnkPr16J1GEEDvSCNFlCB848FSj8rq8G1__7-YTQbvMmeDWHKMSa6JFW9iJYRekgU3-SO8itgmNoTzrqLokXyglQEn3nhuasdsmWg HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEG-6gj7fqTi59cBRQFZBU-g&google_cver=1&google_push=AXcoOmSo9neS5kVf1FZgOcHKRffVxGWB1SpndhIGlU3J2K_zqQpRW5B_cdnkPr16J1GEEDvSCNFlCB848FSj8rq8G1__7-YTQbvMmeDWHKMSa6JFW9iJYRekgU3-SO8itgmNoTzrqLokXyglQEn3nhuasdsmWg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bUhOSmZtdFMxUnE3eW01&google_gid=CAESEG-6gj7fqTi59cBRQFZBU-g&google_cver=1&google_push=AXcoOmSo9neS5kVf1FZgOcHKRffVxGWB1SpndhIGlU3J2K_zqQpRW5B_cdnkPr16J1GEEDvSCNFlCB848FSj8rq8G1__7-YTQbvMmeDWHKMSa6JFW9iJYRekgU3-SO8itgmNoTzrqLokXyglQEn3nhuasdsmWg
Request Chain 229
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEL3qpKQlhd0IqFl13QmKyFw&google_cver=1&google_push=AXcoOmRHn10d54y2woZJcxeVH80kG2_3rtKwLE2rf-kuGi5ip3rJQeTuT3O1R67m8JvcNLdDHzaYpoaUhlegAByGFSuzah05r_FnE17ROfUCqNtqazsUxPLqpveJ3zlYRhvPHexINe9l1jxhZNSReuFGb20Xuw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRHn10d54y2woZJcxeVH80kG2_3rtKwLE2rf-kuGi5ip3rJQeTuT3O1R67m8JvcNLdDHzaYpoaUhlegAByGFSuzah05r_FnE17ROfUCqNtqazsUxPLqpveJ3zlYRhvPHexINe9l1jxhZNSReuFGb20Xuw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEL3qpKQlhd0IqFl13QmKyFw&google_cver=1&google_push=AXcoOmRHn10d54y2woZJcxeVH80kG2_3rtKwLE2rf-kuGi5ip3rJQeTuT3O1R67m8JvcNLdDHzaYpoaUhlegAByGFSuzah05r_FnE17ROfUCqNtqazsUxPLqpveJ3zlYRhvPHexINe9l1jxhZNSReuFGb20Xuw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRHn10d54y2woZJcxeVH80kG2_3rtKwLE2rf-kuGi5ip3rJQeTuT3O1R67m8JvcNLdDHzaYpoaUhlegAByGFSuzah05r_FnE17ROfUCqNtqazsUxPLqpveJ3zlYRhvPHexINe9l1jxhZNSReuFGb20Xuw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 230
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEMCWMqke2zEB9O38YerNb5A&google_cver=1&google_push=AXcoOmQEtELnVZHKykuaWO1vGTK3Mhx3slIp_4NX1Vo7U1OCXHKT6DS2blIHOKnob_0xOK78J3nGxLkoeuSKs5bDk6C1mZqfzde_dl6IEK3HQIWNKCkqpSnW-FoW4tmfwQWJzpHx6kwl786dx0F0t8KUWeLt8g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMCWMqke2zEB9O38YerNb5A&google_push=AXcoOmQEtELnVZHKykuaWO1vGTK3Mhx3slIp_4NX1Vo7U1OCXHKT6DS2blIHOKnob_0xOK78J3nGxLkoeuSKs5bDk6C1mZqfzde_dl6IEK3HQIWNKCkqpSnW-FoW4tmfwQWJzpHx6kwl786dx0F0t8KUWeLt8g
Request Chain 231
  • https://um.simpli.fi/gp_match?google_gid=CAESEBX07g9_Bv_dm1e6AWZZOmE&google_cver=1&google_push=AXcoOmSwUBqUPaJa6uMxHxX8cE4CfVMBGOJWVj-Sll4uj_ifVnQqldn7_gd-U5v5ywUcKyF7XcWeOu2xdIM5m2b4ortsulfupLHDxkSfhg4T3DEo5dsLws7DXO2nw491Qqh3M4xv1PiDXrdAuoG01Az7MTf3JC0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=022B358611524395B72E3CFC9921E9EF&google_push=AXcoOmSwUBqUPaJa6uMxHxX8cE4CfVMBGOJWVj-Sll4uj_ifVnQqldn7_gd-U5v5ywUcKyF7XcWeOu2xdIM5m2b4ortsulfupLHDxkSfhg4T3DEo5dsLws7DXO2nw491Qqh3M4xv1PiDXrdAuoG01Az7MTf3JC0
Request Chain 233
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEM9WoWaN4sjT92AjYyMlWeo&google_cver=1&google_push=AXcoOmQ6EoqQ95wl_JQjabonGjHLDj-CUUPmQzd6iBc0bBx3u58SZIBbF4EJkxapYR_AvbTxJFVHm0wyyEpgyc8ZataQKejFbjFahH-9-BaAKtIQgT6oA8uyMtnav8vvObvWGCAFONt3AhiuT7RoHOUVP3XQ2RI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQ6EoqQ95wl_JQjabonGjHLDj-CUUPmQzd6iBc0bBx3u58SZIBbF4EJkxapYR_AvbTxJFVHm0wyyEpgyc8ZataQKejFbjFahH-9-BaAKtIQgT6oA8uyMtnav8vvObvWGCAFONt3AhiuT7RoHOUVP3XQ2RI&google_hm=eS1rem5mNmd0RTJwRlNPVllvU2p6aVNXNHBzRERkNlcuZH5B
Request Chain 241
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 279
  • https://fw.adsafeprotected.com/rfw/st/1875473/77671614/4.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1015657930&ias_pubId=pub-7052384650666721&ias_chanId=1&ias_placementId=20907174852&bidurl=https://3seclab.com/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0jOvu4sY6JdtFgBUSovMTdp&adContainerId=brand_safety_zu2nZcPxCrnT9u8P0KKg-AY&cbFunctionName=goog_wrapCb_zu2nZcPxCrnT9u8P0KKg-AY&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2F3seclab.com&adsafe_type=g&adsafe_url=https%3A%2F%2F3seclab.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-7052384650666721%26output%3Dhtml%26h%3D280%26adk%3D1958173566%26adf%3D867136312%26pi%3Dt.aa~a.2964258233~rp.1%26w%3D500%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1705504205%26rafmt%3D1%26to%3Dqs%26pwprc%3D8885713159%26format%3D500x280%26url%3Dhttps%253A%252F%252F3seclab.com%252F%26fwr%3D0%26pra%3D3%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26fa%3D40%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1705504205281%26bpp%3D1%26bdt%3D1699%26idt%3D0%26shv%3Dr20240116%26mjsv%3Dm202401110101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26cookie%3DID%253D85f5c5c159c77a69%253AT%253D1705504204%253ART%253D1705504204%253AS%253DALNI_Mb93ZQYCJF9PNRrdD0nXxMvr4sL5w%26gpic%3DUID%253D00000d43700928e7%253AT%253D1705504204%253ART%253D1705504204%253AS%253DALNI_MYzgamZlVuSn9boNcaAHLj5-qNlIw%26prev_fmts%3D0x0%252C1200x280%252C500x280%26nras%3D3%26correlator%3D7814081595830%26rume%3D1%26frm%3D20%26pv%3D1%26ga_vid%3D440884274.1705504204%26ga_sid%3D1705504204%26ga_hid%3D1558612209%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D550%26ady%3D2001%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C42531705%252C31080431%252C95320892%252C95321627%252C95322163%252C95322325%252C31061691%252C31061692%26oid%3D2%26psts%3DAOrYGsl95Ya7pY9kXAFmbNgL7fy4ghf-ulzrwF1d6HFUVvqvJwDESaqv5gDxcdYSHGP0kk2oC1kI7vRjWjmX9Q%26pvsid%3D593978333931182%26tmod%3D1091228091%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257Cs%257C%26abl%3DNS%26fu%3D1152%26bc%3D31%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D5%26uci%3Da!5%26btvi%3D3%26fsb%3D1%26dtd%3D5&adsafe_type=bed&adsafe_jsinfo=,id:972324fa-d288-260c-671b-b32e16643e57,c:1zuDAv,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-7b546d5668-qlbkf,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1,mtim:3,mot:0,app:0,maw:0,fm:u1DjQgr+11%7C12%7C131%7C141%7C142%7C151*.1875473-77671614%7C1511%7C1512%7C15131%7C1514%7C1611%7C1711%7C1712%7C1713%7C1811%7C1812%7C1813%7C1911%7C1912%7C1913,idMap:151*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:16,oid:7f61ff60-b54a-11ee-8226-f6daad398db4,v:19.8.473,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4a.js
Request Chain 281
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CzdB3ze2nZazoF63NuvQP9fW88AeWkeLvdPWh8o78EcCNtwEQASCzgr2AAWCVgoCAsAegAdbErqIDyAEBqQL3ypkzvo0JPqgDAcgDwwSqBOIBT9DcCHEpZM2gfG5U35q_q4YnSH29QQ3-2lD7b2mkmqHxUlxZyiUtIXTU8CVDmasvoha7_4Fbh7gHxO69-Ihi45CJ9jFKM70UFtJ0IsXdayCexOr3Yh9BjSIcbKZViqlITkPsZgY2FhKG9XpQj4uUujwQr4k5C1yajxcbgfN74jTTr6FEMC0mUj14tQSWz9l3dDHaMQJcbFr7ZghLqwss6y3njQmM55NegQD2Vk10XGJ4Dm83jrXi-TIvLikNh1n4jii-ctNK_sP9sUmVaYOk4ctO-OwFfXSmF5pxsNfZIK005MAE74n9_8EEiAWN2tC9TZIFBAgEGAGSBQQIBRgEoAZmgAeSu9FdqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQu5AF0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOlj90Mii2uSDA5oJJ2h0dHA6Ly93d3cubWlzb3UuY28ua3IvbGFuZGluZzIwMTYwOC9tL4AKAcgLAdgTAtAVAYAXAbIXHAoaCAASFHB1Yi03MDUyMzg0NjUwNjY2NzIxGAA&sigh=R4zqlD9ZLwk&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPAAvHhf_lIgHEoRbDM9F62pGEAvxNqyEHKghOvGStH8FeilYTCaO7Ign5Hluj4qRwOos4mU9UbyKxcdSiRgB&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229222587609903619200%22,%22debug_reporting%22:true,%22destination%22:%22https://misou.co.kr%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22877371990%22],%2222%22:[%22true%22],%224%22:[%2201-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224966427951081888689%22}&andc=true

338 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
3seclab.com/
Redirect Chain
  • http://3seclab.com/
  • https://3seclab.com/
12 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3seclab.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.70.101.28 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-70-101-28.eu-central-1.compute.amazonaws.com
Software
Netlify /
Resource Hash
deedd1a5bf2243d12d0393fe733a3637c5da52d9afcce74e9f11e905c865c67d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
94742
cache-control
public,max-age=0,must-revalidate
cache-status
"Netlify Edge"; hit
content-encoding
br
content-length
2622
content-type
text/html; charset=UTF-8
date
Wed, 17 Jan 2024 15:10:03 GMT
etag
"198809b4f6e1256a3b20195f6dcf6300-ssl-df"
server
Netlify
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-nf-request-id
01HMBZHRS50K3MC92M6ZM7FV26

Redirect headers

Content-Length
35
Content-Type
text/plain; charset=utf-8
Date
Wed, 17 Jan 2024 15:10:03 GMT
Location
https://3seclab.com/
Server
Netlify
X-Nf-Request-Id
01HMBZHRN8YQA338NZG1ET54J6
js
www.googletagmanager.com/gtag/ 		253 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-B3CW348TC4
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2722765094819beab1a31ecf85b44298d6912c7f00a0716a573b7bfa9b96d99c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3seclab.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:10:03 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
88289
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 17 Jan 2024 15:10:03 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		148 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7052384650666721
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
60bbd198b164ded548ef31bd866000fa0076524b15a1dfe3e2e5f50e1874ba69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3seclab.com/
Origin
https://3seclab.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:10:03 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51426
x-xss-protection
0
server
cafe
etag
13111627480165462079
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 15:10:03 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ 		84 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3seclab.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 04:16:38 GMT
x-content-type-options
nosniff
age
39205
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85578
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Jan 2025 04:16:38 GMT
ba.min.js
t1.daumcdn.net/kas/static/ 		184 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t1.daumcdn.net/kas/static/ba.min.js
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::1720:ee90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
d7775ada10d4dbfbc3e7e6ff4b39986211d5270dfc3aec91f9b8c9eb488d363d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3seclab.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:10:04 GMT
content-encoding
gzip
nel
{"report_to":"kakao-nel","max_age":86400,"include_subdomains":true}
last-modified
Wed, 06 Dec 2023 06:01:57 GMT
server
openresty
vary
Accept-Encoding
report-to
{"group":"kakao-nel","max_age":86400,"endpoints":[{"url":"https://nel.onkakao.net/upload/"}],"include_subdomains":true}
content-type
text/javascript
cache-control
max-age=1189
accept-ranges
bytes
content-length
54648
expires
Wed, 17 Jan 2024 15:29:53 GMT
icon
fonts.googleapis.com/ 		569 B
775 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3seclab.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 17 Jan 2024 15:10:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 17 Jan 2024 15:10:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 17 Jan 2024 15:10:03 GMT
ebfafc2eb8.js
kit.fontawesome.com/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/ebfafc2eb8.js
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0646c9cc0553a4d577afee3cea3243f14bb8a5efe1940fdad72144346130e3d6

Request headers

Referer
https://3seclab.com/
Origin
https://3seclab.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:10:03 GMT
content-encoding
gzip
cf-cache-status
MISS
server
cloudflare
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age
3000
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
*
content-type
text/javascript
cache-control
max-age=60, public, stale-while-revalidate=30
cf-ray
846f85d91a94bb9b-FRA
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id
F6srCYUk5NrXTwYAwthB
nanumsquare.css
cdn.jsdelivr.net/gh/moonspam/NanumSquare@master/
Redirect Chain
  • https://cdn.rawgit.com/moonspam/NanumSquare/master/nanumsquare.css
  • https://cdn.jsdelivr.net/gh/moonspam/NanumSquare@master/nanumsquare.css
3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/moonspam/NanumSquare@master/nanumsquare.css
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H2
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fd90aa1cd1fcc9983fde36f1ea8cdd002f5b80bb12d6b3db9c9b3f22e362351
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3seclab.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:10:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
10334
x-jsd-version
master
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230119-FRA
x-jsd-version-type
branch
server
cloudflare
etag
W/"a23-9CYyJONzpW0y8AsnyM+8jaiV5o0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d%2Fr2ltlnHFm%2BODhdXrIcZFKJW1y%2FKABPfwhvXJ1pZXbq3cz8upICJmcTceGjuayn60IEpckysdc0SPve8qjw%2FYai%2BTqQfYEad4oJjX8ZP0Y%2BnUAdfaAI6W7hjg1CZKzFUO11InkkZ8M3SO4yMn0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
846f85dafb9371af-FRA

Redirect headers

date
Wed, 17 Jan 2024 15:10:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cdn-edgestorageid
1081
age
83114
x-cache
MISS, HIT
cdn-cachedat
01/17/2024 15:10:03
cdn-pullzone
201235
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443", h3-29=":443", h3-27=":443"
content-length
105
x-served-by
cache-fra-eddf8230079-FRA, cache-chi-kigq8000092-CHI
server
BunnyCDN-DE1-1081
cdn-proxyver
1.04
cdn-requestpullcode
301
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
location
https://cdn.jsdelivr.net/gh/moonspam/NanumSquare@master/nanumsquare.css
access-control-allow-origin
*
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
access-control-expose-headers
*
cache-control
public, max-age=2592000
cdn-cache
EXPIRED
cdn-requestid
846ee92fb766ff8838f102d88465aab8
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
301
cdn-requestpullsuccess
True
odometer-theme-default.css
3seclab.com/modules/odometer/ 		3 KB
528 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://3seclab.com/modules/odometer/odometer-theme-default.css
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.70.101.28 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-70-101-28.eu-central-1.compute.amazonaws.com
Software
Netlify /
Resource Hash
417d6eb8c5360add5b64962d7645178b396f12542c18ffcdee5690dcfc3ccb56
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3seclab.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nf-request-id
01HMBZHRTMC7JZTQDSWQNCXSER
date
Wed, 17 Jan 2024 15:10:03 GMT
content-encoding
br
strict-transport-security
max-age=31536000
server
Netlify
age
0
cache-status
"Netlify Edge"; fwd=miss
etag
"7308fb7b5f01d98a129a4c5d5bdfde5d-ssl-df"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
slick.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/ 		2 KB
749 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick.css
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d917660c3d6f7aad32ebc4b0012c6d0bb84a13e201a012e334bcca4b9f4686c9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3seclab.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:10:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
4354550
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
427
last-modified
Mon, 04 May 2020 16:16:21 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fd5-6c1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ebmvEROkvMCDw63Fc5r%2FPSe9eVNAHVWQ3QnwlQcv5Gv7IGFrXQA8UI%2FTFZz7GLn9nHq1i%2F2cTNEdOu8ZumBJKDB6MDZOAkB7HAKkkCV1JwBFbDp%2FokCV8%2BmjrglAQ%2BWhaNTJxff7cQ094i9GDAZnwgvr"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
846f85d908d42bf2-FRA
expires
Mon, 06 Jan 2025 15:10:03 GMT
slick-theme.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick-theme.css
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3seclab.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:10:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
4275529
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
695
last-modified
Mon, 04 May 2020 16:16:21 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fd5-c49"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w2qLeSPnLBjqz7Ba9NkTBFUEAxhD63N9vfZSQ1t6PsMzhk7WRoYICPGnI9Mk1m0NZaOoXfzXb%2BV9arrkt9gu57HRI%2Fq%2FtkUmTbs%2FubyPifCqxfyvhpicQfTeOUHbV4tID8CuZrVZWpBsK4sgm%2BaqqLFE"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
846f85d908d12bf2-FRA
expires
Mon, 06 Jan 2025 15:10:03 GMT
style.css
3seclab.com/ 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://3seclab.com/style.css
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.70.101.28 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-70-101-28.eu-central-1.compute.amazonaws.com
Software
Netlify /
Resource Hash
493233eed7ae56c3ebdbda84aa21a05198a1af8d23ae7beac97152d6aa0abf38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3seclab.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nf-request-id
01HMBZHRTMSGB2J3R08DPAAKS5
date
Wed, 17 Jan 2024 15:10:03 GMT
content-encoding
br
strict-transport-security
max-age=31536000
server
Netlify
age
0
cache-status
"Netlify Edge"; fwd=miss
etag
"a4a38da75cdd932fcfbac41617fff2f8-ssl-df"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		148 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
db05e489350f13fb0929666ca6ca5bdb7958fe730494614532499ed08b95930b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3seclab.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:10:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51500
x-xss-protection
0
server
cafe
etag
16017833369009092496
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Wed, 17 Jan 2024 15:10:04 GMT
146318957-bd435e03-bfee-46d8-af7a-3128b021eedf.png
user-images.githubusercontent.com/56578913/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-images.githubusercontent.com/56578913/146318957-bd435e03-bfee-46d8-af7a-3128b021eedf.png
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8000::154 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub Cloud /
Resource Hash
4cff944fa0c249af468fe287e9e55f04a601f6b010eb93883bd3950549b4677a
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; sandbox;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3seclab.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-fastly-request-id
01cb3bd752e8e51324f4431da3241ff3607c27b6
date
Wed, 17 Jan 2024 15:10:04 GMT
via
1.1 varnish
x-content-type-options
nosniff
content-security-policy
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; sandbox;
strict-transport-security
max-age=31536000; includeSubDomains
age
0
x-cache
MISS
content-length
52244
x-served-by
cache-sof1510029-SOF
last-modified
Thu, 16 Dec 2021 06:22:01 GMT
server
GitHub Cloud
x-timer
S1705504204.734104,VS0,VE660
etag
"a2519939855c62a314f9571d43236d26"
content-type
image/png
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
https://github.com
x-cache-hits
0
146320614-f52b1d8b-9c01-4582-82c5-7aa1101e8171.png
user-images.githubusercontent.com/56578913/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-images.githubusercontent.com/56578913/146320614-f52b1d8b-9c01-4582-82c5-7aa1101e8171.png
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8000::154 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub Cloud /
Resource Hash
7d49863a484344c6ebf94f660baeea6cd41b4423cdc92fea215e807d166e99d5
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; sandbox;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3seclab.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-fastly-request-id
cfa8ce5d23b8b8cb98d52421ba5708178772ed42
date
Wed, 17 Jan 2024 15:10:03 GMT
via
1.1 varnish
x-content-type-options
nosniff
content-security-policy
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; sandbox;
strict-transport-security
max-age=31536000; includeSubDomains
age
0
x-cache
MISS
content-length
35060
x-served-by
cache-sof1510029-SOF
last-modified
Thu, 16 Dec 2021 06:37:18 GMT
server
GitHub Cloud
x-timer
S1705504204.734081,VS0,VE257
etag
"cbdd05e7b8447aa1974626e6729fbc50"
content-type
image/png
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
https://github.com
x-cache-hits
0
slick.min.js
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/ 		41 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick.min.js
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e02af7df9a190d88380e2dcec2050ecaa493ae2d23526dbeec67f6907df3a752
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3seclab.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:10:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
430962
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
9033
last-modified
Mon, 04 May 2020 16:16:21 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fd5-a3e1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pJU5b6X%2F7KehKeb5S7IJ2VJ%2BGSWsVuO62S9svkbuL%2FgJn%2BXAMqDZrKsKmd9rhDJJQaOxk0EIu4%2FlNJq7boGXm3OxJtzkXodScsqM9G2U7Q9wbooFbLITnJ9BFy4V2f9FyYEPoaDENQKhWpewdz373CE4"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
846f85db5bb72bf2-FRA
expires
Mon, 06 Jan 2025 15:10:04 GMT
drawSlider.js
3seclab.com/js/ 		1 KB
276 B 		Script
General
Check archive.org
Download Go to
Full URL
https://3seclab.com/js/drawSlider.js
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.70.101.28 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-70-101-28.eu-central-1.compute.amazonaws.com
Software
Netlify /
Resource Hash
6ec02d6a5d3091b1f85eff855d277d63ece9f09ac05a8458f0d2fa0f8a936ea1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3seclab.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nf-request-id
01HMBZHS8QC5QG9P1Q9VDQTTWV
date
Wed, 17 Jan 2024 15:10:04 GMT
content-encoding
br
strict-transport-security
max-age=31536000
server
Netlify
age
0
cache-status
"Netlify Edge"; fwd=miss
etag
"1aedf493379e67f46a8cebfa1e4ab0b3-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
content-length
185
odometer.min.js
3seclab.com/modules/odometer/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://3seclab.com/modules/odometer/odometer.min.js
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.70.101.28 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-70-101-28.eu-central-1.compute.amazonaws.com
Software
Netlify /
Resource Hash
03c1e188b884240e56a79c39b6918e16e9cfdf9b4ed4e84d5d8efe71fef778ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3seclab.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nf-request-id
01HMBZHS8RZD312QNRWKG74WQM
date
Wed, 17 Jan 2024 15:10:04 GMT
content-encoding
br
strict-transport-security
max-age=31536000
server
Netlify
age
0
cache-status
"Netlify Edge"; fwd=miss
etag
"1c53064714bb23fbec27f8949e004805-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
setSiteSize.js
3seclab.com/js/ 		183 B
270 B 		Script
General
Check archive.org
Download Go to
Full URL
https://3seclab.com/js/setSiteSize.js
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.70.101.28 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-70-101-28.eu-central-1.compute.amazonaws.com
Software
Netlify /
Resource Hash
5668fb08dc7b010e78933a488a9352bce5c049739ec0c765f9146d47880ae21c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3seclab.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nf-request-id
01HMBZHS8QG7AT541Z0SEHEGVG
date
Wed, 17 Jan 2024 15:10:04 GMT
strict-transport-security
max-age=31536000
server
Netlify
age
0
cache-status
"Netlify Edge"; fwd=miss
etag
"be986254427f8d31d499c0c4af2580b6-ssl"
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
content-length
183
pageView.js
3seclab.com/data/ 		1 KB
625 B 		Script
General
Check archive.org
Download Go to
Full URL
https://3seclab.com/data/pageView.js
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.70.101.28 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-70-101-28.eu-central-1.compute.amazonaws.com
Software
Netlify /
Resource Hash
a92dec929dbc475595813bb3f15358141c995a581ae241190dc472c898046cb9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3seclab.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nf-request-id
01HMBZHS8RZ73YP58HGD400Q6J
date
Wed, 17 Jan 2024 15:10:04 GMT
content-encoding
br
strict-transport-security
max-age=31536000
server
Netlify
age
0
cache-status
"Netlify Edge"; fwd=miss
etag
"7d1c80ac7b4a2ffddcba3d53d9630ff0-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
content-length
533
inputPageView.js
3seclab.com/js/ 		372 B
510 B 		Script
General
Check archive.org
Download Go to
Full URL
https://3seclab.com/js/inputPageView.js
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.70.101.28 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-70-101-28.eu-central-1.compute.amazonaws.com
Software
Netlify /
Resource Hash
0b5c28f4ec8eab536f573936aa731e9f4bf67f510cf86c6369d0469ec5a6ac16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3seclab.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nf-request-id
01HMBZHS8QMADR6NTAJPTDFES1
date
Wed, 17 Jan 2024 15:10:04 GMT
strict-transport-security
max-age=31536000
server
Netlify
age
0
cache-status
"Netlify Edge"; fwd=miss
etag
"7fcd41fc140f05b23556549006ae87d8-ssl"
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
content-length
372
thumbnail.js
3seclab.com/data/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://3seclab.com/data/thumbnail.js
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.70.101.28 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-70-101-28.eu-central-1.compute.amazonaws.com
Software
Netlify /
Resource Hash
4795994cb8db38d3b5982cbcd138a654f7a96bd6b4ca2d0b3b33b819610e253d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3seclab.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nf-request-id
01HMBZHS8RV11ZYZX2AF4SH226
date
Wed, 17 Jan 2024 15:10:04 GMT
content-encoding
br
strict-transport-security
max-age=31536000
server
Netlify
age
0
cache-status
"Netlify Edge"; fwd=miss
etag
"82e971cd68e5e2bcae2f1b36fd3f6343-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
inputNewList.js
3seclab.com/js/ 		746 B
835 B 		Script
General
Check archive.org
Download Go to
Full URL
https://3seclab.com/js/inputNewList.js
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.70.101.28 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-70-101-28.eu-central-1.compute.amazonaws.com
Software
Netlify /
Resource Hash
c569682705465762d14563bf726433c8567982e4b82f6d557d0f51b8725b5e97
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3seclab.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nf-request-id
01HMBZHS8QJFXFFGZXJTC5N8NF
date
Wed, 17 Jan 2024 15:10:04 GMT
strict-transport-security
max-age=31536000
server
Netlify
age
0
cache-status
"Netlify Edge"; fwd=miss
etag
"9445774715f8294c29d6871c949fa231-ssl"
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
content-length
746
inputHotList.js
3seclab.com/js/ 		571 B
657 B 		Script
General
Check archive.org
Download Go to
Full URL
https://3seclab.com/js/inputHotList.js
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.70.101.28 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-70-101-28.eu-central-1.compute.amazonaws.com
Software
Netlify /
Resource Hash
1e602c28eb1cd6264b9d101f790d012aa35863dbe826beace0648a588b523fb4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3seclab.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nf-request-id
01HMBZHS8R8PCX0H2KK83T6T14
date
Wed, 17 Jan 2024 15:10:04 GMT
strict-transport-security
max-age=31536000
server
Netlify
age
0
cache-status
"Netlify Edge"; fwd=miss
etag
"313d6c62a426a609f0023a5d2482d140-ssl"
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
content-length
571
inputAiList.js
3seclab.com/js/ 		487 B
574 B 		Script
General
Check archive.org
Download Go to
Full URL
https://3seclab.com/js/inputAiList.js
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.70.101.28 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-70-101-28.eu-central-1.compute.amazonaws.com
Software
Netlify /
Resource Hash
b61357b10f6ecbaa86914307307d2bbd03939ad047661b33722ea8aa2b08efb4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3seclab.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nf-request-id
01HMBZHS8R74XW8Q5ZKP50FXAD
date
Wed, 17 Jan 2024 15:10:04 GMT
strict-transport-security
max-age=31536000
server
Netlify
age
0
cache-status
"Netlify Edge"; fwd=miss
etag
"7dba1fdcf110ce989abdf0077faa2508-ssl"
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
content-length
487
inputFeedList.js
3seclab.com/js/ 		642 B
730 B 		Script
General
Check archive.org
Download Go to
Full URL
https://3seclab.com/js/inputFeedList.js
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.70.101.28 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-70-101-28.eu-central-1.compute.amazonaws.com
Software
Netlify /
Resource Hash
741439021c6759db793fd978c0028df74867e8671d048da5b06f05d875a3b4d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3seclab.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nf-request-id
01HMBZHS8Q6R53GRR2HD7AYYVD
date
Wed, 17 Jan 2024 15:10:04 GMT
strict-transport-security
max-age=31536000
server
Netlify
age
0
cache-status
"Netlify Edge"; fwd=miss
etag
"ff466c50c5d8bf037063db3e89cb66f1-ssl"
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
content-length
642
inputImage.js
3seclab.com/js/ 		743 B
830 B 		Script
General
Check archive.org
Download Go to
Full URL
https://3seclab.com/js/inputImage.js
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.70.101.28 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-70-101-28.eu-central-1.compute.amazonaws.com
Software
Netlify /
Resource Hash
9d4fcb4aa905905b607e24ad048a59dbb263c61a5ec3801df124d9afc2349220
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3seclab.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nf-request-id
01HMBZHS9YN2FWKJ9VBXH1MJAF
date
Wed, 17 Jan 2024 15:10:04 GMT
strict-transport-security
max-age=31536000
server
Netlify
age
0
cache-status
"Netlify Edge"; fwd=miss
etag
"e08ce0b8f9120025327c245d7ea70564-ssl"
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
content-length
743
gtag.js
3seclab.com/js/ 		2 KB
573 B 		Script
General
Check archive.org
Download Go to
Full URL
https://3seclab.com/js/gtag.js
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.70.101.28 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-70-101-28.eu-central-1.compute.amazonaws.com
Software
Netlify /
Resource Hash
68823139906c0cb7f53b790ec44c83511ae580884759f103fa25322548c53d8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3seclab.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-nf-request-id
01HMBZHS9YP0XCCPJSKQQXF2K3
date
Wed, 17 Jan 2024 15:10:04 GMT
content-encoding
br
strict-transport-security
max-age=31536000
server
Netlify
age
0
cache-status
"Netlify Edge"; fwd=miss
etag
"e57fc08876db773ba4ff5cf0ba071f2a-ssl-df"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=0,must-revalidate
accept-ranges
bytes
content-length
481
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401110101/ 		402 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7052384650666721&plah=3seclab.com&bust=31080431
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7052384650666721
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e8db9866a2f31276fbad78de2dee127539b8248b1d50bc0e00c940ebc3a286e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3seclab.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:10:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
139523
x-xss-protection
0
server
cafe
etag
14501959912192137678
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 15:10:04 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240116/r20190131/ Frame DCD7 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240116/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7052384650666721
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3seclab.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
81379
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4173
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 16 Jan 2024 16:33:44 GMT
etag
9219409622527106327
expires
Tue, 30 Jan 2024 16:33:44 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.google-analytics.com/g/ 		0
242 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-B3CW348TC4&gtm=45je41a0v874379345&_p=1705504203599&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=440884274.1705504204&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1705504203&sct=1&seg=0&dl=https%3A%2F%2F3seclab.com%2F&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=544
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B3CW348TC4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3seclab.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:03 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://3seclab.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
free.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ 		59 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=ebfafc2eb8
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/ebfafc2eb8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3seclab.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:10:03 GMT
via
1.1 08b9c2fd11813ffdb8fa03129d0a465c.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C2
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QOIEt4mWyWisDEUAXNdCSWCAOopvzxZlxkJPVGNAIbaoHFqdw84PZgJXMaG7YP5yAEWzLQv0XGR5m4LnURFNkH5J5M48G3Qm%2FAfdiAYB3Xj7t%2FL7Remk1BAGy9cRrlxmavO1exa3GwAEMQkViIH85vMPEg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
846f85dae80935f6-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
N3l3JC-fVxsKR2jbmDm6F_676e0eY5XxUCbRdHWA6fbHzxwkx2f8-Q==
free-v4-shims.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ 		26 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=ebfafc2eb8
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/ebfafc2eb8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3seclab.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:10:03 GMT
via
1.1 8fd360cd20d33fa1400394ae41746f66.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C2
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
W/"76f34b71fc9fb641507ff6a822cc07f5"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QUyrq25ZTN8oLw32ga0InFTGXHOjNz9KrxRjzlHq9SHBNgIpWk9gWko2670Ez%2ByeVpyJVZ0HpnQ5a0%2BYuSWf6n2qO0gjsWnOrF85NC%2B0Pe5LpKYsP4QqGtMaBSRn%2Bse4BUnaTEt%2FTVjqVLOYMU1pK6KdXA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
846f85dae80535f6-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
muLf-7cMUrmK4oTXE44YpozGP_u9bri13UOzArhVUxNbZIPPmh-Jrg==
free-v4-font-face.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ 		3 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=ebfafc2eb8
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/ebfafc2eb8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3seclab.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:10:03 GMT
via
1.1 a4af9b42c2ec29f616825af32712c204.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C2
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dACunG8owowb6zMEMAnEGDdABp%2F4yCRICCNZZztlpzXXV7fmRj8vYbZSKUVdZ5UZIXvCBytfr%2FdYYpdgegr5PADcmNcc0s7V34vVlKvIayYOcs9E9zfvqRTFoA%2Bl8phH5ov60W4AhttEtguKqYWm5T%2BQPA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
846f85dae80735f6-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
Pw3Af3Z-_YWq_1so4k4fmqa_WvPkLkP7AswLKTsO9rkstTQ191litg==
loader.js
cdn.taboola.com/libtrc/3seconds-3seclab/ 		166 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/3seconds-3seclab/loader.js
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bbebb6b5589a2b23572a79aef21e82a63632d23aad06cef36c5941170961009a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3seclab.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
VQeJYrQXEEie4YOAGKIi1tOnRKJpxqrz
content-encoding
gzip
via
1.1 varnish
date
Wed, 17 Jan 2024 15:10:04 GMT
x-amz-request-id
S7BFK0MCYCQNGEN0
age
0
x-amz-server-side-encryption
AES256
x-cache
MISS
x-amz-replication-status
FAILED
content-length
45888
x-amz-id-2
BWV4mvSbdwL+/SjZ4GF1i+kIODaR5Jf/G6tEVqoGOPhfFfXlcW4ygixJsoGF1N5mTEM7w4Zk5VE=
x-served-by
cache-fra-etou8220093-FRA
last-modified
Tue, 16 Jan 2024 11:00:04 GMT
server
AmazonS3
x-timer
S1705504204.143050,VS0,VE561
etag
"ad9a89d86f4df4299540a49312592dbc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
85
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
0
NanumSquareB.woff2
cdn.jsdelivr.net/gh/moonspam/NanumSquare@master/ 		156 KB
157 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/moonspam/NanumSquare@master/NanumSquareB.woff2
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/moonspam/NanumSquare@master/nanumsquare.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
557db5123dcc2dce86e6af5a6279d127562748d5add45a6dd68ac06309a6d56e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cdn.jsdelivr.net/gh/moonspam/NanumSquare@master/nanumsquare.css
Origin
https://3seclab.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:10:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
26695
x-jsd-version
master
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
159952
x-served-by
cache-fra-eddf8230024-FRA
x-jsd-version-type
branch
server
cloudflare
etag
W/"270d0-PjHsWUKbpna5gn+zGQ75rcYKLXA"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=14meMeOPyXiBay1KUZTr2ucQbSFVpwWCaDqMD5Gv7wHAl9rXzOL9pums8yMq8AU08ZKY1I%2BwDZkZlZKiGMImg8Zgba3x2aVj%2BiJCR3pGH%2BSax1fHsqsFvcVOIBnUm4VpD52bPrAFuq6oepf9O6Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
cf-ray
846f85db9c2e1d96-FRA
NanumSquareR.woff2
cdn.jsdelivr.net/gh/moonspam/NanumSquare@master/ 		155 KB
156 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/moonspam/NanumSquare@master/NanumSquareR.woff2
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/moonspam/NanumSquare@master/nanumsquare.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25c076b9d2b3097de9315dcd24e09324921fa9a438254dfaf12fb4aa86ae87a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cdn.jsdelivr.net/gh/moonspam/NanumSquare@master/nanumsquare.css
Origin
https://3seclab.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:10:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2210
x-jsd-version
master
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
158816
x-served-by
cache-fra-eddf8230052-FRA
x-jsd-version-type
branch
server
cloudflare
etag
W/"26c60-TNdvvdgfBSy11vuVOZiBhKJo0dM"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DXXrQcgIf%2FdnZwZVzE4e7NnCbugeBQiVNf3MmKynqs9HD5YVW%2FEc0nrVxzAdwnlZgM9%2FFyB5VNh5dcaFva%2F8C4OxTA79qiHZC2fc5CUX3rA4Xj4ET0sbXmDab5IBhUWBZhVGZ40hljzzXdYDQ50%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
cf-ray
846f85db9c2d1d96-FRA
free-fa-brands-400.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-brands-400.woff2
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5be0732ab1cc16692e165a7950810f0c772e400f6a2f63e1026a0b938016813

Request headers

Referer
https://3seclab.com/
Origin
https://3seclab.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:10:04 GMT
via
1.1 2e4a0520ad8fe16707823b20e9441e08.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C2
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
76736
last-modified
Wed, 04 Aug 2021 18:58:24 GMT
server
cloudflare
etag
"4f5ec865a8274ab291b6a42b5f70639e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bcc9H2O1CNMUjr9HhXPhHzUw%2FtTQhfdudoZ2heGJ3SJtsjamkHcfpYG5XpBJKdMoLeIPRTTFt5JrFOQOuYC2TW1yvQKddPhbekwJoOFRrI5dl04xqAk1F2a8A0YNvYjUzZ8YiWaE7nqP9aqoyhdj7VhPiA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
846f85db58af35f6-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
oJVa1Dk0VMdYmptt0Kx3WYWfk1Mldky3UsD35LTtib_hm7HoBdywdQ==
free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ 		76 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-solid-900.woff2
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e4::ac40:a407 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7

Request headers

Referer
https://3seclab.com/
Origin
https://3seclab.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:10:04 GMT
via
1.1 8fd360cd20d33fa1400394ae41746f66.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-C2
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
78168
last-modified
Wed, 04 Aug 2021 18:58:24 GMT
server
cloudflare
etag
"a9fd1225fb2cd32320e2b931dca01089"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LwDfvtFSuuzNu0i0I2DQOCEWEH7GyKMPCUBA3zNBF8xqNIls0hMyHaaBdjwlSB9ap9Wtj6%2FeIUym%2Fs25omxcv3LNZtWB7inEO1bt8rKa%2FYTSuMMQjU1jWm1i1wiDizUStah8HnSNSSZTpiqIADxvZYodWw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
846f85db58b135f6-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
axsVLriICQmtbz8ZpaeefhfE1hcUFWcFFMlU6b65h0woZOE4KghU1A==
NanumSquareEB.woff2
cdn.jsdelivr.net/gh/moonspam/NanumSquare@master/ 		157 KB
158 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/moonspam/NanumSquare@master/NanumSquareEB.woff2
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/moonspam/NanumSquare@master/nanumsquare.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0b9241b80d62fb8c916c74e58c2f6ab6613dcff3c4d57a248ddac950a389bc8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cdn.jsdelivr.net/gh/moonspam/NanumSquare@master/nanumsquare.css
Origin
https://3seclab.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:10:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
28117
x-jsd-version
master
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
161228
x-served-by
cache-fra-eddf8230105-FRA
x-jsd-version-type
branch
server
cloudflare
etag
W/"275cc-jKBVeQ57msrQIhqis7oyO7lfsU4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2S%2Bv7rRfW7ZybCeisY20qJJxZbLXZHvS%2Bx4KlVqelAlUv17XDjUXQ15AyGJS5OfT045%2Bis8mRW6tNfcGn%2FaJEdvkdf8yKMD9MersMOjroOTtak18JKr0jeth1lHi3dwyInk7tiZm7D0ISAqQb%2B4%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
cf-ray
846f85db9c2f1d96-FRA
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-B3CW348TC4&gtm=45je41a0v874379345&_p=1705504203599&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=440884274.1705504204&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1705504203&sct=1&seg=0&dl=https%3A%2F%2F3seclab.com%2F&dt=&en=scroll&epn.percent_scrolled=90&_et=2&tfd=722
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B3CW348TC4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3seclab.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:04 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://3seclab.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
179460288-792f39f4-44f8-4ab7-9cbf-552c2fa73b66.png
user-images.githubusercontent.com/56578913/ 		484 KB
484 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-images.githubusercontent.com/56578913/179460288-792f39f4-44f8-4ab7-9cbf-552c2fa73b66.png
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8000::154 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub Cloud /
Resource Hash
1a36bb8fc87d6ebbd8579170033ee9c926c731476bd7281f05431edd367e0a01
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; sandbox;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3seclab.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-fastly-request-id
2b12d79ca1e274e50ec8953ac5c875ea9650d965
date
Wed, 17 Jan 2024 15:10:05 GMT
via
1.1 varnish
x-content-type-options
nosniff
content-security-policy
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; sandbox;
strict-transport-security
max-age=31536000; includeSubDomains
age
0
x-cache
MISS
content-length
495251
x-served-by
cache-sof1510029-SOF
last-modified
Mon, 18 Jul 2022 07:07:37 GMT
server
GitHub Cloud
x-timer
S1705504204.335177,VS0,VE978
etag
"d999a15132535e1c46da05f46aed2b5b"
content-type
image/png
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
https://github.com
x-cache-hits
0
169772031-11deca5e-7c8c-427b-8775-3b3369650b1c.png
user-images.githubusercontent.com/56578913/ 		133 KB
133 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-images.githubusercontent.com/56578913/169772031-11deca5e-7c8c-427b-8775-3b3369650b1c.png
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8000::154 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub Cloud /
Resource Hash
3b5c81d74cb3cd963e359ca75955b3e838091e2660f4a793fb898e37b0bd11bc
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; sandbox;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3seclab.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-fastly-request-id
c3082b22a6d2bb74d919b01584768481b41ffa6a
date
Wed, 17 Jan 2024 15:10:05 GMT
via
1.1 varnish
x-content-type-options
nosniff
content-security-policy
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; sandbox;
strict-transport-security
max-age=31536000; includeSubDomains
age
0
x-cache
MISS
content-length
136156
x-served-by
cache-sof1510029-SOF
last-modified
Mon, 23 May 2022 08:00:15 GMT
server
GitHub Cloud
x-timer
S1705504204.336382,VS0,VE703
etag
"b57ab02a4a4870ae1b2ed2f7668bb1a1"
content-type
image/png
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
https://github.com
x-cache-hits
0
169772037-ddbbb984-1dff-4a61-a8fc-053060745990.png
user-images.githubusercontent.com/56578913/ 		139 KB
140 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-images.githubusercontent.com/56578913/169772037-ddbbb984-1dff-4a61-a8fc-053060745990.png
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8000::154 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub Cloud /
Resource Hash
ce3226a134c0d881ca75d7d39878a259693effa7596c6abc27f0202bd37aab31
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; sandbox;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3seclab.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-fastly-request-id
5c3dc94b12f25d828d7983c55deda599b85aa3ba
date
Wed, 17 Jan 2024 15:10:05 GMT
via
1.1 varnish
x-content-type-options
nosniff
content-security-policy
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; sandbox;
strict-transport-security
max-age=31536000; includeSubDomains
age
0
x-cache
MISS
content-length
142639
x-served-by
cache-sof1510029-SOF
last-modified
Mon, 23 May 2022 08:00:17 GMT
server
GitHub Cloud
x-timer
S1705504204.336452,VS0,VE775
etag
"c41529132b5754badbd970233182bd7a"
content-type
image/png
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
https://github.com
x-cache-hits
0
169772050-478fe924-4f62-4379-b714-ab9c5e917117.png
user-images.githubusercontent.com/56578913/ 		152 KB
152 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-images.githubusercontent.com/56578913/169772050-478fe924-4f62-4379-b714-ab9c5e917117.png
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8000::154 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub Cloud /
Resource Hash
c03f6158c284d3307c734ac656acfa057ff7db01064ff75aaf340568921de738
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; sandbox;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3seclab.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-fastly-request-id
cc8d5f9d24f9f14414baa8df37207c2d81ae1b87
date
Wed, 17 Jan 2024 15:10:05 GMT
via
1.1 varnish
x-content-type-options
nosniff
content-security-policy
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; sandbox;
strict-transport-security
max-age=31536000; includeSubDomains
age
0
x-cache
MISS
content-length
155438
x-served-by
cache-sof1510029-SOF
last-modified
Mon, 23 May 2022 08:00:19 GMT
server
GitHub Cloud
x-timer
S1705504204.336598,VS0,VE867
etag
"2d17df45dbb7dd5d6b7adc4679fde934"
content-type
image/png
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
https://github.com
x-cache-hits
0
169772044-547cb317-ff1a-4d1f-893e-94ce7da37858.png
user-images.githubusercontent.com/56578913/ 		135 KB
135 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-images.githubusercontent.com/56578913/169772044-547cb317-ff1a-4d1f-893e-94ce7da37858.png
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8000::154 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub Cloud /
Resource Hash
91646ad7616b3dc8e741bba8115e98c73478008c31d0c4ccc124adb057af98c6
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; sandbox;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3seclab.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-fastly-request-id
56261bf68cafa1fcb258cee446d7c21c1bd119ee
date
Wed, 17 Jan 2024 15:10:05 GMT
via
1.1 varnish
x-content-type-options
nosniff
content-security-policy
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; sandbox;
strict-transport-security
max-age=31536000; includeSubDomains
age
0
x-cache
MISS
content-length
137829
x-served-by
cache-sof1510029-SOF
last-modified
Mon, 23 May 2022 08:00:18 GMT
server
GitHub Cloud
x-timer
S1705504204.336405,VS0,VE759
etag
"570b0f634921ef43a2482e8100967d71"
content-type
image/png
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
https://github.com
x-cache-hits
0
169772034-e3975d29-55a9-443e-991e-da209ec8ec74.png
user-images.githubusercontent.com/56578913/ 		148 KB
148 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-images.githubusercontent.com/56578913/169772034-e3975d29-55a9-443e-991e-da209ec8ec74.png
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8000::154 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub Cloud /
Resource Hash
f212cb39e6ab513d00fd32320d69f2f8841fa3175b2f9735b910fa818d9218be
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; sandbox;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3seclab.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-fastly-request-id
6b9ce107e52de1e099e9c52791e659d8f96fa815
date
Wed, 17 Jan 2024 15:10:05 GMT
via
1.1 varnish
x-content-type-options
nosniff
content-security-policy
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; sandbox;
strict-transport-security
max-age=31536000; includeSubDomains
age
0
x-cache
MISS
content-length
151065
x-served-by
cache-sof1510029-SOF
last-modified
Mon, 23 May 2022 08:00:16 GMT
server
GitHub Cloud
x-timer
S1705504204.336400,VS0,VE895
etag
"aea73b9857cf80e5d53ab9fb1855a83e"
content-type
image/png
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
https://github.com
x-cache-hits
0
169772042-deb374ea-263d-402d-9765-1e0c59887413.png
user-images.githubusercontent.com/56578913/ 		140 KB
140 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-images.githubusercontent.com/56578913/169772042-deb374ea-263d-402d-9765-1e0c59887413.png
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8000::154 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub Cloud /
Resource Hash
8225101a9126f083f13d195309b9ac0250a44f2614240c2bf99575135d41cc2a
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; sandbox;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3seclab.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-fastly-request-id
1d05e22498e3caf1f535c957c65cf21b64794505
date
Wed, 17 Jan 2024 15:10:05 GMT
via
1.1 varnish
x-content-type-options
nosniff
content-security-policy
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; sandbox;
strict-transport-security
max-age=31536000; includeSubDomains
age
0
x-cache
MISS
content-length
143497
x-served-by
cache-sof1510029-SOF
last-modified
Mon, 23 May 2022 08:00:18 GMT
server
GitHub Cloud
x-timer
S1705504204.336373,VS0,VE778
etag
"ca1432920737f1196aa188bbec85e9e9"
content-type
image/png
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
https://github.com
x-cache-hits
0
169772048-d4ae2666-5980-4052-892d-312fbc70ca38.png
user-images.githubusercontent.com/56578913/ 		131 KB
131 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-images.githubusercontent.com/56578913/169772048-d4ae2666-5980-4052-892d-312fbc70ca38.png
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8000::154 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub Cloud /
Resource Hash
3568df73646f1293690093987be25d4e1093490ffdaaae67f7df1e4cd24b3daa
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; sandbox;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3seclab.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-fastly-request-id
e091eee6135de5b30d295dc69d88d16ff0e44bb3
date
Wed, 17 Jan 2024 15:10:05 GMT
via
1.1 varnish
x-content-type-options
nosniff
content-security-policy
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; sandbox;
strict-transport-security
max-age=31536000; includeSubDomains
age
0
x-cache
MISS
content-length
134113
x-served-by
cache-sof1510029-SOF
last-modified
Mon, 23 May 2022 08:00:19 GMT
server
GitHub Cloud
x-timer
S1705504204.336198,VS0,VE746
etag
"008115bd8d8d87a48f501db33ded1b76"
content-type
image/png
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
https://github.com
x-cache-hits
0
169772024-bf876e5e-f8c1-4feb-ba34-d92e967b894a.png
user-images.githubusercontent.com/56578913/ 		109 KB
110 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-images.githubusercontent.com/56578913/169772024-bf876e5e-f8c1-4feb-ba34-d92e967b894a.png
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8000::154 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub Cloud /
Resource Hash
d621f700fc53936c24ba89acc2c9990fe9ab9f8278b999dbe86c35776bf55145
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; sandbox;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3seclab.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-fastly-request-id
aeaeb6d3823e92841a7eac3a5fa198fd1860cbda
date
Wed, 17 Jan 2024 15:10:05 GMT
via
1.1 varnish
x-content-type-options
nosniff
content-security-policy
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; sandbox;
strict-transport-security
max-age=31536000; includeSubDomains
age
0
x-cache
MISS
content-length
112058
x-served-by
cache-sof1510029-SOF
last-modified
Mon, 23 May 2022 08:00:14 GMT
server
GitHub Cloud
x-timer
S1705504204.336182,VS0,VE763
etag
"a3b128b21fd1ec02393b301fcf885e22"
content-type
image/png
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
https://github.com
x-cache-hits
0
169772020-b77d826c-13dc-457e-91dc-153b1d52c7d3.png
user-images.githubusercontent.com/56578913/ 		143 KB
143 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-images.githubusercontent.com/56578913/169772020-b77d826c-13dc-457e-91dc-153b1d52c7d3.png
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8000::154 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub Cloud /
Resource Hash
d101da11bbbc29d5ab5fb660f968a4d49f63b25ce66577d10ec7bb8e576f9ab4
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; sandbox;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3seclab.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-fastly-request-id
d5832ff5ac96d07a08d9b7e093ef77e2e157ff40
date
Wed, 17 Jan 2024 15:10:05 GMT
via
1.1 varnish
x-content-type-options
nosniff
content-security-policy
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; sandbox;
strict-transport-security
max-age=31536000; includeSubDomains
age
0
x-cache
MISS
content-length
146045
x-served-by
cache-sof1510029-SOF
last-modified
Mon, 23 May 2022 08:00:14 GMT
server
GitHub Cloud
x-timer
S1705504204.336172,VS0,VE841
etag
"fd2b73933438a0ab3dfb5ac8a53d836e"
content-type
image/png
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
https://github.com
x-cache-hits
0
169772015-967b8b5d-d487-41db-8605-57d7345800aa.png
user-images.githubusercontent.com/56578913/ 		77 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-images.githubusercontent.com/56578913/169772015-967b8b5d-d487-41db-8605-57d7345800aa.png
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8000::154 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub Cloud /
Resource Hash
0ad172fa0a6b2994671e3fc1fcbb4c6095871df345ee14de6e06a4c771b96ae3
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; sandbox;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3seclab.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-fastly-request-id
9d1431e907ca6482b1a1abca8f3ebbd15f667f4a
date
Wed, 17 Jan 2024 15:10:05 GMT
via
1.1 varnish
x-content-type-options
nosniff
content-security-policy
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; sandbox;
strict-transport-security
max-age=31536000; includeSubDomains
age
0
x-cache
MISS
content-length
79076
x-served-by
cache-sof1510029-SOF
last-modified
Mon, 23 May 2022 08:00:13 GMT
server
GitHub Cloud
x-timer
S1705504204.391902,VS0,VE839
etag
"b87132d799753ebff0183482879e92dd"
content-type
image/png
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
https://github.com
x-cache-hits
0
169772029-38aa8557-3124-448d-957a-4e9e5ad90407.png
user-images.githubusercontent.com/56578913/ 		109 KB
109 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-images.githubusercontent.com/56578913/169772029-38aa8557-3124-448d-957a-4e9e5ad90407.png
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8000::154 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub Cloud /
Resource Hash
b92e3b279a432124a580b446aa03604a19e0ce77bf5d3449420281068b069e27
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; sandbox;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3seclab.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-fastly-request-id
f4bd6e6d2a6a5e669d6d930e6253dac97ba09a19
date
Wed, 17 Jan 2024 15:10:04 GMT
via
1.1 varnish
x-content-type-options
nosniff
content-security-policy
default-src 'none'; script-src 'none'; img-src 'self'; media-src 'self'; sandbox;
strict-transport-security
max-age=31536000; includeSubDomains
age
0
x-cache
MISS
content-length
111780
x-served-by
cache-sof1510029-SOF
last-modified
Mon, 23 May 2022 08:00:15 GMT
server
GitHub Cloud
x-timer
S1705504204.391989,VS0,VE413
etag
"870be106df9eee1583da8fed3d276cce"
content-type
image/png
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
https://github.com
x-cache-hits
0
rum_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240116/r20110914/ 		56 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240116/r20110914/rum_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7052384650666721&plah=3seclab.com&bust=31080431
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0de7c1baa53cac77e11a5e964537c7b2e020c1abd1f8eda3570444527900e197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3seclab.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 22:32:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
59848
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22100
x-xss-protection
0
server
cafe
etag
8357267284043651653
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 30 Jan 2024 22:32:36 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 277E 		372 KB
71 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052384650666721&output=html&adk=1812271804&adf=3025194257&lmt=1705504204&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1048576%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x1080_l%7C500x1080_r&format=0x0&url=https%3A%2F%2F3seclab.com%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.5&asamct=0.5&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705504203825&bpp=214&bdt=243&idt=524&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7814081595830&rume=1&frm=20&pv=2&ga_vid=440884274.1705504204&ga_sid=1705504204&ga_hid=1558612209&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31080431%2C95320892%2C95321627%2C95322163%2C95322325%2C31061691%2C31061692&oid=2&pvsid=593978333931182&tmod=1091228091&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=541
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7052384650666721&plah=3seclab.com&bust=31080431
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9eb3bf3e8c6ea320509db483e9e683ef91b7cbd05243f4b5768c4e315680aea1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3seclab.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
72564
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 17 Jan 2024 15:10:05 GMT
expires
Wed, 17 Jan 2024 15:10:05 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 2C2B 		40 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052384650666721&output=html&h=280&slotname=8309648592&adk=3127313283&adf=97736722&pi=t.ma~as.8309648592&w=1200&fwrn=4&fwrnh=100&lmt=1705504204&rafmt=1&format=1200x280&url=https%3A%2F%2F3seclab.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705504204039&bpp=7&bdt=457&idt=330&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7814081595830&rume=1&frm=20&pv=1&ga_vid=440884274.1705504204&ga_sid=1705504204&ga_hid=1558612209&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=3706&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31080431%2C95320892%2C95321627%2C95322163%2C95322325%2C31061691%2C31061692&oid=2&pvsid=593978333931182&tmod=1091228091&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=1152&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=334
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7052384650666721&plah=3seclab.com&bust=31080431
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6044993035a5c3b9ae5ae01dbd877ae12c7db7b9ce14537c9ba74149dc89c063
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3seclab.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
15901
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 17 Jan 2024 15:10:04 GMT
expires
Wed, 17 Jan 2024 15:10:04 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ajax-loader.gif
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/ajax-loader.gif
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick-theme.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick-theme.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:10:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2929034
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3208
last-modified
Mon, 04 May 2020 16:16:21 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fd5-1052"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1jDcdLIdCrhJmgC7GrKJe6amCjZKtomjf0H3eHcHNbznKIQ9S%2Fe%2FzwPUaqyUhFg5vNc%2Bfn1XpHDUmt6PGsBLxz9VHt%2F7R24rBBPo0CMPWfJkZB5PluZu2pgflX1uO5I31ZFqEAHgFSENkBTStXKqf8sJ"}],"group":"cf-nel","max_age":604800}
content-type
image/gif; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
846f85dd8af637fd-FRA
expires
Mon, 06 Jan 2025 15:10:04 GMT
impl.20240116-10-RELEASE.js
cdn.taboola.com/libtrc/ 		835 KB
173 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20240116-10-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/3seconds-3seclab/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
72afec3698db07b794eebd045a464c969c7e4a0fbbd7cacc64ea63a41c2554f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3seclab.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
ahsTRc8v7lZn4KaIkAvcEZ3Y7tqK1kIf
content-encoding
br
via
1.1 varnish
date
Wed, 17 Jan 2024 15:10:04 GMT
x-amz-request-id
81T0MVTP66YYNE8F
age
16510
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
176756
x-amz-id-2
V0h9yQK69NT8vsKksVVL/FAYtycwZJ9i3j94g1XLKHV2e1AXmntywTIToMbHuqBB0OJd0dKzahQ=
x-served-by
cache-fra-etou8220093-FRA
last-modified
Tue, 16 Jan 2024 10:34:55 GMT
server
AmazonS3-br
x-timer
S1705504205.794617,VS0,VE0
etag
"c6f23726d4c9c98b8637964ab9544d5c"
vary
Accept-Encoding
content-type
application/javascript
abp
91
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
56485
afr.php
ads.eu.criteo.com/delivery/r/ Frame 5A3B 		139 KB
48 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaftzAAHSfAIjpMfAATrsTNCspt873sIeBAbPw&u=%7CvxOjmpYt4c5bWNppj4a%2FcATBqo9ouGngG0TmeF5gn5o%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86wfSmyRjLjQ2HlU1snrP-kKGzdzDuHb3ffNqbpvK0_-3myhivls6z-eT_707RfgKbR8RiA0vQe5r5udZ7kOeUKLBKxw_uoTtN80_Ykd7-ZeAFSAC0P4YbG2OLzLbZzBJIu29H6cIx5VPybDOhRfaYBfFBbcJNWIxdybf8QG67I-ZH-wj0Ewr9XCaJLN8ekfKA6IWGUoLqQcie5NYXxfisZPrCsCB35C5wN8AKIMJV4sqQRTBX3vZJXUEhXVX_jaKS_12uWtKY5roMCV4xyQp42zME8CsFh1yuQP9vM2i-ttyzUJIFor484ipyitoELBZQ78x8_xOWQ2dxMloUGtaWLk0pxubP1IAeScNNHSLHRcvejGwjaQJJbN6YtNex4jBMGrZ6zBYTx1tKaU5MI84yLT2FqGvfvFmdAjJoxbyOpEi7Uw5o8cq5SoGgw8e8ruFQ-E0dj6iNcdAu6Buz8cpUl5WsSfSK-e1WduNcSqCTntnuwGNABt7ygR4lcXJyClGsu7hBhWvjV0LyzncxLtv337GR6EZ7lz6VdxVbNwjP7wcft2tOiLoZq08faEjWKWWJC5EooCJEaBo5DuiZgyHu7U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQdcbzO2nZfCTHZ-muvQPsdeT0AvJntKxXLWY49aTAcCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi03MDUyMzg0NjUwNjY2NzIxyAEJqQJTBsBb_z-yPqgDAcgDAqoE3AFP0CWYPcdQ3NTXTZlUpBa__eY_B9kHRSmEO0wpEV3umIVLST3tOJwtG9kSr-pS6fkT0bSKmVHnx8xZ_xLYJnq3UvvvbzAtTVV31VRKf2qwEjYOgMJZynNAyx8yoxhKCza4Uiu0UGpmnibm-6PtPns8ng29vtYiYEAfHCz94tkvAFTkhe7_v_Ret_FeIn-fZ0am2-551jGcTEQ_JXSgjkBbuDsHgjvRur67-78erJ6bUPwtngnEdSmJh1CIxRDmWzluTSCuC7_wrJN3ttEzKkyC0W8Gh9dCAsCh-_ttgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYtvKQotrkgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3Bqm_lEAp3k2R6jEV3mV600ymZRA%26client%3Dca-pub-7052384650666721%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052384650666721&output=html&h=280&slotname=8309648592&adk=3127313283&adf=97736722&pi=t.ma~as.8309648592&w=1200&fwrn=4&fwrnh=100&lmt=1705504204&rafmt=1&format=1200x280&url=https%3A%2F%2F3seclab.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705504204039&bpp=7&bdt=457&idt=330&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7814081595830&rume=1&frm=20&pv=1&ga_vid=440884274.1705504204&ga_sid=1705504204&ga_hid=1558612209&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=3706&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31080431%2C95320892%2C95321627%2C95322163%2C95322325%2C31061691%2C31061692&oid=2&pvsid=593978333931182&tmod=1091228091&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=1152&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=334
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
8813fcb15abbbd087e06127a9a31efeaf6a73a842c4571a29d54c98a967fb6ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Wed, 17 Jan 2024 15:10:04 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=AV5FQwjvnEF7U5QrOUcAzCR16N1XVR6_EOUVjPbw5PcbqxC64dkQ1jXYexDQyBwI43S6NPzBn62SSrc0H35pF6BJbScEI3FLwZLmHoPzsFMqALJf5---XgwY-EZKMOnVj9ossspLrHSxIBYxOgfDEeDl0VdGUgiQTDeRXD0LDvLzCxd8Y2VwJIRwGgAiw30_gnYBG9uwjBQY_bk4rt43A4F4uxY0PlfNZcKbVaSGYW_IOVfWFO_WD_bi49IZhdZFWiNqUg"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
68487524
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240116/r20110914/client/ Frame 2C2B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240116/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052384650666721&output=html&h=280&slotname=8309648592&adk=3127313283&adf=97736722&pi=t.ma~as.8309648592&w=1200&fwrn=4&fwrnh=100&lmt=1705504204&rafmt=1&format=1200x280&url=https%3A%2F%2F3seclab.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705504204039&bpp=7&bdt=457&idt=330&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7814081595830&rume=1&frm=20&pv=1&ga_vid=440884274.1705504204&ga_sid=1705504204&ga_hid=1558612209&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=3706&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31080431%2C95320892%2C95321627%2C95322163%2C95322325%2C31061691%2C31061692&oid=2&pvsid=593978333931182&tmod=1091228091&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=1152&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=334
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:31:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
2334
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 31 Jan 2024 14:31:10 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240116/r20110914/client/ Frame 2C2B 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240116/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052384650666721&output=html&h=280&slotname=8309648592&adk=3127313283&adf=97736722&pi=t.ma~as.8309648592&w=1200&fwrn=4&fwrnh=100&lmt=1705504204&rafmt=1&format=1200x280&url=https%3A%2F%2F3seclab.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705504204039&bpp=7&bdt=457&idt=330&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7814081595830&rume=1&frm=20&pv=1&ga_vid=440884274.1705504204&ga_sid=1705504204&ga_hid=1558612209&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=3706&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31080431%2C95320892%2C95321627%2C95322163%2C95322325%2C31061691%2C31061692&oid=2&pvsid=593978333931182&tmod=1091228091&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=1152&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=334
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:00:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
584
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 31 Jan 2024 15:00:20 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 2C2B 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052384650666721&output=html&h=280&slotname=8309648592&adk=3127313283&adf=97736722&pi=t.ma~as.8309648592&w=1200&fwrn=4&fwrnh=100&lmt=1705504204&rafmt=1&format=1200x280&url=https%3A%2F%2F3seclab.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705504204039&bpp=7&bdt=457&idt=330&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7814081595830&rume=1&frm=20&pv=1&ga_vid=440884274.1705504204&ga_sid=1705504204&ga_hid=1558612209&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=3706&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31080431%2C95320892%2C95321627%2C95322163%2C95322325%2C31061691%2C31061692&oid=2&pvsid=593978333931182&tmod=1091228091&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=1152&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=334
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:10:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Jan 2024 15:10:05 GMT
sync
gum.criteo.com/ 		46 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20240116-10-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3seclab.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:10:04 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
314451
expires
60
truncated
/ Frame 2C2B 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5971ff70f5dc3090e3f6d9ce048abb0f5d9c9ac8f871804aa3ead0f868768564

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame 5A3B 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaftzAAHSfAIjpMfAATrsTNCspt873sIeBAbPw&u=%7CvxOjmpYt4c5bWNppj4a%2FcATBqo9ouGngG0TmeF5gn5o%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86wfSmyRjLjQ2HlU1snrP-kKGzdzDuHb3ffNqbpvK0_-3myhivls6z-eT_707RfgKbR8RiA0vQe5r5udZ7kOeUKLBKxw_uoTtN80_Ykd7-ZeAFSAC0P4YbG2OLzLbZzBJIu29H6cIx5VPybDOhRfaYBfFBbcJNWIxdybf8QG67I-ZH-wj0Ewr9XCaJLN8ekfKA6IWGUoLqQcie5NYXxfisZPrCsCB35C5wN8AKIMJV4sqQRTBX3vZJXUEhXVX_jaKS_12uWtKY5roMCV4xyQp42zME8CsFh1yuQP9vM2i-ttyzUJIFor484ipyitoELBZQ78x8_xOWQ2dxMloUGtaWLk0pxubP1IAeScNNHSLHRcvejGwjaQJJbN6YtNex4jBMGrZ6zBYTx1tKaU5MI84yLT2FqGvfvFmdAjJoxbyOpEi7Uw5o8cq5SoGgw8e8ruFQ-E0dj6iNcdAu6Buz8cpUl5WsSfSK-e1WduNcSqCTntnuwGNABt7ygR4lcXJyClGsu7hBhWvjV0LyzncxLtv337GR6EZ7lz6VdxVbNwjP7wcft2tOiLoZq08faEjWKWWJC5EooCJEaBo5DuiZgyHu7U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQdcbzO2nZfCTHZ-muvQPsdeT0AvJntKxXLWY49aTAcCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi03MDUyMzg0NjUwNjY2NzIxyAEJqQJTBsBb_z-yPqgDAcgDAqoE3AFP0CWYPcdQ3NTXTZlUpBa__eY_B9kHRSmEO0wpEV3umIVLST3tOJwtG9kSr-pS6fkT0bSKmVHnx8xZ_xLYJnq3UvvvbzAtTVV31VRKf2qwEjYOgMJZynNAyx8yoxhKCza4Uiu0UGpmnibm-6PtPns8ng29vtYiYEAfHCz94tkvAFTkhe7_v_Ret_FeIn-fZ0am2-551jGcTEQ_JXSgjkBbuDsHgjvRur67-78erJ6bUPwtngnEdSmJh1CIxRDmWzluTSCuC7_wrJN3ttEzKkyC0W8Gh9dCAsCh-_ttgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYtvKQotrkgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3Bqm_lEAp3k2R6jEV3mV600ymZRA%26client%3Dca-pub-7052384650666721%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:10:05 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 11 Jan 2025 15:10:05 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 5A3B 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaftzAAHSfAIjpMfAATrsTNCspt873sIeBAbPw&u=%7CvxOjmpYt4c5bWNppj4a%2FcATBqo9ouGngG0TmeF5gn5o%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86wfSmyRjLjQ2HlU1snrP-kKGzdzDuHb3ffNqbpvK0_-3myhivls6z-eT_707RfgKbR8RiA0vQe5r5udZ7kOeUKLBKxw_uoTtN80_Ykd7-ZeAFSAC0P4YbG2OLzLbZzBJIu29H6cIx5VPybDOhRfaYBfFBbcJNWIxdybf8QG67I-ZH-wj0Ewr9XCaJLN8ekfKA6IWGUoLqQcie5NYXxfisZPrCsCB35C5wN8AKIMJV4sqQRTBX3vZJXUEhXVX_jaKS_12uWtKY5roMCV4xyQp42zME8CsFh1yuQP9vM2i-ttyzUJIFor484ipyitoELBZQ78x8_xOWQ2dxMloUGtaWLk0pxubP1IAeScNNHSLHRcvejGwjaQJJbN6YtNex4jBMGrZ6zBYTx1tKaU5MI84yLT2FqGvfvFmdAjJoxbyOpEi7Uw5o8cq5SoGgw8e8ruFQ-E0dj6iNcdAu6Buz8cpUl5WsSfSK-e1WduNcSqCTntnuwGNABt7ygR4lcXJyClGsu7hBhWvjV0LyzncxLtv337GR6EZ7lz6VdxVbNwjP7wcft2tOiLoZq08faEjWKWWJC5EooCJEaBo5DuiZgyHu7U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQdcbzO2nZfCTHZ-muvQPsdeT0AvJntKxXLWY49aTAcCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi03MDUyMzg0NjUwNjY2NzIxyAEJqQJTBsBb_z-yPqgDAcgDAqoE3AFP0CWYPcdQ3NTXTZlUpBa__eY_B9kHRSmEO0wpEV3umIVLST3tOJwtG9kSr-pS6fkT0bSKmVHnx8xZ_xLYJnq3UvvvbzAtTVV31VRKf2qwEjYOgMJZynNAyx8yoxhKCza4Uiu0UGpmnibm-6PtPns8ng29vtYiYEAfHCz94tkvAFTkhe7_v_Ret_FeIn-fZ0am2-551jGcTEQ_JXSgjkBbuDsHgjvRur67-78erJ6bUPwtngnEdSmJh1CIxRDmWzluTSCuC7_wrJN3ttEzKkyC0W8Gh9dCAsCh-_ttgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYtvKQotrkgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3Bqm_lEAp3k2R6jEV3mV600ymZRA%26client%3Dca-pub-7052384650666721%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:10:05 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 11 Jan 2025 15:10:05 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 5A3B 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaftzAAHSfAIjpMfAATrsTNCspt873sIeBAbPw&u=%7CvxOjmpYt4c5bWNppj4a%2FcATBqo9ouGngG0TmeF5gn5o%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86wfSmyRjLjQ2HlU1snrP-kKGzdzDuHb3ffNqbpvK0_-3myhivls6z-eT_707RfgKbR8RiA0vQe5r5udZ7kOeUKLBKxw_uoTtN80_Ykd7-ZeAFSAC0P4YbG2OLzLbZzBJIu29H6cIx5VPybDOhRfaYBfFBbcJNWIxdybf8QG67I-ZH-wj0Ewr9XCaJLN8ekfKA6IWGUoLqQcie5NYXxfisZPrCsCB35C5wN8AKIMJV4sqQRTBX3vZJXUEhXVX_jaKS_12uWtKY5roMCV4xyQp42zME8CsFh1yuQP9vM2i-ttyzUJIFor484ipyitoELBZQ78x8_xOWQ2dxMloUGtaWLk0pxubP1IAeScNNHSLHRcvejGwjaQJJbN6YtNex4jBMGrZ6zBYTx1tKaU5MI84yLT2FqGvfvFmdAjJoxbyOpEi7Uw5o8cq5SoGgw8e8ruFQ-E0dj6iNcdAu6Buz8cpUl5WsSfSK-e1WduNcSqCTntnuwGNABt7ygR4lcXJyClGsu7hBhWvjV0LyzncxLtv337GR6EZ7lz6VdxVbNwjP7wcft2tOiLoZq08faEjWKWWJC5EooCJEaBo5DuiZgyHu7U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQdcbzO2nZfCTHZ-muvQPsdeT0AvJntKxXLWY49aTAcCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi03MDUyMzg0NjUwNjY2NzIxyAEJqQJTBsBb_z-yPqgDAcgDAqoE3AFP0CWYPcdQ3NTXTZlUpBa__eY_B9kHRSmEO0wpEV3umIVLST3tOJwtG9kSr-pS6fkT0bSKmVHnx8xZ_xLYJnq3UvvvbzAtTVV31VRKf2qwEjYOgMJZynNAyx8yoxhKCza4Uiu0UGpmnibm-6PtPns8ng29vtYiYEAfHCz94tkvAFTkhe7_v_Ret_FeIn-fZ0am2-551jGcTEQ_JXSgjkBbuDsHgjvRur67-78erJ6bUPwtngnEdSmJh1CIxRDmWzluTSCuC7_wrJN3ttEzKkyC0W8Gh9dCAsCh-_ttgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYtvKQotrkgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3Bqm_lEAp3k2R6jEV3mV600ymZRA%26client%3Dca-pub-7052384650666721%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:10:05 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sat, 11 Jan 2025 15:10:05 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 5A3B 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaftzAAHSfAIjpMfAATrsTNCspt873sIeBAbPw&u=%7CvxOjmpYt4c5bWNppj4a%2FcATBqo9ouGngG0TmeF5gn5o%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86wfSmyRjLjQ2HlU1snrP-kKGzdzDuHb3ffNqbpvK0_-3myhivls6z-eT_707RfgKbR8RiA0vQe5r5udZ7kOeUKLBKxw_uoTtN80_Ykd7-ZeAFSAC0P4YbG2OLzLbZzBJIu29H6cIx5VPybDOhRfaYBfFBbcJNWIxdybf8QG67I-ZH-wj0Ewr9XCaJLN8ekfKA6IWGUoLqQcie5NYXxfisZPrCsCB35C5wN8AKIMJV4sqQRTBX3vZJXUEhXVX_jaKS_12uWtKY5roMCV4xyQp42zME8CsFh1yuQP9vM2i-ttyzUJIFor484ipyitoELBZQ78x8_xOWQ2dxMloUGtaWLk0pxubP1IAeScNNHSLHRcvejGwjaQJJbN6YtNex4jBMGrZ6zBYTx1tKaU5MI84yLT2FqGvfvFmdAjJoxbyOpEi7Uw5o8cq5SoGgw8e8ruFQ-E0dj6iNcdAu6Buz8cpUl5WsSfSK-e1WduNcSqCTntnuwGNABt7ygR4lcXJyClGsu7hBhWvjV0LyzncxLtv337GR6EZ7lz6VdxVbNwjP7wcft2tOiLoZq08faEjWKWWJC5EooCJEaBo5DuiZgyHu7U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQdcbzO2nZfCTHZ-muvQPsdeT0AvJntKxXLWY49aTAcCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi03MDUyMzg0NjUwNjY2NzIxyAEJqQJTBsBb_z-yPqgDAcgDAqoE3AFP0CWYPcdQ3NTXTZlUpBa__eY_B9kHRSmEO0wpEV3umIVLST3tOJwtG9kSr-pS6fkT0bSKmVHnx8xZ_xLYJnq3UvvvbzAtTVV31VRKf2qwEjYOgMJZynNAyx8yoxhKCza4Uiu0UGpmnibm-6PtPns8ng29vtYiYEAfHCz94tkvAFTkhe7_v_Ret_FeIn-fZ0am2-551jGcTEQ_JXSgjkBbuDsHgjvRur67-78erJ6bUPwtngnEdSmJh1CIxRDmWzluTSCuC7_wrJN3ttEzKkyC0W8Gh9dCAsCh-_ttgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYtvKQotrkgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3Bqm_lEAp3k2R6jEV3mV600ymZRA%26client%3Dca-pub-7052384650666721%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:10:05 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Sat, 11 Jan 2025 15:10:05 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 5A3B 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=LZiAd96CE6D-1zVCyUDLT1rTLHT5e3tN8ICNBXNS9-L24CorvCvMBRlsXb5lYx5hxuJpsBUceGyRwgyucMftJP-tE6YNQvFY0G0OccZyTl-s6ZsMhFR8-5IPl3RosijHAE570Sa__LrC-qNusxnWrMVBfQq9HYIUECE6uyIAZja6qtiYEmC2qOaZULwTTFj2XMR69Glr9_B-_Hot3l8QlG9fXb3VUMNjmgHUAlQiO17GYCfjLPXb6ceoLnFOE7oiDIfUYy17ZmbTh3FEI0Fg-4GNbt0b3_m6tGfBHsyiKqnEjXo6q8PlP4Ecocvp6QSTXEal22PwEaK-X1d5csF7rvvSsRLAu29VwApeMBR8kgPj9FO3YHv3NXEuWlgwH4dPmOEV-yrtNr_UkNv_I42LZMC0LkobSL3RFeSMjX6QolDMR1CE
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaftzAAHSfAIjpMfAATrsTNCspt873sIeBAbPw&u=%7CvxOjmpYt4c5bWNppj4a%2FcATBqo9ouGngG0TmeF5gn5o%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86wfSmyRjLjQ2HlU1snrP-kKGzdzDuHb3ffNqbpvK0_-3myhivls6z-eT_707RfgKbR8RiA0vQe5r5udZ7kOeUKLBKxw_uoTtN80_Ykd7-ZeAFSAC0P4YbG2OLzLbZzBJIu29H6cIx5VPybDOhRfaYBfFBbcJNWIxdybf8QG67I-ZH-wj0Ewr9XCaJLN8ekfKA6IWGUoLqQcie5NYXxfisZPrCsCB35C5wN8AKIMJV4sqQRTBX3vZJXUEhXVX_jaKS_12uWtKY5roMCV4xyQp42zME8CsFh1yuQP9vM2i-ttyzUJIFor484ipyitoELBZQ78x8_xOWQ2dxMloUGtaWLk0pxubP1IAeScNNHSLHRcvejGwjaQJJbN6YtNex4jBMGrZ6zBYTx1tKaU5MI84yLT2FqGvfvFmdAjJoxbyOpEi7Uw5o8cq5SoGgw8e8ruFQ-E0dj6iNcdAu6Buz8cpUl5WsSfSK-e1WduNcSqCTntnuwGNABt7ygR4lcXJyClGsu7hBhWvjV0LyzncxLtv337GR6EZ7lz6VdxVbNwjP7wcft2tOiLoZq08faEjWKWWJC5EooCJEaBo5DuiZgyHu7U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQdcbzO2nZfCTHZ-muvQPsdeT0AvJntKxXLWY49aTAcCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi03MDUyMzg0NjUwNjY2NzIxyAEJqQJTBsBb_z-yPqgDAcgDAqoE3AFP0CWYPcdQ3NTXTZlUpBa__eY_B9kHRSmEO0wpEV3umIVLST3tOJwtG9kSr-pS6fkT0bSKmVHnx8xZ_xLYJnq3UvvvbzAtTVV31VRKf2qwEjYOgMJZynNAyx8yoxhKCza4Uiu0UGpmnibm-6PtPns8ng29vtYiYEAfHCz94tkvAFTkhe7_v_Ret_FeIn-fZ0am2-551jGcTEQ_JXSgjkBbuDsHgjvRur67-78erJ6bUPwtngnEdSmJh1CIxRDmWzluTSCuC7_wrJN3ttEzKkyC0W8Gh9dCAsCh-_ttgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYtvKQotrkgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3Bqm_lEAp3k2R6jEV3mV600ymZRA%26client%3Dca-pub-7052384650666721%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:04 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1821007
expires
Mon, 26 Jul 1997 05:00:00 GMT
animejs.js
static.criteo.net/animejs/ Frame 5A3B 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaftzAAHSfAIjpMfAATrsTNCspt873sIeBAbPw&u=%7CvxOjmpYt4c5bWNppj4a%2FcATBqo9ouGngG0TmeF5gn5o%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86wfSmyRjLjQ2HlU1snrP-kKGzdzDuHb3ffNqbpvK0_-3myhivls6z-eT_707RfgKbR8RiA0vQe5r5udZ7kOeUKLBKxw_uoTtN80_Ykd7-ZeAFSAC0P4YbG2OLzLbZzBJIu29H6cIx5VPybDOhRfaYBfFBbcJNWIxdybf8QG67I-ZH-wj0Ewr9XCaJLN8ekfKA6IWGUoLqQcie5NYXxfisZPrCsCB35C5wN8AKIMJV4sqQRTBX3vZJXUEhXVX_jaKS_12uWtKY5roMCV4xyQp42zME8CsFh1yuQP9vM2i-ttyzUJIFor484ipyitoELBZQ78x8_xOWQ2dxMloUGtaWLk0pxubP1IAeScNNHSLHRcvejGwjaQJJbN6YtNex4jBMGrZ6zBYTx1tKaU5MI84yLT2FqGvfvFmdAjJoxbyOpEi7Uw5o8cq5SoGgw8e8ruFQ-E0dj6iNcdAu6Buz8cpUl5WsSfSK-e1WduNcSqCTntnuwGNABt7ygR4lcXJyClGsu7hBhWvjV0LyzncxLtv337GR6EZ7lz6VdxVbNwjP7wcft2tOiLoZq08faEjWKWWJC5EooCJEaBo5DuiZgyHu7U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQdcbzO2nZfCTHZ-muvQPsdeT0AvJntKxXLWY49aTAcCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi03MDUyMzg0NjUwNjY2NzIxyAEJqQJTBsBb_z-yPqgDAcgDAqoE3AFP0CWYPcdQ3NTXTZlUpBa__eY_B9kHRSmEO0wpEV3umIVLST3tOJwtG9kSr-pS6fkT0bSKmVHnx8xZ_xLYJnq3UvvvbzAtTVV31VRKf2qwEjYOgMJZynNAyx8yoxhKCza4Uiu0UGpmnibm-6PtPns8ng29vtYiYEAfHCz94tkvAFTkhe7_v_Ret_FeIn-fZ0am2-551jGcTEQ_JXSgjkBbuDsHgjvRur67-78erJ6bUPwtngnEdSmJh1CIxRDmWzluTSCuC7_wrJN3ttEzKkyC0W8Gh9dCAsCh-_ttgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYtvKQotrkgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3Bqm_lEAp3k2R6jEV3mV600ymZRA%26client%3Dca-pub-7052384650666721%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:10:05 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 11 Jan 2025 15:10:05 GMT
img
imageproxy.eu.criteo.net/img/ Frame 5A3B 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=556&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F105623%2F5022139%2F2ad0250af6b64105b12172cc0682064c_eu_oveckarna_vertikalni_hneda.png&v=3&w=528&rid=4&s=ivw_bvHA_3V0TvjH4yeRBukD
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaftzAAHSfAIjpMfAATrsTNCspt873sIeBAbPw&u=%7CvxOjmpYt4c5bWNppj4a%2FcATBqo9ouGngG0TmeF5gn5o%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86wfSmyRjLjQ2HlU1snrP-kKGzdzDuHb3ffNqbpvK0_-3myhivls6z-eT_707RfgKbR8RiA0vQe5r5udZ7kOeUKLBKxw_uoTtN80_Ykd7-ZeAFSAC0P4YbG2OLzLbZzBJIu29H6cIx5VPybDOhRfaYBfFBbcJNWIxdybf8QG67I-ZH-wj0Ewr9XCaJLN8ekfKA6IWGUoLqQcie5NYXxfisZPrCsCB35C5wN8AKIMJV4sqQRTBX3vZJXUEhXVX_jaKS_12uWtKY5roMCV4xyQp42zME8CsFh1yuQP9vM2i-ttyzUJIFor484ipyitoELBZQ78x8_xOWQ2dxMloUGtaWLk0pxubP1IAeScNNHSLHRcvejGwjaQJJbN6YtNex4jBMGrZ6zBYTx1tKaU5MI84yLT2FqGvfvFmdAjJoxbyOpEi7Uw5o8cq5SoGgw8e8ruFQ-E0dj6iNcdAu6Buz8cpUl5WsSfSK-e1WduNcSqCTntnuwGNABt7ygR4lcXJyClGsu7hBhWvjV0LyzncxLtv337GR6EZ7lz6VdxVbNwjP7wcft2tOiLoZq08faEjWKWWJC5EooCJEaBo5DuiZgyHu7U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQdcbzO2nZfCTHZ-muvQPsdeT0AvJntKxXLWY49aTAcCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi03MDUyMzg0NjUwNjY2NzIxyAEJqQJTBsBb_z-yPqgDAcgDAqoE3AFP0CWYPcdQ3NTXTZlUpBa__eY_B9kHRSmEO0wpEV3umIVLST3tOJwtG9kSr-pS6fkT0bSKmVHnx8xZ_xLYJnq3UvvvbzAtTVV31VRKf2qwEjYOgMJZynNAyx8yoxhKCza4Uiu0UGpmnibm-6PtPns8ng29vtYiYEAfHCz94tkvAFTkhe7_v_Ret_FeIn-fZ0am2-551jGcTEQ_JXSgjkBbuDsHgjvRur67-78erJ6bUPwtngnEdSmJh1CIxRDmWzluTSCuC7_wrJN3ttEzKkyC0W8Gh9dCAsCh-_ttgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYtvKQotrkgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3Bqm_lEAp3k2R6jEV3mV600ymZRA%26client%3Dca-pub-7052384650666721%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
32bb6bb95ee0cfe00efcc89ac8aec81afa338173a5f8323653fab2ddc97e1849
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:10:04 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
55005
expires
Mon, 06 Jan 2025 04:52:51 GMT
img
imageproxy.eu.criteo.net/img/ Frame 5A3B 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=105623&q=80&r=0&u=https%3A%2F%2Fstatic.oveckarna.cz%2Fdata%2Ftmp%2F102%2F6%2F8236_102.jpg%3F1635951174_2&v=3&w=800&rid=4&s=P5mhH5gFjmG1_jQYQfekpmb0&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaftzAAHSfAIjpMfAATrsTNCspt873sIeBAbPw&u=%7CvxOjmpYt4c5bWNppj4a%2FcATBqo9ouGngG0TmeF5gn5o%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86wfSmyRjLjQ2HlU1snrP-kKGzdzDuHb3ffNqbpvK0_-3myhivls6z-eT_707RfgKbR8RiA0vQe5r5udZ7kOeUKLBKxw_uoTtN80_Ykd7-ZeAFSAC0P4YbG2OLzLbZzBJIu29H6cIx5VPybDOhRfaYBfFBbcJNWIxdybf8QG67I-ZH-wj0Ewr9XCaJLN8ekfKA6IWGUoLqQcie5NYXxfisZPrCsCB35C5wN8AKIMJV4sqQRTBX3vZJXUEhXVX_jaKS_12uWtKY5roMCV4xyQp42zME8CsFh1yuQP9vM2i-ttyzUJIFor484ipyitoELBZQ78x8_xOWQ2dxMloUGtaWLk0pxubP1IAeScNNHSLHRcvejGwjaQJJbN6YtNex4jBMGrZ6zBYTx1tKaU5MI84yLT2FqGvfvFmdAjJoxbyOpEi7Uw5o8cq5SoGgw8e8ruFQ-E0dj6iNcdAu6Buz8cpUl5WsSfSK-e1WduNcSqCTntnuwGNABt7ygR4lcXJyClGsu7hBhWvjV0LyzncxLtv337GR6EZ7lz6VdxVbNwjP7wcft2tOiLoZq08faEjWKWWJC5EooCJEaBo5DuiZgyHu7U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQdcbzO2nZfCTHZ-muvQPsdeT0AvJntKxXLWY49aTAcCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi03MDUyMzg0NjUwNjY2NzIxyAEJqQJTBsBb_z-yPqgDAcgDAqoE3AFP0CWYPcdQ3NTXTZlUpBa__eY_B9kHRSmEO0wpEV3umIVLST3tOJwtG9kSr-pS6fkT0bSKmVHnx8xZ_xLYJnq3UvvvbzAtTVV31VRKf2qwEjYOgMJZynNAyx8yoxhKCza4Uiu0UGpmnibm-6PtPns8ng29vtYiYEAfHCz94tkvAFTkhe7_v_Ret_FeIn-fZ0am2-551jGcTEQ_JXSgjkBbuDsHgjvRur67-78erJ6bUPwtngnEdSmJh1CIxRDmWzluTSCuC7_wrJN3ttEzKkyC0W8Gh9dCAsCh-_ttgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYtvKQotrkgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3Bqm_lEAp3k2R6jEV3mV600ymZRA%26client%3Dca-pub-7052384650666721%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
846dbf808016b540ed729ead9df2f8383bb04c9ccf9d579f5fcac922cbd53e01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:10:04 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
timing-allow-origin
*
content-length
12262
expires
Fri, 02 Feb 2024 12:26:32 GMT
all
csm.eu.criteo.net/ Frame 5A3B 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=AV5FQwjvnEF7U5QrOUcAzCR16N1XVR6_EOUVjPbw5PcbqxC64dkQ1jXYexDQyBwI43S6NPzBn62SSrc0H35pF6BJbScEI3FLwZLmHoPzsFMqALJf5---XgwY-EZKMOnVj9ossspLrHSxIBYxOgfDEeDl0VdGUgiQTDeRXD0LDvLzCxd8Y2VwJIRwGgAiw30_gnYBG9uwjBQY_bk4rt43A4F4uxY0PlfNZcKbVaSGYW_IOVfWFO_WD_bi49IZhdZFWiNqUg&sds=2&rev=90178&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaftzAAHSfAIjpMfAATrsTNCspt873sIeBAbPw&u=%7CvxOjmpYt4c5bWNppj4a%2FcATBqo9ouGngG0TmeF5gn5o%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86wfSmyRjLjQ2HlU1snrP-kKGzdzDuHb3ffNqbpvK0_-3myhivls6z-eT_707RfgKbR8RiA0vQe5r5udZ7kOeUKLBKxw_uoTtN80_Ykd7-ZeAFSAC0P4YbG2OLzLbZzBJIu29H6cIx5VPybDOhRfaYBfFBbcJNWIxdybf8QG67I-ZH-wj0Ewr9XCaJLN8ekfKA6IWGUoLqQcie5NYXxfisZPrCsCB35C5wN8AKIMJV4sqQRTBX3vZJXUEhXVX_jaKS_12uWtKY5roMCV4xyQp42zME8CsFh1yuQP9vM2i-ttyzUJIFor484ipyitoELBZQ78x8_xOWQ2dxMloUGtaWLk0pxubP1IAeScNNHSLHRcvejGwjaQJJbN6YtNex4jBMGrZ6zBYTx1tKaU5MI84yLT2FqGvfvFmdAjJoxbyOpEi7Uw5o8cq5SoGgw8e8ruFQ-E0dj6iNcdAu6Buz8cpUl5WsSfSK-e1WduNcSqCTntnuwGNABt7ygR4lcXJyClGsu7hBhWvjV0LyzncxLtv337GR6EZ7lz6VdxVbNwjP7wcft2tOiLoZq08faEjWKWWJC5EooCJEaBo5DuiZgyHu7U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQdcbzO2nZfCTHZ-muvQPsdeT0AvJntKxXLWY49aTAcCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi03MDUyMzg0NjUwNjY2NzIxyAEJqQJTBsBb_z-yPqgDAcgDAqoE3AFP0CWYPcdQ3NTXTZlUpBa__eY_B9kHRSmEO0wpEV3umIVLST3tOJwtG9kSr-pS6fkT0bSKmVHnx8xZ_xLYJnq3UvvvbzAtTVV31VRKf2qwEjYOgMJZynNAyx8yoxhKCza4Uiu0UGpmnibm-6PtPns8ng29vtYiYEAfHCz94tkvAFTkhe7_v_Ret_FeIn-fZ0am2-551jGcTEQ_JXSgjkBbuDsHgjvRur67-78erJ6bUPwtngnEdSmJh1CIxRDmWzluTSCuC7_wrJN3ttEzKkyC0W8Gh9dCAsCh-_ttgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYtvKQotrkgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3Bqm_lEAp3k2R6jEV3mV600ymZRA%26client%3Dca-pub-7052384650666721%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 17 Jan 2024 15:10:04 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 5A3B 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaftzAAHSfAIjpMfAATrsTNCspt873sIeBAbPw&u=%7CvxOjmpYt4c5bWNppj4a%2FcATBqo9ouGngG0TmeF5gn5o%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86wfSmyRjLjQ2HlU1snrP-kKGzdzDuHb3ffNqbpvK0_-3myhivls6z-eT_707RfgKbR8RiA0vQe5r5udZ7kOeUKLBKxw_uoTtN80_Ykd7-ZeAFSAC0P4YbG2OLzLbZzBJIu29H6cIx5VPybDOhRfaYBfFBbcJNWIxdybf8QG67I-ZH-wj0Ewr9XCaJLN8ekfKA6IWGUoLqQcie5NYXxfisZPrCsCB35C5wN8AKIMJV4sqQRTBX3vZJXUEhXVX_jaKS_12uWtKY5roMCV4xyQp42zME8CsFh1yuQP9vM2i-ttyzUJIFor484ipyitoELBZQ78x8_xOWQ2dxMloUGtaWLk0pxubP1IAeScNNHSLHRcvejGwjaQJJbN6YtNex4jBMGrZ6zBYTx1tKaU5MI84yLT2FqGvfvFmdAjJoxbyOpEi7Uw5o8cq5SoGgw8e8ruFQ-E0dj6iNcdAu6Buz8cpUl5WsSfSK-e1WduNcSqCTntnuwGNABt7ygR4lcXJyClGsu7hBhWvjV0LyzncxLtv337GR6EZ7lz6VdxVbNwjP7wcft2tOiLoZq08faEjWKWWJC5EooCJEaBo5DuiZgyHu7U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQdcbzO2nZfCTHZ-muvQPsdeT0AvJntKxXLWY49aTAcCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi03MDUyMzg0NjUwNjY2NzIxyAEJqQJTBsBb_z-yPqgDAcgDAqoE3AFP0CWYPcdQ3NTXTZlUpBa__eY_B9kHRSmEO0wpEV3umIVLST3tOJwtG9kSr-pS6fkT0bSKmVHnx8xZ_xLYJnq3UvvvbzAtTVV31VRKf2qwEjYOgMJZynNAyx8yoxhKCza4Uiu0UGpmnibm-6PtPns8ng29vtYiYEAfHCz94tkvAFTkhe7_v_Ret_FeIn-fZ0am2-551jGcTEQ_JXSgjkBbuDsHgjvRur67-78erJ6bUPwtngnEdSmJh1CIxRDmWzluTSCuC7_wrJN3ttEzKkyC0W8Gh9dCAsCh-_ttgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYtvKQotrkgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3Bqm_lEAp3k2R6jEV3mV600ymZRA%26client%3Dca-pub-7052384650666721%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:10:05 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 11 Jan 2025 15:10:05 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 5A3B 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaftzAAHSfAIjpMfAATrsTNCspt873sIeBAbPw&u=%7CvxOjmpYt4c5bWNppj4a%2FcATBqo9ouGngG0TmeF5gn5o%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86wfSmyRjLjQ2HlU1snrP-kKGzdzDuHb3ffNqbpvK0_-3myhivls6z-eT_707RfgKbR8RiA0vQe5r5udZ7kOeUKLBKxw_uoTtN80_Ykd7-ZeAFSAC0P4YbG2OLzLbZzBJIu29H6cIx5VPybDOhRfaYBfFBbcJNWIxdybf8QG67I-ZH-wj0Ewr9XCaJLN8ekfKA6IWGUoLqQcie5NYXxfisZPrCsCB35C5wN8AKIMJV4sqQRTBX3vZJXUEhXVX_jaKS_12uWtKY5roMCV4xyQp42zME8CsFh1yuQP9vM2i-ttyzUJIFor484ipyitoELBZQ78x8_xOWQ2dxMloUGtaWLk0pxubP1IAeScNNHSLHRcvejGwjaQJJbN6YtNex4jBMGrZ6zBYTx1tKaU5MI84yLT2FqGvfvFmdAjJoxbyOpEi7Uw5o8cq5SoGgw8e8ruFQ-E0dj6iNcdAu6Buz8cpUl5WsSfSK-e1WduNcSqCTntnuwGNABt7ygR4lcXJyClGsu7hBhWvjV0LyzncxLtv337GR6EZ7lz6VdxVbNwjP7wcft2tOiLoZq08faEjWKWWJC5EooCJEaBo5DuiZgyHu7U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQdcbzO2nZfCTHZ-muvQPsdeT0AvJntKxXLWY49aTAcCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi03MDUyMzg0NjUwNjY2NzIxyAEJqQJTBsBb_z-yPqgDAcgDAqoE3AFP0CWYPcdQ3NTXTZlUpBa__eY_B9kHRSmEO0wpEV3umIVLST3tOJwtG9kSr-pS6fkT0bSKmVHnx8xZ_xLYJnq3UvvvbzAtTVV31VRKf2qwEjYOgMJZynNAyx8yoxhKCza4Uiu0UGpmnibm-6PtPns8ng29vtYiYEAfHCz94tkvAFTkhe7_v_Ret_FeIn-fZ0am2-551jGcTEQ_JXSgjkBbuDsHgjvRur67-78erJ6bUPwtngnEdSmJh1CIxRDmWzluTSCuC7_wrJN3ttEzKkyC0W8Gh9dCAsCh-_ttgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYtvKQotrkgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3Bqm_lEAp3k2R6jEV3mV600ymZRA%26client%3Dca-pub-7052384650666721%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:10:05 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 11 Jan 2025 15:10:05 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401110101/ 		162 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401110101/reactive_library_fy2021.js?bust=31080431
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7052384650666721&plah=3seclab.com&bust=31080431
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6aee84ab9563e65f689c6d05b07d5da21a8d34a04dba07b68fc557eeb9668452
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3seclab.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:10:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56396
x-xss-protection
0
server
cafe
etag
4498106406797597666
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 15:10:05 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 561F 		134 KB
45 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052384650666721&output=html&h=280&adk=3232636341&adf=3254513062&pi=t.aa~a.4122652283~rp.1&w=500&fwrn=4&fwrnh=100&lmt=1705504205&rafmt=1&to=qs&pwprc=8885713159&format=500x280&url=https%3A%2F%2F3seclab.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705504205281&bpp=1&bdt=1699&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85f5c5c159c77a69%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_Mb93ZQYCJF9PNRrdD0nXxMvr4sL5w&gpic=UID%3D00000d43700928e7%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_MYzgamZlVuSn9boNcaAHLj5-qNlIw&prev_fmts=0x0%2C1200x280&nras=2&correlator=7814081595830&rume=1&frm=20&pv=1&ga_vid=440884274.1705504204&ga_sid=1705504204&ga_hid=1558612209&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31080431%2C95320892%2C95321627%2C95322163%2C95322325%2C31061691%2C31061692&oid=2&psts=AOrYGsl95Ya7pY9kXAFmbNgL7fy4ghf-ulzrwF1d6HFUVvqvJwDESaqv5gDxcdYSHGP0kk2oC1kI7vRjWjmX9Q&pvsid=593978333931182&tmod=1091228091&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=3
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7052384650666721&plah=3seclab.com&bust=31080431
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3b8e8b8ecb597ede4fe31689e6c8425d55b9001201cb381f40a72a027c093dd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3seclab.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
45712
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 17 Jan 2024 15:10:06 GMT
expires
Wed, 17 Jan 2024 15:10:06 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 03EF 		35 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052384650666721&output=html&h=280&adk=1958173566&adf=867136312&pi=t.aa~a.2964258233~rp.1&w=500&fwrn=4&fwrnh=100&lmt=1705504205&rafmt=1&to=qs&pwprc=8885713159&format=500x280&url=https%3A%2F%2F3seclab.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705504205281&bpp=1&bdt=1699&idt=0&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85f5c5c159c77a69%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_Mb93ZQYCJF9PNRrdD0nXxMvr4sL5w&gpic=UID%3D00000d43700928e7%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_MYzgamZlVuSn9boNcaAHLj5-qNlIw&prev_fmts=0x0%2C1200x280%2C500x280&nras=3&correlator=7814081595830&rume=1&frm=20&pv=1&ga_vid=440884274.1705504204&ga_sid=1705504204&ga_hid=1558612209&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=2001&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31080431%2C95320892%2C95321627%2C95322163%2C95322325%2C31061691%2C31061692&oid=2&psts=AOrYGsl95Ya7pY9kXAFmbNgL7fy4ghf-ulzrwF1d6HFUVvqvJwDESaqv5gDxcdYSHGP0kk2oC1kI7vRjWjmX9Q&pvsid=593978333931182&tmod=1091228091&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=5
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7052384650666721&plah=3seclab.com&bust=31080431
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7b43a44f0f7c4f1a4096d544d5722abcbc099f8e963aac2fd6be34d62dd8f311
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3seclab.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
14387
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 17 Jan 2024 15:10:05 GMT
expires
Wed, 17 Jan 2024 15:10:05 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240116/r20110914/ Frame 3A24 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240116/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7052384650666721&plah=3seclab.com&bust=31080431
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3seclab.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
69809
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4173
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 16 Jan 2024 19:46:36 GMT
etag
9219409622527106327
expires
Tue, 30 Jan 2024 19:46:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240116/r20110914/ Frame 8337 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240116/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7052384650666721&plah=3seclab.com&bust=31080431
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3seclab.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
69809
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4173
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 16 Jan 2024 19:46:36 GMT
etag
9219409622527106327
expires
Tue, 30 Jan 2024 19:46:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240116/r20110914/ Frame 9FE9 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240116/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7052384650666721&plah=3seclab.com&bust=31080431
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3seclab.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
69809
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4173
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 16 Jan 2024 19:46:36 GMT
etag
9219409622527106327
expires
Tue, 30 Jan 2024 19:46:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240116/r20110914/ Frame FC86 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240116/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7052384650666721&plah=3seclab.com&bust=31080431
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3seclab.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
69809
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4173
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 16 Jan 2024 19:46:36 GMT
etag
9219409622527106327
expires
Tue, 30 Jan 2024 19:46:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame 2C2B 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CPfknzO2nZfCTHZ-muvQPsdeT0AvJntKxXLWY49aTAcCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi03MDUyMzg0NjUwNjY2NzIxyAEJqQJTBsBb_z-yPqgDAcgDAqoE2QFP0CWYPcdQ3NTXTZlUpBa__eY_B9kHRSmEO0wpEV3umIVLST3tOJwtG9kSr-pS6fkT0bSKmVHnx8xZ_xLYJnq3UvvvbzAtTVV31VRKf2qwEjYOgMJZynNAyx8yoxhKCza4Uiu0UGpmnibm-6PtPns8ng29vtYiYEAfHCz94tkvAFTkhe7_v_Ret_FeIn-fZ0am2-551jGcTEQ_JXSgjkBbuDsHgjvRur67-78erJ6bUPwtnkvGVLsJFIC1Y8DBgbVOpISgLLVGpr1vNGX7F-pwbnEqn0-IluBIgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYtvKQotrkgwOACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNzA1MjM4NDY1MDY2NjcyMRgA&sigh=LqFYhG8-XNA&uach_m=%5BUACH%5D&cid=CAQSTwAvHhf_vesiKV7J2F3t_ASV7f7VZD3DHQocx3w27t3Nk4NKiiU_jHCxhenE-QGA5dLQlhnXs1plPBra14UuojwT9nlgkM_CKyFSAyD_oksYAQ&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052384650666721&output=html&h=280&slotname=8309648592&adk=3127313283&adf=97736722&pi=t.ma~as.8309648592&w=1200&fwrn=4&fwrnh=100&lmt=1705504204&rafmt=1&format=1200x280&url=https%3A%2F%2F3seclab.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705504204039&bpp=7&bdt=457&idt=330&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7814081595830&rume=1&frm=20&pv=1&ga_vid=440884274.1705504204&ga_sid=1705504204&ga_hid=1558612209&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=3706&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31080431%2C95320892%2C95321627%2C95322163%2C95322325%2C31061691%2C31061692&oid=2&pvsid=593978333931182&tmod=1091228091&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=1152&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=334
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052384650666721&output=html&h=280&slotname=8309648592&adk=3127313283&adf=97736722&pi=t.ma~as.8309648592&w=1200&fwrn=4&fwrnh=100&lmt=1705504204&rafmt=1&format=1200x280&url=https%3A%2F%2F3seclab.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705504204039&bpp=7&bdt=457&idt=330&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7814081595830&rume=1&frm=20&pv=1&ga_vid=440884274.1705504204&ga_sid=1705504204&ga_hid=1558612209&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=3706&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31080431%2C95320892%2C95321627%2C95322163%2C95322325%2C31061691%2C31061692&oid=2&pvsid=593978333931182&tmod=1091228091&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=1152&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=334
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 17 Jan 2024 15:10:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 17 Jan 2024 15:10:05 GMT
notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 2C2B 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=ko7EGMz6RLAJmAKdg2ICAgAAAHvX53oanAFh08XqMRDM7adlpStT51MAETb3RAAAEgAACgpBUVVCQVFFQkFR&wp=ZaftzAAHSfAIjpMfAATrsTNCspt873sIeBAbPw&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052384650666721&output=html&h=280&slotname=8309648592&adk=3127313283&adf=97736722&pi=t.ma~as.8309648592&w=1200&fwrn=4&fwrnh=100&lmt=1705504204&rafmt=1&format=1200x280&url=https%3A%2F%2F3seclab.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705504204039&bpp=7&bdt=457&idt=330&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7814081595830&rume=1&frm=20&pv=1&ga_vid=440884274.1705504204&ga_sid=1705504204&ga_hid=1558612209&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=3706&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31080431%2C95320892%2C95321627%2C95322163%2C95322325%2C31061691%2C31061692&oid=2&pvsid=593978333931182&tmod=1091228091&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=1152&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=334
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:10:04 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
142696
server
Kestrel
content-length
0
css2
fonts.googleapis.com/ Frame 3A24 		4 KB
767 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240116/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 17 Jan 2024 15:10:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 17 Jan 2024 15:06:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 17 Jan 2024 15:10:05 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3A24 		205 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240116/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 09:40:51 GMT
x-content-type-options
nosniff
age
19754
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 16 Jan 2025 09:40:51 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3A24 		604 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240116/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 02:17:22 GMT
x-content-type-options
nosniff
age
46363
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 16 Jan 2025 02:17:22 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240116/r20110914/elements/html/ Frame 3A24 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240116/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240116/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 15:42:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
84463
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6823
x-xss-protection
0
server
cafe
etag
11129212757755515379
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 30 Jan 2024 15:42:22 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240116/r20110914/elements/html/ Frame 3A24 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240116/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240116/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 15:42:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
84463
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9422
x-xss-protection
0
server
cafe
etag
10624764489894593518
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 30 Jan 2024 15:42:22 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame FFF6 		624 B
246 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYmL35xgEwAQ&v=APEucNUpgrBBLWkigMvXQkDdzwDS8aC-B_qik7x_gIBgZgzNGUjiRCVuP6o6j_e4OlY2EELTu5z-Gjq2sPQeSgCv_XTXSXhnryJ96k9Ehf6VWh_Cu5q-Pb9UkQnyNr3lo9bd9WyGUdfH_9odkbB4Usi-kRdcRw-2mJY7KL0dNyFza_vNwAZZ3kk
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20240116/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 17 Jan 2024 15:10:05 GMT
expires
Wed, 17 Jan 2024 15:10:05 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame F18A 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:10:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 15:10:05 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240116/r20110914/client/ Frame F18A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240116/r20110914/client/window_focus_fy2021.js
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:31:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
2335
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 31 Jan 2024 14:31:10 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240116/r20110914/client/ Frame F18A 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240116/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:00:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
585
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 31 Jan 2024 15:00:20 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame F18A 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:10:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Jan 2024 15:10:05 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F18A 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BE-oQLsU9u8aFjM1mb7zCzWWz6gCCQDMJSUdFlVroKJMgMWl04YYz_dN0XabMOK0w9wvJ9Ds2ypPjXgFVftWmq62ohtZiiUR1Z8hc1IiRaPXGbzh0
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 97A2 		624 B
246 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY8rvx0wEwAQ&v=APEucNXwhLqRBOkJsgel1XP2ETh-xrt5lKlOPXT42jRxnoAs7o7jZxxyEUT3FlL2yoduQSynPg8OYyyqpAIYJLXZbNTIiSIyzZLYg-0BuPuq3R46-srKEuSCtoCqDlCp8yLdw0gG_h3gzm6_lSGOIy90wtXIeTPFkNcmbZZQXULwhmjIYcbdd0E
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20240116/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 17 Jan 2024 15:10:05 GMT
expires
Wed, 17 Jan 2024 15:10:05 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 4145 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:10:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 15:10:05 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240116/r20110914/client/ Frame 4145 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240116/r20110914/client/window_focus_fy2021.js
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:31:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
2335
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 31 Jan 2024 14:31:10 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240116/r20110914/client/ Frame 4145 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240116/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:00:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
585
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 31 Jan 2024 15:00:20 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 4145 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:10:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Jan 2024 15:10:05 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4145 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C1CBitCjh6skKTvZlycyxMKVxRIbq4Y0CiQHKxVj1w9PJMQh2caXQR5Rnh-AvlPLBoJ9vXUrIXaDMb1MK9xAehn2UfwTvbPnkvhMle-hA7Sc6VR0k
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 5ACE 		624 B
246 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYx7n5xgEwAQ&v=APEucNXLA_RXSJldRjqUgGP0z4hXZ6CwbhGVSMUhCSu2xPfWDb3lQyEBaqSpVkVtvsE6Vw_MJ_7iHVWb5pVtzMMWyU0jmHPeeF12g7RF_kpWotq9ddhveRS6gz0v_9a1vrlFiViCX8KtwLM7gmaIm7mDJg3nNtnsbWpcLu2HTPBje9uJ7ny3wN8
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20240116/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 17 Jan 2024 15:10:05 GMT
expires
Wed, 17 Jan 2024 15:10:05 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame C551 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:10:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 15:10:05 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240116/r20110914/client/ Frame C551 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240116/r20110914/client/window_focus_fy2021.js
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:31:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
2335
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 31 Jan 2024 14:31:10 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240116/r20110914/client/ Frame C551 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240116/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:00:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
585
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 31 Jan 2024 15:00:20 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame C551 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:10:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Jan 2024 15:10:05 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C551 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CkgnWFE3T7gj5KYbcKked3XZgAn768fx0Prre0G8oGShKKJ0-nEH6OYMKoV_o4JyyoKtKNSfw-MGw63QPmK4DaEpJzmizL8iUTgclL7aDiOYxj3FY
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame FFF6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDT2T2jmCq1gCQfLxyF11rw&google_cver=1
43 B
322 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDT2T2jmCq1gCQfLxyF11rw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYmL35xgEwAQ&v=APEucNUpgrBBLWkigMvXQkDdzwDS8aC-B_qik7x_gIBgZgzNGUjiRCVuP6o6j_e4OlY2EELTu5z-Gjq2sPQeSgCv_XTXSXhnryJ96k9Ehf6VWh_Cu5q-Pb9UkQnyNr3lo9bd9WyGUdfH_9odkbB4Usi-kRdcRw-2mJY7KL0dNyFza_vNwAZZ3kk
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:05 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rAvCBHEhFkS1kuAL65x4DGWam5QpevXE2T0r6uGn3BzXkVOEX5JcLbqrQDiIufYyhMTyAjB3Pg1LTkFqRuO6HozUviQfnAp41miUJYMZFFZ3QlwdFn5S7eF7tXn5SVP4iiEj0ZWKU63iag%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
846f85e5c8624516-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDT2T2jmCq1gCQfLxyF11rw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame FFF6
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaftzbSKeWwN67RCUif7OQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOAndp_XQTBq17hEtuuZCM8&google_cver=1
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOAndp_XQTBq17hEtuuZCM8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYmL35xgEwAQ&v=APEucNUpgrBBLWkigMvXQkDdzwDS8aC-B_qik7x_gIBgZgzNGUjiRCVuP6o6j_e4OlY2EELTu5z-Gjq2sPQeSgCv_XTXSXhnryJ96k9Ehf6VWh_Cu5q-Pb9UkQnyNr3lo9bd9WyGUdfH_9odkbB4Usi-kRdcRw-2mJY7KL0dNyFza_vNwAZZ3kk
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:05 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G95kL%2BSEkg1J3SXBm3DSDWBQiClMHHE4KOVSFUXDaQtNQHZ%2Bn6UmP9cCSY8O1MX8m9vbPf3vgtmmfXcOmcZWEGIVIAk0bGdE8RM8l05bn66%2F59tndyfnZ5izC%2F5JWGuP7lVUy9%2FXkx792g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
846f85e68dee451c-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOAndp_XQTBq17hEtuuZCM8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame FFF6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEMEFyzo_2zG3LAo1py0FNIw&google_cver=1
43 B
1007 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEMEFyzo_2zG3LAo1py0FNIw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYmL35xgEwAQ&v=APEucNUpgrBBLWkigMvXQkDdzwDS8aC-B_qik7x_gIBgZgzNGUjiRCVuP6o6j_e4OlY2EELTu5z-Gjq2sPQeSgCv_XTXSXhnryJ96k9Ehf6VWh_Cu5q-Pb9UkQnyNr3lo9bd9WyGUdfH_9odkbB4Usi-kRdcRw-2mJY7KL0dNyFza_vNwAZZ3kk
Protocol
H2
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:05 GMT
an-x-request-uuid
ded3f334-6649-4eb3-b1c1-55f371fa8afe
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
80.255.7.100; 80.255.7.100; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEMEFyzo_2zG3LAo1py0FNIw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame FFF6
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzc4MDQ2ODgzOTQ5NDM1OTgwMg%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzc4MDQ2ODgzOTQ5NDM1OTgwMg%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYmL35xgEwAQ&v=APEucNUpgrBBLWkigMvXQkDdzwDS8aC-B_qik7x_gIBgZgzNGUjiRCVuP6o6j_e4OlY2EELTu5z-Gjq2sPQeSgCv_XTXSXhnryJ96k9Ehf6VWh_Cu5q-Pb9UkQnyNr3lo9bd9WyGUdfH_9odkbB4Usi-kRdcRw-2mJY7KL0dNyFza_vNwAZZ3kk
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:05 GMT
an-x-request-uuid
8adf6d44-8dfa-4f5a-815c-4f56e16873cf
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzc4MDQ2ODgzOTQ5NDM1OTgwMg%3D%3D
x-proxy-origin
80.255.7.100; 80.255.7.100; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame 2C2B 		65 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052384650666721&output=html&h=280&slotname=8309648592&adk=3127313283&adf=97736722&pi=t.ma~as.8309648592&w=1200&fwrn=4&fwrnh=100&lmt=1705504204&rafmt=1&format=1200x280&url=https%3A%2F%2F3seclab.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705504204039&bpp=7&bdt=457&idt=330&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7814081595830&rume=1&frm=20&pv=1&ga_vid=440884274.1705504204&ga_sid=1705504204&ga_hid=1558612209&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=3706&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31080431%2C95320892%2C95321627%2C95322163%2C95322325%2C31061691%2C31061692&oid=2&pvsid=593978333931182&tmod=1091228091&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=1152&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=334
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2f6bea46c546f8965429c8793da815b8aa488ea358656607513811e6220f4583
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:33:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
2174
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24615
x-xss-protection
0
server
cafe
etag
10902498161188913397
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 15:33:51 GMT
css
fonts.googleapis.com/ Frame C597 		2 KB
480 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins%3A400%2C600
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240116/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e537bb0b81601eabcdc6dd4e2eb938917a7c6887765651882ec0ed5081c26c67
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 17 Jan 2024 15:10:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 17 Jan 2024 14:39:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 17 Jan 2024 15:10:05 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240116/r20110914/client/ Frame C597 		2 KB
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240116/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240116/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 02:23:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
45979
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 31 Jan 2024 02:23:46 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240116/r20110914/ Frame C597 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240116/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240116/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:00:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
585
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 31 Jan 2024 15:00:20 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240116/r20110914/client/ Frame C597 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240116/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240116/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:31:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
2335
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 31 Jan 2024 14:31:10 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240116/r20110914/client/ Frame C597 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240116/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240116/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:00:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
585
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 31 Jan 2024 15:00:20 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame C597 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240116/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:10:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Jan 2024 15:10:05 GMT
4cee352c918c506f58256258d534a665.js
www.gstatic.com/mysidia/ Frame C597 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240116/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 19:19:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71435
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15452
x-xss-protection
0
last-modified
Sat, 13 Jan 2024 00:04:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 15 Apr 2024 19:19:30 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F18A 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6667094013623&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F18A 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6667094013623&version=m202309260101&ct=76&x=1&cor=18129108834150730000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame F18A 		101 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B1098E40vrGlyQyIE1GHlzkZTKbILy7PdfZQK_vsp-UxaqmTfGdy-6NmyLrSmx2lr6RMP1VYFAgdeTDIp8AbZ7ywhOT2YjJ6PPwZygSx6EcWJU5prG5BI9dKTwFy4FvcBPkfkIrpmMOh1G-ythg858VnOhRazXqACDE6jA0DbPLM8_P30jmAjkH8a0pNEQ2MGWFugm&dbm_d=AKAmf-BOovDSz8lewjxTZbZhmpg_K9r-fvjBxPkE1AzkSKNMqbu7kLOXNPBMXINi2-KkejBsdBanjSD6m9b2cODbuhqjfQNSIFRGWyFtWuKEU9xpS7MMtnCM59jZb4FXk3zHjy140DJ_hM5Go5M9jCfaBRt0QX91AKJBqaW0h97-1CSDJoEU8J5WQmpeUVucPy2aEDas6Q5YSZ5CL42b4EyXyT9nZjFvNckj7Uro4y92CMHxOT26gSrQWEXur2nv9ABGvOTEKg2Y1kZBK9ZDCuo2QAGA1Ie46mEa5tDlyOBkJPUNidwwgCItkA7Q_ZaHWE8b7KTIfphD9_KUgJ5gWQQNE0fFkkG8MjSl2G3iPsmA77_8Y6xWU-a9Rg_wjSpbQsbVtUT9YNoSK8NGax7yv1HhVA-GdapgBNfEsccqnitQD77W4Poh43CeeITKNMqhPYUyCc54zyOMYoKaTGjtffdACr8VR-JCB1ZMg1JEKchCSVoad4oKQYah4mqMCsyzKiCDU_YwWh033bg4Js8jP8gmdrgpEt-LMdlkbacS_cpURHAyMSc2oqMQZSMnJ6XFUo15k488gK2GSUf_hHXFk68ReRVHQd0kdsTf9V2sPSpmDkBSavcSZ4T-7Pg4kjO4fc4OmgFBf-hlYDAlYNqwjeoxzMp_nkpsSD8PAanSkbLFlcKKbfAq-dOTAaFShggmIqEE_Aj8kbHUDRz4lP1XkUDwTgKIlZQyMWLCvR19a2O--K6bEgAZ8qkVJyXRMannrbzCwHU3sbhUlonF8iglAJaTdgJfefbUwq9mbfWyAEDISo8ghfVas2HTlqtA2jep21UEde9v37IkShOQkjNBGrObf4A5DlZAgWSJrOUVwaRb7ABrJqHEfEk2mOpsUvJ0WRLWRxbSWhWHxEazYMwnipuk8mgHd2VtGKA3h_iNzL-fshOvILUVQ2JrxbXCYC2aI38Ee6jnZhtqHYxo-Lw3OVMkQI0Kkc1L3Io0t_UvOXUeXvYja4Tf25ihJrZN99cX_whPPf-6rbtvL31dM5u3VBbtO2Eao-lFZO2Nn_jH9XAQXCIEcddNxHLd-CsFoOPtIp4uEsIwtHpdMb3tZKZ-pJX8wYnv2D1Yk0jsjZccDe50A5BknbGCXEpDlC59xVddpE4On4I862GM4meOFqQxlDboR_iwr4S1GYxR3B07Fbo0htRI564QeHVtTRCX6Fefdf4ATDihfFKDj4wtQAO4stqCUVLqR2SV9a4v22j-oqlUUz2hz1x3YhJ8MtcmjgWfV4NXLda9OGRBi-Mb-gagIJhceChL_VWtnfDO5RRzIwOk7gf56rCwXuNPHQU4WoO5ALnKV9XsxOgXITcMHA9WTJVS-A3jX8TUUGTb51DKfGsRxlsmKCstGsAajsd6cF4anXr4wwrz1XEYYFVOP3LqWZzbhcaNErgR_jgBq2UyoiP1j04rrTTfXnfN5dgDxIBgj8d_FRglJuVeEk5LqeVbLN1clYIqsmeenq0Lqle7NFwUI8sTskcOKs1S85-Q7rWrLwWl3eYddf5Kuv1CwLUEUPcqCb3lz_fWLIaFWOX90iBh3VP-C8UdO2s8I1gAesWXPOGPRkf0S9znCYGiqc-1aYgFN_KLyVxVgzr-pnHcolT93pMr9G7hsWBt_USXzybeg-BUjq66bs6UkqCX3X5BOBTE3cWIcSmn_9YcOQ8L1A-RidNdQzQ9LD-3Ev9i2UW8qW8tB2PbZiT9LYy84J0ReQzoYBPw1KYjzZ9exXAWZYTiiywJ_2lUL2aPl9wLpmqezt0djQ-g-8fQhSunTT4PPSSPDFVT66qOk4mUZVnNvxnXD7-9_x9Fc5q0nyIXgZBwTyOIqMxiuaEwo-8XZX0YHKNDxBANTYuE_6rM02tLZf8p_Lre-9t5TCvpUxajf8F9odQ4VT7DUtuzsViOzyOkrxlrBJ58Aoq2aSzI3MMiojOSOg4te_w_zMuXoK2AQek2sLoaV4_4wtQjsYx5oWXju9bkxsFmOP8qIhrlTvLrVbASMNnJ4Ituw6YqFWVdPV_pfn1WnW2Q9rFWsst7CwXXRRLVPp8QB-oN6v1xKkiINfnNm1Weop2Q6KmEwn8rpi3oMPuYrEvrqSyY6teGv74K9XClq505HipBLahBkPKk0DgsEIXGev9TVhMsLpeXDMawQcPKKNs9gZkdAV3gTki4eUT_hzN9YuOy-9OkzNq68ms9pP7jqBqn0WgMJ2KtJhccKhBSF7nNE3RInOGoAQo3a7RWUxkJNsKZEUdfk6QfIufXszgKFwupMW6qghFkIztlijqrQ2gvfA4SSsP_CCew_A7NnWR2DPmZKQ4wioMOikutPZVEY0FIb2Cdzrl97C7_McQr-hGukI8skBnSvegHhBobojTP3S21OJ-VkG0jxc0VF5ZCJCbTovs260eenpKyUe10ZGDlitYYhvZWW0HoAqzgDvmTHOabvoFk5suXA6bkp9z_I-6jEyiHjBvtwJLIki24dvAjDsthidRUhT5ImufEWaWVw72kyad1SkATeoA3zYy7cwdcWf2PJHxyd11nTvYTTzE4wB6DoUW1IUPetwTgJ7JqrU1D4WUWENcujQHK8qPL6p46yo2YVHVMVj6JSOcIdBlsNnwest50JIHh0-ZK6AcsqjndY3V8ocwsBXZVDuznWhKBHCKrlecV3WsMyW3s9V-JcclBHhXP6oMVyKam3sSCxbWEYuz51djO0Dnix9nRivGFVaUiDJD0IvkdpY4MBTPKOGF6fsA-3AEtdHGgwUTUn77Bbz06c2iEQ8MdbrudUGtAeh7K4sPSwD8zd1RX4YoQ1XHTClcsfNmVfJBOY05osMD715lZOa75OFZ6wSh3Ap_faNKtLA7BtdmWJ_TZSioDgGWa9WT2eY1Ncv5akCB6gTR0ugz6VI9hqKRaX_JihBUVCnofcmX4_l4vjvn94Jdfdzi1b30ApRStlQdKRWjYz28nV7bYODNyZWkbJVd1V88TR5gnHmErShUWo6LB-BZZlEQQokjGWwnFO85gFvZzWlqv2bNva4Pwlq0_5-8fSOJWcagMIpLGcZ4gve_dV-52_-fKQQJ7hHbIpDUngVSCszvl-8KoUYMl4DFeej1FpDDdfuJWLflsdt0hvzVf4cjyyenWD36kb_7uUl0JiJczs3DggerrxnQkYTUh0x5Q7tKTBhBA5oKZBx7TiobaV_tfpGgmBzQiTUC3kqiTc9KS7mKUYr-suw8g_583LwObSoFUogwqVyhqhbPfkjgsQSQ14zleLuxQUDjP1hptlXfkxef-XFz78NoCqPBaAZzgqaLv_wbgDikDshuakMyMt2j7GjJBk1OhprF2FUWsVQ27_yysoNXhHpLt9caP1GlINt3_cpmHlZ5rR75a14pz2cOHID2vT-0Mg4jzAajhySlVeduzJeRcXBz5W-tHt0Xzi6hRvQPWixu-N6Pc3ToDC5KpmDYxNPcmMPdRC3kk3uzDE4PpJUjT2fHX8Gp5oDFM7mNAi2kcZ5d40YgP9Hys7fFrLWdX1pdIZxT2HEcvu16FVZZ1iZSNg0F2duRTxK_dnWY7Jdt2V5YXfWNiu9AN044FW9EkF--ba1HVmxWz0VzXGLCwZMzqdQnPzaEVpF5D604M-x6pRi2U0wSpfDRrtQIAZXyY&cid=CAQSTwAvHhf_V3BaC8O8IHgqvaFtbIFehzB_dnJDb-RiyLsNRmLY1-Ca5oj_1p2nQS5xXyNXok7A8Ya-R3Pw_vMseGcgb9QmOxkbyCdSNSaeGCoYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2F3seclab.com%2F&ds=l&xdt=1&iif=1&cor=18129108834150730000&adk=521587873&idt=87&cac=0&dtd=6
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
503c8931cb5a8d976b52e148531fd9d93c8111df465df51226e01e858dc82f3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20240116/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:05 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40014
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 97A2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIEQJuOiOe3UA-EUc_UMfoA&google_cver=1
43 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIEQJuOiOe3UA-EUc_UMfoA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY8rvx0wEwAQ&v=APEucNXwhLqRBOkJsgel1XP2ETh-xrt5lKlOPXT42jRxnoAs7o7jZxxyEUT3FlL2yoduQSynPg8OYyyqpAIYJLXZbNTIiSIyzZLYg-0BuPuq3R46-srKEuSCtoCqDlCp8yLdw0gG_h3gzm6_lSGOIy90wtXIeTPFkNcmbZZQXULwhmjIYcbdd0E
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:05 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PkcBXK9X1RQq666%2Bn0QxcwnQ2BYJIYPF36JSI%2F%2FlXeIGsFwjbNolv2zuRva6DvO9OuJhMrMIidkHAvNWFzhgpiFmkpgQcuSXSNgAUaivj%2FS9IWYpKMf8lVW3ohSRaDjVfp%2FvSox1ghq1Kg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
846f85e5c85e4516-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIEQJuOiOe3UA-EUc_UMfoA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 97A2
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaftzYCNVkzpUeaiHYkyzAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOAndp_XQTBq17hEtuuZCM8&google_cver=1
43 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOAndp_XQTBq17hEtuuZCM8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY8rvx0wEwAQ&v=APEucNXwhLqRBOkJsgel1XP2ETh-xrt5lKlOPXT42jRxnoAs7o7jZxxyEUT3FlL2yoduQSynPg8OYyyqpAIYJLXZbNTIiSIyzZLYg-0BuPuq3R46-srKEuSCtoCqDlCp8yLdw0gG_h3gzm6_lSGOIy90wtXIeTPFkNcmbZZQXULwhmjIYcbdd0E
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:05 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XEPxitZIX%2Fa6HtJqlNpMJki0STC7VENjDb6GShLaS9PXGgi0fCnAkEBsKXj0gn6HQ3hhoJb%2FYrxeqT4R1Rn56lnAIIcIrGXvQIEsoh22Tj%2FDjuT1UzvL5P0RqEmVveslDoTFeX3fu2S8hg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
846f85e68deb451c-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOAndp_XQTBq17hEtuuZCM8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 97A2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEAmJXALEgW7pf9RypHyBMI0&google_cver=1
43 B
1003 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEAmJXALEgW7pf9RypHyBMI0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY8rvx0wEwAQ&v=APEucNXwhLqRBOkJsgel1XP2ETh-xrt5lKlOPXT42jRxnoAs7o7jZxxyEUT3FlL2yoduQSynPg8OYyyqpAIYJLXZbNTIiSIyzZLYg-0BuPuq3R46-srKEuSCtoCqDlCp8yLdw0gG_h3gzm6_lSGOIy90wtXIeTPFkNcmbZZQXULwhmjIYcbdd0E
Protocol
H2
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:05 GMT
an-x-request-uuid
23bf2218-5df7-411d-88e2-5781da4d073b
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
80.255.7.100; 80.255.7.100; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEAmJXALEgW7pf9RypHyBMI0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 97A2
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzc4MDQ2ODgzOTQ5NDM1OTgwMg%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzc4MDQ2ODgzOTQ5NDM1OTgwMg%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsY8rvx0wEwAQ&v=APEucNXwhLqRBOkJsgel1XP2ETh-xrt5lKlOPXT42jRxnoAs7o7jZxxyEUT3FlL2yoduQSynPg8OYyyqpAIYJLXZbNTIiSIyzZLYg-0BuPuq3R46-srKEuSCtoCqDlCp8yLdw0gG_h3gzm6_lSGOIy90wtXIeTPFkNcmbZZQXULwhmjIYcbdd0E
Protocol
H2
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:05 GMT
an-x-request-uuid
ca880ca5-1864-4e25-b119-286d5f5f9f16
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzc4MDQ2ODgzOTQ5NDM1OTgwMg%3D%3D
x-proxy-origin
80.255.7.100; 80.255.7.100; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4145 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5547882057095&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4145 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5547882057095&version=m202309260101&ct=76&x=1&cor=72415186287961570
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 4145 		105 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D14lq6yh-pE0d1a9YjQUSTGnk2RSmZmx2GsM_JR8PUTQSG--YJpA7FK5pSdaj518PjDFoSqF9kn1hJHszULGZwO3Odw9v75XKn9U5wxrpp6ubNd2bOf40A1Il5A0x-8aAQyknXxxX3KnwdcA5XoO2MTnhao9CtdpGSbBxa6W5gFPhZuCKoUHy3kNds7HLIxwzuIviT&dbm_d=AKAmf-AzpfG5LDgSaRXl2UPMJJD43u51MyWwr_T8UWOwuEjSy_WJYnUk5cTTMa5tDDY0b3HIqgBbJB44PeE_LBe24IpYLMkxH4iSZsVsnOIVZmaIzlzMugSWvOLgKg0QdxdCoalJUCxi1pxkHWXdkW0w_mIiTznp14CyKhNJylPkKmTR3Gsc7VZ3Weu1Ik13Sk9LD26mK-FpdmZR7l8VADqVuO0-AiCXIA5WRDovHoPuwR-PRVbaJrH8AlVSHe53OxD1fYGDcShaxE2cv8RUevNK1c9cWMcacGiV0Wpfv8uJIqHm1tiBIVV4STSptcOxiauLz1fSvBQP8s5gr63BX6Y1lEIU0TXcm46euh9uvLv9bGgkyWP2g1T1g6Lv6DTKCwYckesmkOD_aZLk1mdxzGuF8mLNs-1-f1jBpfBbv4g_FItKecGl7JMc4I55TJzqjvL7FehsTdTOX1oYgjg_FQwOFRz-p8YpBYyi5lHuBMl04obNGUKUOEAENwduhPQRMRt2xRP3IkwXFYSz4mQVzBGUA25VNj9jDptsqSAuB9-j86VodVsl69pZuTWvW5xSURtjaG5CHCqaxZvJzDrH-5hDEeQsxcDSmenMyJhrOHatmVrpbgIJQqKP0-QXUtnXTK-9T0shdGOszPGUJB-ycK3KwFWWrumWoMRZMYKUMkPUyzOVlCAl2CCHkmPi0Lt3LynYEsZPhbJG6Mj90t9ajx2Wbmd1nA1oOppgTpNTDs4Gw2ySmm28o_3zqIB5nGoxiXVRqplip-UjqT98PdFTCLm9IQv4vyDGdCihYY2kEft6aK0RKxNMfU34jkoLWUbAnK9FfVl5jYrFPRPJtEVhTeJ9nYI1FmYuAYJMOu8kfJUcYB9Gcs0dTKoNJd0rjTRLCOGj7WvOppAxuOb_PAvHixwfZw0Xh51NjYRXrBv2ZObvvwHEAKgLjV5vquDyOaPNlyeqRNyhOB62WpEwXzqfijoBOD8mrE38AmRrk0RcLDvSRsWqV8ynSXLJXfVvWh47i-Q7Y4Sq1GUvYmYsxkne-RQNNGl0BhfvLG9FJWcIhhT-WnAUUrjFDU_xaky6ESQv-a5DaXgBsnECyVM-u6P58AMBIDZ88q3m5LkHvm81hUurokUSGED-CcjnwqBPIXOFzz6dasGS5dtwKeGld9zG-3p3xv79c67XPT_AKkNJgGxElLguM-WwweAx1VTa2k3xcpD2C9nG47ieWpNrRaeCwJhjUZivIGZJV-TSEk5AjTMooegUjz4GBdbXruMvwdcPdEKoyyg2wHeSBmAtOjYRx0WB_Ap7Y8QOedKgZ1f3fFryTfAZ47EVSpbMCxkna3uVMkQq-qxtZiLl4AD0buwZB0cAxtgeN3ZUwFFZya0a5Tsby3CTeDy6Ho4SDN4pEDaKjp0yVBtIBs8v5KCm_AR2hv28hGrG48oaZdOLQwRk_p_WDgmLqPK2Rsbdq16QIvJdqfFkliY0tW69hTw7ZNw7LhPp3QpUKXxt4qlLy621IrfiMaAlvH8bzU3TXPtD_TMKIfNQmTTEf1cctSuqk03P9rFBVTEeC8Xf69p0bWIozRI_MDZ_SZx6P38-NYh9ujtnK5d3RHM7g_w07E9DjyrhhoXHHGscVnVpAh9WL2VXsk7K6O6nxe4dDnHIyEDB-B-LiPn5rVvCPKQJmj0YMUYBGFswHYNsiW8Tx2tJ-v4TJhv52ycKkq1zTLy_q0m_7eaW2M6bduK0GfnGo-0y1x-q9nYNEF89o50LxKMdtYFcA0OE6VeHd0kSrTO3IdtfK0vIiy57nMo0utIaEYnP5pvAk50-d4l0qFw3ahFnrHz0nQOCS6L_n6tIJOAh93cddiSGjzFaE7nBg5D-qGUc6xF31QEJcvjfG_L6LzzMfukKmMmfeR4fDJWgqa4-TLW4UIuPivrVLu1Ft4wOQpa1M3M2lP4UqO7esnJvWk7J6Q1n8z1R9fTAUIvCibhFJCYpMtLUNMYRuXre1GmoH_grbYXoSoVNUf4bkIklh8Hy6YAJptXY6Pu1YLpPTtrOnzezGNuaLP-ixq7bG-sGLXb5BOlNuP3TSRg4Epobq5-Fi7bh2_IY-EdvYcPQtkeYrgjLfzvgcP4LLno6NSz4CsJlPa0Mh6lpu999vnsIHsYxDTETQTdzLVHr7TtHsIWFVu_WUgddxd2RNdhBQUQumRBBViz2z9G7NJvz_TC4_ALrelMg7ZIM-nQAf8SwvFbzl3uuXJzxxdz5QMHTKDpWQZUcK9RMaCJvVEBuEd8QRPgr_16Po7DvMU81xKtILf9DkgBHVpSVtDfOtpBfxOebn4zdOmmhjq0ok7q_HD48Vpsd4oBGCSZLUL6kOJp6niclrFogTPy3oDFGYXy-OGdF4NHsT62J8sMb66EOf505zNm0SStUu_cHWEcxxP45i-msuhfvrgPl5bvupMSKxEWkGWtX812jiMymgI8_J646DDpTgHRKUR04KmfIPchlAFD2Z6rqn2Zdy0JOzWdaze3yDX24n5u_Heg9uvNM61uReK5uhLPufUFRporAl-ytimERwQmIFsBoN206eOXNmYkgs91mqmTW3wagDdEjv6KH3TbSmWFSA73XJTnTFbnvj6_MwxshJUWHOfQWYqnzBsoxoYYMUoec91WvuYl-tdxiCxJpcifFtOryolsALj3tlxBWQRqDOSUyQ6tFF2vSM1fOTA4wAROCTPGGLkTVz_W01obFYVOLwhMaDZlLLb_RNGtFz13_9qlnqpAWomAHVq0J568UUYeHi4vcV1DYq-uI4-vls4VzLap5zDItJSMECGnKyfNAJh4N4DCwQi-Sp-S2X51zxdikgy7BOghlnhB74fGVWKbyjHsNy0Fk9EM5F9H512rQCHbDdUR0EB1w6J1zoS-rz3eFxLalVgw4FrnLbW7Kw4OjD_gZkLUfN3TSAWqbi-UMn1a8qf4VfSN6I0RoVG4yxeFQngRW_9GH96wHNWZHnYdj3VelGL4dInYJbXwU2hjoPoHAAtjXf3F2-Nfz9nFd30SakTmj5WOFelDWe8tJFXenNUscD6-EjogEsaJ3eSnpRjTMUy0r4wN-IaDItYYkT0MX8yPc9MxlFT7jDCoZKn3XWuC-d0jR9IcT5o_P5aW53gQmq7Z1EGKPe8trpS8PoIcueY37vHxnWwRibGmkjuP-dZ-OT-kW_ToFPb4fglF9yBojf6t5tE2Fe0xuCqalnc30Iq3Px8OChmv3l7Z2YTyC5Db4VmRiZl87WG9DG6FDlUfOo4K2SiaIio4hwIE0j5Ed4SMQEAdFPT__OtjqewLhRUr7D324dAIxQ-gfg80qnkZzmMnFHOC4CgBfBnt9QUJrwjyucKC4YqwhVFLc-VflIxAGg7yfuk4J6mq-SIJY7aeygtq7jD5cLYqw0Vz_Ni5aO2dPLDyEZMrdzfNR9ytExMaHDFevVk4NDLuX6aA2jR2VgDYbwvMIFbf9UesMzjyZUtbwImlPED3AbePr-le1s_c1ZWNLDf_EYnpfju_vlTuamruhxN9yxGkyTa5vuFGE1tC_DHpr9dova1JgKcGNEfW1TXcRcLk3jgadKJX_7JJs61AuIg5cLmzYcXMiXMhl_SyBKl2cj44QC-HaBYxZ7_Fa1AO5mXUnUdE&cid=CAQSTwAvHhf_V3BaC8O8IHgqvaFtbIFehzB_dnJDb-RiyLsNRmLY1-Ca5oj_1p2nQS5xXyNXok7A8Ya-R3Pw_vMseGcgb9QmOxkbyCdSNSaeGCoYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2F3seclab.com%2F&ds=l&xdt=1&iif=1&cor=72415186287961570&adk=1877897942&idt=119&cac=0&dtd=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eff7ff2359783849ffbde9a53c7243fb15a82e7aca5c9f9ceeb8f48b2adf1e6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20240116/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:05 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40111
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C551 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7999179386363&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C551 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7999179386363&version=m202309260101&ct=76&x=1&cor=13293513632237795000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame C551 		101 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AxVTwUddf_h6CCgk5Vr_Fk_ox8Igoyl14Z2QhRQSbvjmFQ6Kx4zJc663Zx84PCr_Wpy8P09uN_aQDlkD87AmhI2Dlg16b1czXpxquAowyE2WHmLOtbHZ7w9KZ1qQVEBlC2wc00Gtt3EcmZ03oN1ALKCOjVLCIf-KjbcQG-QdknOg_1T4mGymeGLsGe5Aq9Kgwztu9g&dbm_d=AKAmf-D20kE5Adl0IyoIHVG99vR9QoCBK03nZ6j8OyyJwDB0aVW4MWPaWXRauBLWr_ZnkKvrLRE7dVCWPuhqsyfgwliMJnv0WrturqAPIl5P964P3xnPE7HR3N0KzENqDgCPZE0nEcg5-6lRvZfxAJVoTvJUB8XNA-JaUU1o4m2xE11JHp0dTU_HDTen3vLB-y0xX7OqCAla4Lcw-vd-pfniYL5TMM8hn2g4Az_Rnl01Zrp0Ihm5KysDKrkfd1iD4ncLbP6TC67OTLRXyMwi3VpmsNwaz4OA-TCwoz3se44HUJe_HF7htszORNSRERVPxdyzBysqMXheV27gotd2iF4Wit-6hE9WtCTBGMle2bJETAuqE-WPS-Csv8wk6Oq2MohsQY4wvnfsTlTpitAB6LVwdyrx3aenjZtRYYUfITKtk6hphhTkVn4fqyFKALXZit9XjMIbpG90W3OFMLMCrLBwyNa8enteI_k7sMKAZLshpprzixp9wP8qsKVMfLJIZjZw6Xi7UBPOhwnn8mp9UFvsIqdTYVubY5bt7Rl2i3ZP4mwHteZYZC7ofezcfMLSTTNwLz_bJxmmN_9lgICziSaLpAYodp4WTcs4rbmj7VMBxyfbQEiPsMTB9gtfoXHwvJVieeaxFhcIgyko-wvpznkUORH4j-LzjZFpquIT7yo84o8tjW-1Tx-U0yzouaegPF3RqD68aLeaoAMF94ujLHjgCTH4K0-HcGpr7Edki5VhNp8xM0py_tY2MMo3QbutJIDG-G7jqxTUKwDlPkRYA-jCVrVjUdaguUrvQ1AafV-lq-Kh28OVC0zEAYltfoiHkR-mmvQICFklfQbfzFAs6SxHkdpp6X600lchTSF7Me6ppysQLr1Ez0DDYIfD-9OKxdPOYkNgZKUK3ALlYLZvqaUckU3T7a59yiMUFif6JVCN-7RbVfN1W5pU1cqQZK9RPHGbkqubYeKCYpL_o9vp-AyH2ccLSnFe_pxEjj_Uq5CBwJfnNAwLeAVP7SP7_GXkXywu4DcquuuhgMJvZShq6yAteX6k9ti4d4u_x582AzBAizTzMa52D6_8hKe0jw1l4HSreA9qNJ8xAVDOKAUH0jRJ_C4NGyuzrrnKKLIy4z2S_fimmv7fREtPcdfnfvJiRVNpqXutVxiwlQRld0tOXqzprbvKaE9Efp-UEMusbKk0B9ibXjlKt9fgO7rhLTErwAbiJJgmVdCwM2jMtQ150fo1-WnnI-27D8n0TKNpjpg45PsnwQo6fQIsdAVXCk2Loxm96iYag3mqD9oN0SWKFX7s2Rv-TEJZve7QX5XgMUwQSUOk5gRc_szNXCJtc6mwcKumyBC7ANlTDFi5LpNzZVt7YVOC0-faOlU8_EaMt4vVc8CBhHOXLi2yVBqxOY64H0Hucf66oq-4OyI50cusFpuawcCSt2h_DdsheXtHXHyQsYuWEnrNun0F-sRYy1ZiY2uPDFc6ahKQmlL1bQ7Pc67FpgrUI6W7mLpFgaflH23w_3jcKUnhgmGOncrb4lmYIKwZktG3gFK-Cul4sjVG-1F9V3hvsV_SgD8jsfA61Ly3yYsBA2OtFZMUUfxkQk348X0EjVejAcuibFkTOXptwXilhwVO78wHL_lD4P1bAOCE4NnDdFp0RFDqvM1YmNEVwsy9F6Q_91-PSnp7d0KldUgra106hJcTI9td8ERUiz9Lw7QPckLL_bJaRVpSAxV7Ls9usYkpwkE0Vvj3S6ZxN1uRSbm5T9ajvBc9TOQUQzkun6sZ_T0huQH6T6JZyPiTU9xvV4Tw5U0lcXFdA2JWth9caUB_azNgtB2LEBHyEOho0YuQstKZtfiGeKqt8eT-ACGU296kf1YjTVptJ1HDWEmJ7MqTJOsqwFJl0NK76lsLILY_9Q8G-zSEPZfjrq8ipQd-SuI89lRK7MjilozySnFIOb5sdOFx5jClfr5-mJxmLHwNjYVGq9heca4aQ3-7lPbmLtpGdgcAIJkY7MnUITHjKMMo0qeRnOqZ4nufRJ9gHKSKFls0tu6QjGfsMNrEMt2KB9QBHuQWyY_J1jxnKi0Ki6RAVmemy47MgL3vFGo4hoZcTo3-_8mD3nxAMsu_o3z71NC2__-POEOCvRpqUfVjFCiGblIBbK2sh7a44a2_rsuKw7muGW7fO0LPK4ZBN8E-rrhGJcmaJSeiugsrLA_aaBmmT3IA_jS9ElT6tz1EBggBCWrJtLMcixhxSxHmn9c2XG9p1D9Yehxx28PRfToIiovHOVx1dskAmxj_9ENK0-VO1iwX70INvoqk4Cb89vASDph2f--2iFqepWPQiUlrjjFzwsTddmg-Mm9enGOH0-8BMA1homKXmgXhyE0v8PRUTNmew-7QGvgayoTTH6NCXQuLUC7-jQCXjxaUxPeNPv3yLJZgP0X7oXgx35-HFhzAjfiKJRrvumA_tbj9yaOe2yMb8rQog7p6Y0rbaHv-hXHCKvNLqElnFZt9UM1dZU5EewhmQPWJZVtFRucC-CRoc6kRLP2g_ve_YZfnmfhUq8vlLSavPHlGH43yLoNyBRMfmpoM8Rl0BIAoJ7bdMCxbAdA9k9UA0ChcctndS7UXcFaJXxUE5sk5OpiyDIPPZVcFsQGX-L7sojZYTes6VhCklXqhaUZRJOP1ifZPUxiMRlYIF6csMQSE1qafl03GWjp_L9gmoifMh8Zf0aoULd9aMi558k0sczUkiC1X02AC-2pXJuBeyZWGmlzD1KI8uCFdywEjPv82ZycbzkUkA1k8YwROE7iMRT3aAUGfwnoohM4BIVrtnHLrH1Mmwgqg_xsugCfkyBta8xvVRZynSXKp4DkPcMO1WrE_yqlNIjOWmehuNpfeVhNyYrYq7vP7sGwv5tNdVKdolNRorVdwXmo-tUAb49UrBzl3EGLNirEFiocnP285EW9GO6ak0ntez8awx8Gu_DasWLLQCZij0mV4cLmjE5UfEofvixtvcnSbiQl6-aBteeax2uJkKlawQUlj0eFUyBq64HnPTnpNyXOo9Rxbnd9KOAoV1SRhkSfaadg1Nq0puPJ279b4LtWHNaV9eSsRqAlE4QA-NyfDz7ooL-Koc-BRbgKBN5DpcBBu5jYYLtK4uL5xgOMCFQgg2cekuL7lW5XPE-RRK2f3qWlpSSKzTBemX3XDZsW1RrrpzW4jDCg64CcGBcjN2XbIwQ1L2d8tsGowAcTRLMJ8iYrTypPR-a25O5iDEKiGvykNSW1ewzLmmBv5u1AUOT9rI4qs7S5akhm1aXS5YiGkp87T7cAE7vjicoc1wXqhPClOLgXU8jLk6KR8-dSiHAEEaUSXYZHgDMPcfbtBRJfLnlYYRfthbgiLYj4uew_QDK1YTxKOu-0ap686e-K96uFXhbYAnAP97KATp1ygKHCr_AJ-vGOn9Qy82BdcFOjmwgVHPcHc0R33su1xQVa3JUk-IYjSZTV8C4vwNoyyPNLBxu9RYM30jHNHOcF8Idi0IeZxix5y8h0oIWDeQS5eG_2Lb06_gwi-TbgsmMhVrXEaiu1Z-0O_PdKvK9RDAQOq7JQnNlcasVj6wLY4GorCGiUPEiDzNSW65NWmGxSFaQfXTajNle_23ZbNtkzeqpeJypwnYCVsx6y8cpaKyO5TMLAOxUZfjJ__vGqQ&cid=CAQSTwAvHhf_V3BaC8O8IHgqvaFtbIFehzB_dnJDb-RiyLsNRmLY1-Ca5oj_1p2nQS5xXyNXok7A8Ya-R3Pw_vMseGcgb9QmOxkbyCdSNSaeGCoYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2F3seclab.com%2F&ds=l&xdt=1&iif=1&cor=13293513632237795000&adk=929882888&idt=140&cac=0&dtd=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ae0ae6525aa03acf684cc54443f6bb25006f81e2bb9b45c2b06e6b4d05ad24af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20240116/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:05 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40442
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 5ACE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOAndp_XQTBq17hEtuuZCM8&google_cver=1
43 B
770 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOAndp_XQTBq17hEtuuZCM8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYx7n5xgEwAQ&v=APEucNXLA_RXSJldRjqUgGP0z4hXZ6CwbhGVSMUhCSu2xPfWDb3lQyEBaqSpVkVtvsE6Vw_MJ_7iHVWb5pVtzMMWyU0jmHPeeF12g7RF_kpWotq9ddhveRS6gz0v_9a1vrlFiViCX8KtwLM7gmaIm7mDJg3nNtnsbWpcLu2HTPBje9uJ7ny3wN8
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:05 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rQ2Q5dXd2B1bCRvXJ4wUZTXvueWxUlcg6RhD33sAgjmJQJ3KHIlehfGR8%2BKvum9YUVMWxjYxyfv%2FlmNxCK8l2TIYe85M7PwkNzazCdz4uvLm9XFiHPVSvVCsWL%2FhkuSRzSrHKGSIkUVtWg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
846f85e62d19451c-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOAndp_XQTBq17hEtuuZCM8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 5ACE
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaftzbSKeWwN67RCUif7OQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOAndp_XQTBq17hEtuuZCM8&google_cver=1
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOAndp_XQTBq17hEtuuZCM8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYx7n5xgEwAQ&v=APEucNXLA_RXSJldRjqUgGP0z4hXZ6CwbhGVSMUhCSu2xPfWDb3lQyEBaqSpVkVtvsE6Vw_MJ_7iHVWb5pVtzMMWyU0jmHPeeF12g7RF_kpWotq9ddhveRS6gz0v_9a1vrlFiViCX8KtwLM7gmaIm7mDJg3nNtnsbWpcLu2HTPBje9uJ7ny3wN8
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:05 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sb64weDjVKad9zHnZkvMyfjyyDfRmLIRA2tA50gfKob6o3x2zvC%2Bew%2BC6oFIz0ceTujVHyt9rfSyqVg0vMAjS%2B%2BcGCjPu0V17FpZ4FCz9FScVif45KzyFm4J6FAbGRTafon4wOHGarkOgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
846f85e6ef06451c-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOAndp_XQTBq17hEtuuZCM8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 5ACE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKU0nSojlmvpSKGlHeBKN7I&google_cver=1
43 B
1005 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEKU0nSojlmvpSKGlHeBKN7I&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYx7n5xgEwAQ&v=APEucNXLA_RXSJldRjqUgGP0z4hXZ6CwbhGVSMUhCSu2xPfWDb3lQyEBaqSpVkVtvsE6Vw_MJ_7iHVWb5pVtzMMWyU0jmHPeeF12g7RF_kpWotq9ddhveRS6gz0v_9a1vrlFiViCX8KtwLM7gmaIm7mDJg3nNtnsbWpcLu2HTPBje9uJ7ny3wN8
Protocol
H2
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:05 GMT
an-x-request-uuid
cb10d3bf-c121-4c13-9fd3-50de9c83bfca
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
80.255.7.100; 80.255.7.100; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEKU0nSojlmvpSKGlHeBKN7I&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5ACE
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzc4MDQ2ODgzOTQ5NDM1OTgwMg%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzc4MDQ2ODgzOTQ5NDM1OTgwMg%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYx7n5xgEwAQ&v=APEucNXLA_RXSJldRjqUgGP0z4hXZ6CwbhGVSMUhCSu2xPfWDb3lQyEBaqSpVkVtvsE6Vw_MJ_7iHVWb5pVtzMMWyU0jmHPeeF12g7RF_kpWotq9ddhveRS6gz0v_9a1vrlFiViCX8KtwLM7gmaIm7mDJg3nNtnsbWpcLu2HTPBje9uJ7ny3wN8
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:05 GMT
an-x-request-uuid
3643957a-4510-4a0f-b28d-48ee898a9c75
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzc4MDQ2ODgzOTQ5NDM1OTgwMg%3D%3D
x-proxy-origin
80.255.7.100; 80.255.7.100; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame F18A 		172 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 23:49:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55261
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 17 Jan 2024 23:49:04 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20240116/r20110914/elements/html/ Frame F18A 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240116/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B1098E40vrGlyQyIE1GHlzkZTKbILy7PdfZQK_vsp-UxaqmTfGdy-6NmyLrSmx2lr6RMP1VYFAgdeTDIp8AbZ7ywhOT2YjJ6PPwZygSx6EcWJU5prG5BI9dKTwFy4FvcBPkfkIrpmMOh1G-ythg858VnOhRazXqACDE6jA0DbPLM8_P30jmAjkH8a0pNEQ2MGWFugm&dbm_d=AKAmf-BOovDSz8lewjxTZbZhmpg_K9r-fvjBxPkE1AzkSKNMqbu7kLOXNPBMXINi2-KkejBsdBanjSD6m9b2cODbuhqjfQNSIFRGWyFtWuKEU9xpS7MMtnCM59jZb4FXk3zHjy140DJ_hM5Go5M9jCfaBRt0QX91AKJBqaW0h97-1CSDJoEU8J5WQmpeUVucPy2aEDas6Q5YSZ5CL42b4EyXyT9nZjFvNckj7Uro4y92CMHxOT26gSrQWEXur2nv9ABGvOTEKg2Y1kZBK9ZDCuo2QAGA1Ie46mEa5tDlyOBkJPUNidwwgCItkA7Q_ZaHWE8b7KTIfphD9_KUgJ5gWQQNE0fFkkG8MjSl2G3iPsmA77_8Y6xWU-a9Rg_wjSpbQsbVtUT9YNoSK8NGax7yv1HhVA-GdapgBNfEsccqnitQD77W4Poh43CeeITKNMqhPYUyCc54zyOMYoKaTGjtffdACr8VR-JCB1ZMg1JEKchCSVoad4oKQYah4mqMCsyzKiCDU_YwWh033bg4Js8jP8gmdrgpEt-LMdlkbacS_cpURHAyMSc2oqMQZSMnJ6XFUo15k488gK2GSUf_hHXFk68ReRVHQd0kdsTf9V2sPSpmDkBSavcSZ4T-7Pg4kjO4fc4OmgFBf-hlYDAlYNqwjeoxzMp_nkpsSD8PAanSkbLFlcKKbfAq-dOTAaFShggmIqEE_Aj8kbHUDRz4lP1XkUDwTgKIlZQyMWLCvR19a2O--K6bEgAZ8qkVJyXRMannrbzCwHU3sbhUlonF8iglAJaTdgJfefbUwq9mbfWyAEDISo8ghfVas2HTlqtA2jep21UEde9v37IkShOQkjNBGrObf4A5DlZAgWSJrOUVwaRb7ABrJqHEfEk2mOpsUvJ0WRLWRxbSWhWHxEazYMwnipuk8mgHd2VtGKA3h_iNzL-fshOvILUVQ2JrxbXCYC2aI38Ee6jnZhtqHYxo-Lw3OVMkQI0Kkc1L3Io0t_UvOXUeXvYja4Tf25ihJrZN99cX_whPPf-6rbtvL31dM5u3VBbtO2Eao-lFZO2Nn_jH9XAQXCIEcddNxHLd-CsFoOPtIp4uEsIwtHpdMb3tZKZ-pJX8wYnv2D1Yk0jsjZccDe50A5BknbGCXEpDlC59xVddpE4On4I862GM4meOFqQxlDboR_iwr4S1GYxR3B07Fbo0htRI564QeHVtTRCX6Fefdf4ATDihfFKDj4wtQAO4stqCUVLqR2SV9a4v22j-oqlUUz2hz1x3YhJ8MtcmjgWfV4NXLda9OGRBi-Mb-gagIJhceChL_VWtnfDO5RRzIwOk7gf56rCwXuNPHQU4WoO5ALnKV9XsxOgXITcMHA9WTJVS-A3jX8TUUGTb51DKfGsRxlsmKCstGsAajsd6cF4anXr4wwrz1XEYYFVOP3LqWZzbhcaNErgR_jgBq2UyoiP1j04rrTTfXnfN5dgDxIBgj8d_FRglJuVeEk5LqeVbLN1clYIqsmeenq0Lqle7NFwUI8sTskcOKs1S85-Q7rWrLwWl3eYddf5Kuv1CwLUEUPcqCb3lz_fWLIaFWOX90iBh3VP-C8UdO2s8I1gAesWXPOGPRkf0S9znCYGiqc-1aYgFN_KLyVxVgzr-pnHcolT93pMr9G7hsWBt_USXzybeg-BUjq66bs6UkqCX3X5BOBTE3cWIcSmn_9YcOQ8L1A-RidNdQzQ9LD-3Ev9i2UW8qW8tB2PbZiT9LYy84J0ReQzoYBPw1KYjzZ9exXAWZYTiiywJ_2lUL2aPl9wLpmqezt0djQ-g-8fQhSunTT4PPSSPDFVT66qOk4mUZVnNvxnXD7-9_x9Fc5q0nyIXgZBwTyOIqMxiuaEwo-8XZX0YHKNDxBANTYuE_6rM02tLZf8p_Lre-9t5TCvpUxajf8F9odQ4VT7DUtuzsViOzyOkrxlrBJ58Aoq2aSzI3MMiojOSOg4te_w_zMuXoK2AQek2sLoaV4_4wtQjsYx5oWXju9bkxsFmOP8qIhrlTvLrVbASMNnJ4Ituw6YqFWVdPV_pfn1WnW2Q9rFWsst7CwXXRRLVPp8QB-oN6v1xKkiINfnNm1Weop2Q6KmEwn8rpi3oMPuYrEvrqSyY6teGv74K9XClq505HipBLahBkPKk0DgsEIXGev9TVhMsLpeXDMawQcPKKNs9gZkdAV3gTki4eUT_hzN9YuOy-9OkzNq68ms9pP7jqBqn0WgMJ2KtJhccKhBSF7nNE3RInOGoAQo3a7RWUxkJNsKZEUdfk6QfIufXszgKFwupMW6qghFkIztlijqrQ2gvfA4SSsP_CCew_A7NnWR2DPmZKQ4wioMOikutPZVEY0FIb2Cdzrl97C7_McQr-hGukI8skBnSvegHhBobojTP3S21OJ-VkG0jxc0VF5ZCJCbTovs260eenpKyUe10ZGDlitYYhvZWW0HoAqzgDvmTHOabvoFk5suXA6bkp9z_I-6jEyiHjBvtwJLIki24dvAjDsthidRUhT5ImufEWaWVw72kyad1SkATeoA3zYy7cwdcWf2PJHxyd11nTvYTTzE4wB6DoUW1IUPetwTgJ7JqrU1D4WUWENcujQHK8qPL6p46yo2YVHVMVj6JSOcIdBlsNnwest50JIHh0-ZK6AcsqjndY3V8ocwsBXZVDuznWhKBHCKrlecV3WsMyW3s9V-JcclBHhXP6oMVyKam3sSCxbWEYuz51djO0Dnix9nRivGFVaUiDJD0IvkdpY4MBTPKOGF6fsA-3AEtdHGgwUTUn77Bbz06c2iEQ8MdbrudUGtAeh7K4sPSwD8zd1RX4YoQ1XHTClcsfNmVfJBOY05osMD715lZOa75OFZ6wSh3Ap_faNKtLA7BtdmWJ_TZSioDgGWa9WT2eY1Ncv5akCB6gTR0ugz6VI9hqKRaX_JihBUVCnofcmX4_l4vjvn94Jdfdzi1b30ApRStlQdKRWjYz28nV7bYODNyZWkbJVd1V88TR5gnHmErShUWo6LB-BZZlEQQokjGWwnFO85gFvZzWlqv2bNva4Pwlq0_5-8fSOJWcagMIpLGcZ4gve_dV-52_-fKQQJ7hHbIpDUngVSCszvl-8KoUYMl4DFeej1FpDDdfuJWLflsdt0hvzVf4cjyyenWD36kb_7uUl0JiJczs3DggerrxnQkYTUh0x5Q7tKTBhBA5oKZBx7TiobaV_tfpGgmBzQiTUC3kqiTc9KS7mKUYr-suw8g_583LwObSoFUogwqVyhqhbPfkjgsQSQ14zleLuxQUDjP1hptlXfkxef-XFz78NoCqPBaAZzgqaLv_wbgDikDshuakMyMt2j7GjJBk1OhprF2FUWsVQ27_yysoNXhHpLt9caP1GlINt3_cpmHlZ5rR75a14pz2cOHID2vT-0Mg4jzAajhySlVeduzJeRcXBz5W-tHt0Xzi6hRvQPWixu-N6Pc3ToDC5KpmDYxNPcmMPdRC3kk3uzDE4PpJUjT2fHX8Gp5oDFM7mNAi2kcZ5d40YgP9Hys7fFrLWdX1pdIZxT2HEcvu16FVZZ1iZSNg0F2duRTxK_dnWY7Jdt2V5YXfWNiu9AN044FW9EkF--ba1HVmxWz0VzXGLCwZMzqdQnPzaEVpF5D604M-x6pRi2U0wSpfDRrtQIAZXyY&cid=CAQSTwAvHhf_V3BaC8O8IHgqvaFtbIFehzB_dnJDb-RiyLsNRmLY1-Ca5oj_1p2nQS5xXyNXok7A8Ya-R3Pw_vMseGcgb9QmOxkbyCdSNSaeGCoYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2F3seclab.com%2F&ds=l&xdt=1&iif=1&cor=18129108834150730000&adk=521587873&idt=87&cac=0&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 02:12:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
46657
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4383
x-xss-protection
0
server
cafe
etag
1583492410672046836
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 31 Jan 2024 02:12:28 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20240116/r20110914/ Frame F18A 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240116/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B1098E40vrGlyQyIE1GHlzkZTKbILy7PdfZQK_vsp-UxaqmTfGdy-6NmyLrSmx2lr6RMP1VYFAgdeTDIp8AbZ7ywhOT2YjJ6PPwZygSx6EcWJU5prG5BI9dKTwFy4FvcBPkfkIrpmMOh1G-ythg858VnOhRazXqACDE6jA0DbPLM8_P30jmAjkH8a0pNEQ2MGWFugm&dbm_d=AKAmf-BOovDSz8lewjxTZbZhmpg_K9r-fvjBxPkE1AzkSKNMqbu7kLOXNPBMXINi2-KkejBsdBanjSD6m9b2cODbuhqjfQNSIFRGWyFtWuKEU9xpS7MMtnCM59jZb4FXk3zHjy140DJ_hM5Go5M9jCfaBRt0QX91AKJBqaW0h97-1CSDJoEU8J5WQmpeUVucPy2aEDas6Q5YSZ5CL42b4EyXyT9nZjFvNckj7Uro4y92CMHxOT26gSrQWEXur2nv9ABGvOTEKg2Y1kZBK9ZDCuo2QAGA1Ie46mEa5tDlyOBkJPUNidwwgCItkA7Q_ZaHWE8b7KTIfphD9_KUgJ5gWQQNE0fFkkG8MjSl2G3iPsmA77_8Y6xWU-a9Rg_wjSpbQsbVtUT9YNoSK8NGax7yv1HhVA-GdapgBNfEsccqnitQD77W4Poh43CeeITKNMqhPYUyCc54zyOMYoKaTGjtffdACr8VR-JCB1ZMg1JEKchCSVoad4oKQYah4mqMCsyzKiCDU_YwWh033bg4Js8jP8gmdrgpEt-LMdlkbacS_cpURHAyMSc2oqMQZSMnJ6XFUo15k488gK2GSUf_hHXFk68ReRVHQd0kdsTf9V2sPSpmDkBSavcSZ4T-7Pg4kjO4fc4OmgFBf-hlYDAlYNqwjeoxzMp_nkpsSD8PAanSkbLFlcKKbfAq-dOTAaFShggmIqEE_Aj8kbHUDRz4lP1XkUDwTgKIlZQyMWLCvR19a2O--K6bEgAZ8qkVJyXRMannrbzCwHU3sbhUlonF8iglAJaTdgJfefbUwq9mbfWyAEDISo8ghfVas2HTlqtA2jep21UEde9v37IkShOQkjNBGrObf4A5DlZAgWSJrOUVwaRb7ABrJqHEfEk2mOpsUvJ0WRLWRxbSWhWHxEazYMwnipuk8mgHd2VtGKA3h_iNzL-fshOvILUVQ2JrxbXCYC2aI38Ee6jnZhtqHYxo-Lw3OVMkQI0Kkc1L3Io0t_UvOXUeXvYja4Tf25ihJrZN99cX_whPPf-6rbtvL31dM5u3VBbtO2Eao-lFZO2Nn_jH9XAQXCIEcddNxHLd-CsFoOPtIp4uEsIwtHpdMb3tZKZ-pJX8wYnv2D1Yk0jsjZccDe50A5BknbGCXEpDlC59xVddpE4On4I862GM4meOFqQxlDboR_iwr4S1GYxR3B07Fbo0htRI564QeHVtTRCX6Fefdf4ATDihfFKDj4wtQAO4stqCUVLqR2SV9a4v22j-oqlUUz2hz1x3YhJ8MtcmjgWfV4NXLda9OGRBi-Mb-gagIJhceChL_VWtnfDO5RRzIwOk7gf56rCwXuNPHQU4WoO5ALnKV9XsxOgXITcMHA9WTJVS-A3jX8TUUGTb51DKfGsRxlsmKCstGsAajsd6cF4anXr4wwrz1XEYYFVOP3LqWZzbhcaNErgR_jgBq2UyoiP1j04rrTTfXnfN5dgDxIBgj8d_FRglJuVeEk5LqeVbLN1clYIqsmeenq0Lqle7NFwUI8sTskcOKs1S85-Q7rWrLwWl3eYddf5Kuv1CwLUEUPcqCb3lz_fWLIaFWOX90iBh3VP-C8UdO2s8I1gAesWXPOGPRkf0S9znCYGiqc-1aYgFN_KLyVxVgzr-pnHcolT93pMr9G7hsWBt_USXzybeg-BUjq66bs6UkqCX3X5BOBTE3cWIcSmn_9YcOQ8L1A-RidNdQzQ9LD-3Ev9i2UW8qW8tB2PbZiT9LYy84J0ReQzoYBPw1KYjzZ9exXAWZYTiiywJ_2lUL2aPl9wLpmqezt0djQ-g-8fQhSunTT4PPSSPDFVT66qOk4mUZVnNvxnXD7-9_x9Fc5q0nyIXgZBwTyOIqMxiuaEwo-8XZX0YHKNDxBANTYuE_6rM02tLZf8p_Lre-9t5TCvpUxajf8F9odQ4VT7DUtuzsViOzyOkrxlrBJ58Aoq2aSzI3MMiojOSOg4te_w_zMuXoK2AQek2sLoaV4_4wtQjsYx5oWXju9bkxsFmOP8qIhrlTvLrVbASMNnJ4Ituw6YqFWVdPV_pfn1WnW2Q9rFWsst7CwXXRRLVPp8QB-oN6v1xKkiINfnNm1Weop2Q6KmEwn8rpi3oMPuYrEvrqSyY6teGv74K9XClq505HipBLahBkPKk0DgsEIXGev9TVhMsLpeXDMawQcPKKNs9gZkdAV3gTki4eUT_hzN9YuOy-9OkzNq68ms9pP7jqBqn0WgMJ2KtJhccKhBSF7nNE3RInOGoAQo3a7RWUxkJNsKZEUdfk6QfIufXszgKFwupMW6qghFkIztlijqrQ2gvfA4SSsP_CCew_A7NnWR2DPmZKQ4wioMOikutPZVEY0FIb2Cdzrl97C7_McQr-hGukI8skBnSvegHhBobojTP3S21OJ-VkG0jxc0VF5ZCJCbTovs260eenpKyUe10ZGDlitYYhvZWW0HoAqzgDvmTHOabvoFk5suXA6bkp9z_I-6jEyiHjBvtwJLIki24dvAjDsthidRUhT5ImufEWaWVw72kyad1SkATeoA3zYy7cwdcWf2PJHxyd11nTvYTTzE4wB6DoUW1IUPetwTgJ7JqrU1D4WUWENcujQHK8qPL6p46yo2YVHVMVj6JSOcIdBlsNnwest50JIHh0-ZK6AcsqjndY3V8ocwsBXZVDuznWhKBHCKrlecV3WsMyW3s9V-JcclBHhXP6oMVyKam3sSCxbWEYuz51djO0Dnix9nRivGFVaUiDJD0IvkdpY4MBTPKOGF6fsA-3AEtdHGgwUTUn77Bbz06c2iEQ8MdbrudUGtAeh7K4sPSwD8zd1RX4YoQ1XHTClcsfNmVfJBOY05osMD715lZOa75OFZ6wSh3Ap_faNKtLA7BtdmWJ_TZSioDgGWa9WT2eY1Ncv5akCB6gTR0ugz6VI9hqKRaX_JihBUVCnofcmX4_l4vjvn94Jdfdzi1b30ApRStlQdKRWjYz28nV7bYODNyZWkbJVd1V88TR5gnHmErShUWo6LB-BZZlEQQokjGWwnFO85gFvZzWlqv2bNva4Pwlq0_5-8fSOJWcagMIpLGcZ4gve_dV-52_-fKQQJ7hHbIpDUngVSCszvl-8KoUYMl4DFeej1FpDDdfuJWLflsdt0hvzVf4cjyyenWD36kb_7uUl0JiJczs3DggerrxnQkYTUh0x5Q7tKTBhBA5oKZBx7TiobaV_tfpGgmBzQiTUC3kqiTc9KS7mKUYr-suw8g_583LwObSoFUogwqVyhqhbPfkjgsQSQ14zleLuxQUDjP1hptlXfkxef-XFz78NoCqPBaAZzgqaLv_wbgDikDshuakMyMt2j7GjJBk1OhprF2FUWsVQ27_yysoNXhHpLt9caP1GlINt3_cpmHlZ5rR75a14pz2cOHID2vT-0Mg4jzAajhySlVeduzJeRcXBz5W-tHt0Xzi6hRvQPWixu-N6Pc3ToDC5KpmDYxNPcmMPdRC3kk3uzDE4PpJUjT2fHX8Gp5oDFM7mNAi2kcZ5d40YgP9Hys7fFrLWdX1pdIZxT2HEcvu16FVZZ1iZSNg0F2duRTxK_dnWY7Jdt2V5YXfWNiu9AN044FW9EkF--ba1HVmxWz0VzXGLCwZMzqdQnPzaEVpF5D604M-x6pRi2U0wSpfDRrtQIAZXyY&cid=CAQSTwAvHhf_V3BaC8O8IHgqvaFtbIFehzB_dnJDb-RiyLsNRmLY1-Ca5oj_1p2nQS5xXyNXok7A8Ya-R3Pw_vMseGcgb9QmOxkbyCdSNSaeGCoYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2F3seclab.com%2F&ds=l&xdt=1&iif=1&cor=18129108834150730000&adk=521587873&idt=87&cac=0&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:08:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
124
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11885
x-xss-protection
0
server
cafe
etag
16863283086342074828
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 31 Jan 2024 15:08:01 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame F18A 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 02:28:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
45712
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Jan 2025 02:28:13 GMT
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 4145 		172 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 23:49:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55261
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 17 Jan 2024 23:49:04 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20240116/r20110914/elements/html/ Frame 4145 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240116/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D14lq6yh-pE0d1a9YjQUSTGnk2RSmZmx2GsM_JR8PUTQSG--YJpA7FK5pSdaj518PjDFoSqF9kn1hJHszULGZwO3Odw9v75XKn9U5wxrpp6ubNd2bOf40A1Il5A0x-8aAQyknXxxX3KnwdcA5XoO2MTnhao9CtdpGSbBxa6W5gFPhZuCKoUHy3kNds7HLIxwzuIviT&dbm_d=AKAmf-AzpfG5LDgSaRXl2UPMJJD43u51MyWwr_T8UWOwuEjSy_WJYnUk5cTTMa5tDDY0b3HIqgBbJB44PeE_LBe24IpYLMkxH4iSZsVsnOIVZmaIzlzMugSWvOLgKg0QdxdCoalJUCxi1pxkHWXdkW0w_mIiTznp14CyKhNJylPkKmTR3Gsc7VZ3Weu1Ik13Sk9LD26mK-FpdmZR7l8VADqVuO0-AiCXIA5WRDovHoPuwR-PRVbaJrH8AlVSHe53OxD1fYGDcShaxE2cv8RUevNK1c9cWMcacGiV0Wpfv8uJIqHm1tiBIVV4STSptcOxiauLz1fSvBQP8s5gr63BX6Y1lEIU0TXcm46euh9uvLv9bGgkyWP2g1T1g6Lv6DTKCwYckesmkOD_aZLk1mdxzGuF8mLNs-1-f1jBpfBbv4g_FItKecGl7JMc4I55TJzqjvL7FehsTdTOX1oYgjg_FQwOFRz-p8YpBYyi5lHuBMl04obNGUKUOEAENwduhPQRMRt2xRP3IkwXFYSz4mQVzBGUA25VNj9jDptsqSAuB9-j86VodVsl69pZuTWvW5xSURtjaG5CHCqaxZvJzDrH-5hDEeQsxcDSmenMyJhrOHatmVrpbgIJQqKP0-QXUtnXTK-9T0shdGOszPGUJB-ycK3KwFWWrumWoMRZMYKUMkPUyzOVlCAl2CCHkmPi0Lt3LynYEsZPhbJG6Mj90t9ajx2Wbmd1nA1oOppgTpNTDs4Gw2ySmm28o_3zqIB5nGoxiXVRqplip-UjqT98PdFTCLm9IQv4vyDGdCihYY2kEft6aK0RKxNMfU34jkoLWUbAnK9FfVl5jYrFPRPJtEVhTeJ9nYI1FmYuAYJMOu8kfJUcYB9Gcs0dTKoNJd0rjTRLCOGj7WvOppAxuOb_PAvHixwfZw0Xh51NjYRXrBv2ZObvvwHEAKgLjV5vquDyOaPNlyeqRNyhOB62WpEwXzqfijoBOD8mrE38AmRrk0RcLDvSRsWqV8ynSXLJXfVvWh47i-Q7Y4Sq1GUvYmYsxkne-RQNNGl0BhfvLG9FJWcIhhT-WnAUUrjFDU_xaky6ESQv-a5DaXgBsnECyVM-u6P58AMBIDZ88q3m5LkHvm81hUurokUSGED-CcjnwqBPIXOFzz6dasGS5dtwKeGld9zG-3p3xv79c67XPT_AKkNJgGxElLguM-WwweAx1VTa2k3xcpD2C9nG47ieWpNrRaeCwJhjUZivIGZJV-TSEk5AjTMooegUjz4GBdbXruMvwdcPdEKoyyg2wHeSBmAtOjYRx0WB_Ap7Y8QOedKgZ1f3fFryTfAZ47EVSpbMCxkna3uVMkQq-qxtZiLl4AD0buwZB0cAxtgeN3ZUwFFZya0a5Tsby3CTeDy6Ho4SDN4pEDaKjp0yVBtIBs8v5KCm_AR2hv28hGrG48oaZdOLQwRk_p_WDgmLqPK2Rsbdq16QIvJdqfFkliY0tW69hTw7ZNw7LhPp3QpUKXxt4qlLy621IrfiMaAlvH8bzU3TXPtD_TMKIfNQmTTEf1cctSuqk03P9rFBVTEeC8Xf69p0bWIozRI_MDZ_SZx6P38-NYh9ujtnK5d3RHM7g_w07E9DjyrhhoXHHGscVnVpAh9WL2VXsk7K6O6nxe4dDnHIyEDB-B-LiPn5rVvCPKQJmj0YMUYBGFswHYNsiW8Tx2tJ-v4TJhv52ycKkq1zTLy_q0m_7eaW2M6bduK0GfnGo-0y1x-q9nYNEF89o50LxKMdtYFcA0OE6VeHd0kSrTO3IdtfK0vIiy57nMo0utIaEYnP5pvAk50-d4l0qFw3ahFnrHz0nQOCS6L_n6tIJOAh93cddiSGjzFaE7nBg5D-qGUc6xF31QEJcvjfG_L6LzzMfukKmMmfeR4fDJWgqa4-TLW4UIuPivrVLu1Ft4wOQpa1M3M2lP4UqO7esnJvWk7J6Q1n8z1R9fTAUIvCibhFJCYpMtLUNMYRuXre1GmoH_grbYXoSoVNUf4bkIklh8Hy6YAJptXY6Pu1YLpPTtrOnzezGNuaLP-ixq7bG-sGLXb5BOlNuP3TSRg4Epobq5-Fi7bh2_IY-EdvYcPQtkeYrgjLfzvgcP4LLno6NSz4CsJlPa0Mh6lpu999vnsIHsYxDTETQTdzLVHr7TtHsIWFVu_WUgddxd2RNdhBQUQumRBBViz2z9G7NJvz_TC4_ALrelMg7ZIM-nQAf8SwvFbzl3uuXJzxxdz5QMHTKDpWQZUcK9RMaCJvVEBuEd8QRPgr_16Po7DvMU81xKtILf9DkgBHVpSVtDfOtpBfxOebn4zdOmmhjq0ok7q_HD48Vpsd4oBGCSZLUL6kOJp6niclrFogTPy3oDFGYXy-OGdF4NHsT62J8sMb66EOf505zNm0SStUu_cHWEcxxP45i-msuhfvrgPl5bvupMSKxEWkGWtX812jiMymgI8_J646DDpTgHRKUR04KmfIPchlAFD2Z6rqn2Zdy0JOzWdaze3yDX24n5u_Heg9uvNM61uReK5uhLPufUFRporAl-ytimERwQmIFsBoN206eOXNmYkgs91mqmTW3wagDdEjv6KH3TbSmWFSA73XJTnTFbnvj6_MwxshJUWHOfQWYqnzBsoxoYYMUoec91WvuYl-tdxiCxJpcifFtOryolsALj3tlxBWQRqDOSUyQ6tFF2vSM1fOTA4wAROCTPGGLkTVz_W01obFYVOLwhMaDZlLLb_RNGtFz13_9qlnqpAWomAHVq0J568UUYeHi4vcV1DYq-uI4-vls4VzLap5zDItJSMECGnKyfNAJh4N4DCwQi-Sp-S2X51zxdikgy7BOghlnhB74fGVWKbyjHsNy0Fk9EM5F9H512rQCHbDdUR0EB1w6J1zoS-rz3eFxLalVgw4FrnLbW7Kw4OjD_gZkLUfN3TSAWqbi-UMn1a8qf4VfSN6I0RoVG4yxeFQngRW_9GH96wHNWZHnYdj3VelGL4dInYJbXwU2hjoPoHAAtjXf3F2-Nfz9nFd30SakTmj5WOFelDWe8tJFXenNUscD6-EjogEsaJ3eSnpRjTMUy0r4wN-IaDItYYkT0MX8yPc9MxlFT7jDCoZKn3XWuC-d0jR9IcT5o_P5aW53gQmq7Z1EGKPe8trpS8PoIcueY37vHxnWwRibGmkjuP-dZ-OT-kW_ToFPb4fglF9yBojf6t5tE2Fe0xuCqalnc30Iq3Px8OChmv3l7Z2YTyC5Db4VmRiZl87WG9DG6FDlUfOo4K2SiaIio4hwIE0j5Ed4SMQEAdFPT__OtjqewLhRUr7D324dAIxQ-gfg80qnkZzmMnFHOC4CgBfBnt9QUJrwjyucKC4YqwhVFLc-VflIxAGg7yfuk4J6mq-SIJY7aeygtq7jD5cLYqw0Vz_Ni5aO2dPLDyEZMrdzfNR9ytExMaHDFevVk4NDLuX6aA2jR2VgDYbwvMIFbf9UesMzjyZUtbwImlPED3AbePr-le1s_c1ZWNLDf_EYnpfju_vlTuamruhxN9yxGkyTa5vuFGE1tC_DHpr9dova1JgKcGNEfW1TXcRcLk3jgadKJX_7JJs61AuIg5cLmzYcXMiXMhl_SyBKl2cj44QC-HaBYxZ7_Fa1AO5mXUnUdE&cid=CAQSTwAvHhf_V3BaC8O8IHgqvaFtbIFehzB_dnJDb-RiyLsNRmLY1-Ca5oj_1p2nQS5xXyNXok7A8Ya-R3Pw_vMseGcgb9QmOxkbyCdSNSaeGCoYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2F3seclab.com%2F&ds=l&xdt=1&iif=1&cor=72415186287961570&adk=1877897942&idt=119&cac=0&dtd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 02:12:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
46657
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4383
x-xss-protection
0
server
cafe
etag
1583492410672046836
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 31 Jan 2024 02:12:28 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20240116/r20110914/ Frame 4145 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240116/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D14lq6yh-pE0d1a9YjQUSTGnk2RSmZmx2GsM_JR8PUTQSG--YJpA7FK5pSdaj518PjDFoSqF9kn1hJHszULGZwO3Odw9v75XKn9U5wxrpp6ubNd2bOf40A1Il5A0x-8aAQyknXxxX3KnwdcA5XoO2MTnhao9CtdpGSbBxa6W5gFPhZuCKoUHy3kNds7HLIxwzuIviT&dbm_d=AKAmf-AzpfG5LDgSaRXl2UPMJJD43u51MyWwr_T8UWOwuEjSy_WJYnUk5cTTMa5tDDY0b3HIqgBbJB44PeE_LBe24IpYLMkxH4iSZsVsnOIVZmaIzlzMugSWvOLgKg0QdxdCoalJUCxi1pxkHWXdkW0w_mIiTznp14CyKhNJylPkKmTR3Gsc7VZ3Weu1Ik13Sk9LD26mK-FpdmZR7l8VADqVuO0-AiCXIA5WRDovHoPuwR-PRVbaJrH8AlVSHe53OxD1fYGDcShaxE2cv8RUevNK1c9cWMcacGiV0Wpfv8uJIqHm1tiBIVV4STSptcOxiauLz1fSvBQP8s5gr63BX6Y1lEIU0TXcm46euh9uvLv9bGgkyWP2g1T1g6Lv6DTKCwYckesmkOD_aZLk1mdxzGuF8mLNs-1-f1jBpfBbv4g_FItKecGl7JMc4I55TJzqjvL7FehsTdTOX1oYgjg_FQwOFRz-p8YpBYyi5lHuBMl04obNGUKUOEAENwduhPQRMRt2xRP3IkwXFYSz4mQVzBGUA25VNj9jDptsqSAuB9-j86VodVsl69pZuTWvW5xSURtjaG5CHCqaxZvJzDrH-5hDEeQsxcDSmenMyJhrOHatmVrpbgIJQqKP0-QXUtnXTK-9T0shdGOszPGUJB-ycK3KwFWWrumWoMRZMYKUMkPUyzOVlCAl2CCHkmPi0Lt3LynYEsZPhbJG6Mj90t9ajx2Wbmd1nA1oOppgTpNTDs4Gw2ySmm28o_3zqIB5nGoxiXVRqplip-UjqT98PdFTCLm9IQv4vyDGdCihYY2kEft6aK0RKxNMfU34jkoLWUbAnK9FfVl5jYrFPRPJtEVhTeJ9nYI1FmYuAYJMOu8kfJUcYB9Gcs0dTKoNJd0rjTRLCOGj7WvOppAxuOb_PAvHixwfZw0Xh51NjYRXrBv2ZObvvwHEAKgLjV5vquDyOaPNlyeqRNyhOB62WpEwXzqfijoBOD8mrE38AmRrk0RcLDvSRsWqV8ynSXLJXfVvWh47i-Q7Y4Sq1GUvYmYsxkne-RQNNGl0BhfvLG9FJWcIhhT-WnAUUrjFDU_xaky6ESQv-a5DaXgBsnECyVM-u6P58AMBIDZ88q3m5LkHvm81hUurokUSGED-CcjnwqBPIXOFzz6dasGS5dtwKeGld9zG-3p3xv79c67XPT_AKkNJgGxElLguM-WwweAx1VTa2k3xcpD2C9nG47ieWpNrRaeCwJhjUZivIGZJV-TSEk5AjTMooegUjz4GBdbXruMvwdcPdEKoyyg2wHeSBmAtOjYRx0WB_Ap7Y8QOedKgZ1f3fFryTfAZ47EVSpbMCxkna3uVMkQq-qxtZiLl4AD0buwZB0cAxtgeN3ZUwFFZya0a5Tsby3CTeDy6Ho4SDN4pEDaKjp0yVBtIBs8v5KCm_AR2hv28hGrG48oaZdOLQwRk_p_WDgmLqPK2Rsbdq16QIvJdqfFkliY0tW69hTw7ZNw7LhPp3QpUKXxt4qlLy621IrfiMaAlvH8bzU3TXPtD_TMKIfNQmTTEf1cctSuqk03P9rFBVTEeC8Xf69p0bWIozRI_MDZ_SZx6P38-NYh9ujtnK5d3RHM7g_w07E9DjyrhhoXHHGscVnVpAh9WL2VXsk7K6O6nxe4dDnHIyEDB-B-LiPn5rVvCPKQJmj0YMUYBGFswHYNsiW8Tx2tJ-v4TJhv52ycKkq1zTLy_q0m_7eaW2M6bduK0GfnGo-0y1x-q9nYNEF89o50LxKMdtYFcA0OE6VeHd0kSrTO3IdtfK0vIiy57nMo0utIaEYnP5pvAk50-d4l0qFw3ahFnrHz0nQOCS6L_n6tIJOAh93cddiSGjzFaE7nBg5D-qGUc6xF31QEJcvjfG_L6LzzMfukKmMmfeR4fDJWgqa4-TLW4UIuPivrVLu1Ft4wOQpa1M3M2lP4UqO7esnJvWk7J6Q1n8z1R9fTAUIvCibhFJCYpMtLUNMYRuXre1GmoH_grbYXoSoVNUf4bkIklh8Hy6YAJptXY6Pu1YLpPTtrOnzezGNuaLP-ixq7bG-sGLXb5BOlNuP3TSRg4Epobq5-Fi7bh2_IY-EdvYcPQtkeYrgjLfzvgcP4LLno6NSz4CsJlPa0Mh6lpu999vnsIHsYxDTETQTdzLVHr7TtHsIWFVu_WUgddxd2RNdhBQUQumRBBViz2z9G7NJvz_TC4_ALrelMg7ZIM-nQAf8SwvFbzl3uuXJzxxdz5QMHTKDpWQZUcK9RMaCJvVEBuEd8QRPgr_16Po7DvMU81xKtILf9DkgBHVpSVtDfOtpBfxOebn4zdOmmhjq0ok7q_HD48Vpsd4oBGCSZLUL6kOJp6niclrFogTPy3oDFGYXy-OGdF4NHsT62J8sMb66EOf505zNm0SStUu_cHWEcxxP45i-msuhfvrgPl5bvupMSKxEWkGWtX812jiMymgI8_J646DDpTgHRKUR04KmfIPchlAFD2Z6rqn2Zdy0JOzWdaze3yDX24n5u_Heg9uvNM61uReK5uhLPufUFRporAl-ytimERwQmIFsBoN206eOXNmYkgs91mqmTW3wagDdEjv6KH3TbSmWFSA73XJTnTFbnvj6_MwxshJUWHOfQWYqnzBsoxoYYMUoec91WvuYl-tdxiCxJpcifFtOryolsALj3tlxBWQRqDOSUyQ6tFF2vSM1fOTA4wAROCTPGGLkTVz_W01obFYVOLwhMaDZlLLb_RNGtFz13_9qlnqpAWomAHVq0J568UUYeHi4vcV1DYq-uI4-vls4VzLap5zDItJSMECGnKyfNAJh4N4DCwQi-Sp-S2X51zxdikgy7BOghlnhB74fGVWKbyjHsNy0Fk9EM5F9H512rQCHbDdUR0EB1w6J1zoS-rz3eFxLalVgw4FrnLbW7Kw4OjD_gZkLUfN3TSAWqbi-UMn1a8qf4VfSN6I0RoVG4yxeFQngRW_9GH96wHNWZHnYdj3VelGL4dInYJbXwU2hjoPoHAAtjXf3F2-Nfz9nFd30SakTmj5WOFelDWe8tJFXenNUscD6-EjogEsaJ3eSnpRjTMUy0r4wN-IaDItYYkT0MX8yPc9MxlFT7jDCoZKn3XWuC-d0jR9IcT5o_P5aW53gQmq7Z1EGKPe8trpS8PoIcueY37vHxnWwRibGmkjuP-dZ-OT-kW_ToFPb4fglF9yBojf6t5tE2Fe0xuCqalnc30Iq3Px8OChmv3l7Z2YTyC5Db4VmRiZl87WG9DG6FDlUfOo4K2SiaIio4hwIE0j5Ed4SMQEAdFPT__OtjqewLhRUr7D324dAIxQ-gfg80qnkZzmMnFHOC4CgBfBnt9QUJrwjyucKC4YqwhVFLc-VflIxAGg7yfuk4J6mq-SIJY7aeygtq7jD5cLYqw0Vz_Ni5aO2dPLDyEZMrdzfNR9ytExMaHDFevVk4NDLuX6aA2jR2VgDYbwvMIFbf9UesMzjyZUtbwImlPED3AbePr-le1s_c1ZWNLDf_EYnpfju_vlTuamruhxN9yxGkyTa5vuFGE1tC_DHpr9dova1JgKcGNEfW1TXcRcLk3jgadKJX_7JJs61AuIg5cLmzYcXMiXMhl_SyBKl2cj44QC-HaBYxZ7_Fa1AO5mXUnUdE&cid=CAQSTwAvHhf_V3BaC8O8IHgqvaFtbIFehzB_dnJDb-RiyLsNRmLY1-Ca5oj_1p2nQS5xXyNXok7A8Ya-R3Pw_vMseGcgb9QmOxkbyCdSNSaeGCoYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2F3seclab.com%2F&ds=l&xdt=1&iif=1&cor=72415186287961570&adk=1877897942&idt=119&cac=0&dtd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:08:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
124
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11885
x-xss-protection
0
server
cafe
etag
16863283086342074828
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 31 Jan 2024 15:08:01 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 4145 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 02:28:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
45712
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Jan 2025 02:28:13 GMT
WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js
pagead2.googlesyndication.com/bg/ Frame 0383 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5828ff27c35c12c94d0d8b3cdfd77b28606034437c009902d28cf7f5bcb6a907
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 15:08:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
86477
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19599
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 15 Jan 2025 15:08:48 GMT
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame C597 		65 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240116/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2f6bea46c546f8965429c8793da815b8aa488ea358656607513811e6220f4583
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:33:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
2174
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24615
x-xss-protection
0
server
cafe
etag
10902498161188913397
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 15:33:51 GMT
html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame C551 		172 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 23:49:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55261
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61485
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:43:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 17 Jan 2024 23:49:04 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20240116/r20110914/elements/html/ Frame C551 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240116/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AxVTwUddf_h6CCgk5Vr_Fk_ox8Igoyl14Z2QhRQSbvjmFQ6Kx4zJc663Zx84PCr_Wpy8P09uN_aQDlkD87AmhI2Dlg16b1czXpxquAowyE2WHmLOtbHZ7w9KZ1qQVEBlC2wc00Gtt3EcmZ03oN1ALKCOjVLCIf-KjbcQG-QdknOg_1T4mGymeGLsGe5Aq9Kgwztu9g&dbm_d=AKAmf-D20kE5Adl0IyoIHVG99vR9QoCBK03nZ6j8OyyJwDB0aVW4MWPaWXRauBLWr_ZnkKvrLRE7dVCWPuhqsyfgwliMJnv0WrturqAPIl5P964P3xnPE7HR3N0KzENqDgCPZE0nEcg5-6lRvZfxAJVoTvJUB8XNA-JaUU1o4m2xE11JHp0dTU_HDTen3vLB-y0xX7OqCAla4Lcw-vd-pfniYL5TMM8hn2g4Az_Rnl01Zrp0Ihm5KysDKrkfd1iD4ncLbP6TC67OTLRXyMwi3VpmsNwaz4OA-TCwoz3se44HUJe_HF7htszORNSRERVPxdyzBysqMXheV27gotd2iF4Wit-6hE9WtCTBGMle2bJETAuqE-WPS-Csv8wk6Oq2MohsQY4wvnfsTlTpitAB6LVwdyrx3aenjZtRYYUfITKtk6hphhTkVn4fqyFKALXZit9XjMIbpG90W3OFMLMCrLBwyNa8enteI_k7sMKAZLshpprzixp9wP8qsKVMfLJIZjZw6Xi7UBPOhwnn8mp9UFvsIqdTYVubY5bt7Rl2i3ZP4mwHteZYZC7ofezcfMLSTTNwLz_bJxmmN_9lgICziSaLpAYodp4WTcs4rbmj7VMBxyfbQEiPsMTB9gtfoXHwvJVieeaxFhcIgyko-wvpznkUORH4j-LzjZFpquIT7yo84o8tjW-1Tx-U0yzouaegPF3RqD68aLeaoAMF94ujLHjgCTH4K0-HcGpr7Edki5VhNp8xM0py_tY2MMo3QbutJIDG-G7jqxTUKwDlPkRYA-jCVrVjUdaguUrvQ1AafV-lq-Kh28OVC0zEAYltfoiHkR-mmvQICFklfQbfzFAs6SxHkdpp6X600lchTSF7Me6ppysQLr1Ez0DDYIfD-9OKxdPOYkNgZKUK3ALlYLZvqaUckU3T7a59yiMUFif6JVCN-7RbVfN1W5pU1cqQZK9RPHGbkqubYeKCYpL_o9vp-AyH2ccLSnFe_pxEjj_Uq5CBwJfnNAwLeAVP7SP7_GXkXywu4DcquuuhgMJvZShq6yAteX6k9ti4d4u_x582AzBAizTzMa52D6_8hKe0jw1l4HSreA9qNJ8xAVDOKAUH0jRJ_C4NGyuzrrnKKLIy4z2S_fimmv7fREtPcdfnfvJiRVNpqXutVxiwlQRld0tOXqzprbvKaE9Efp-UEMusbKk0B9ibXjlKt9fgO7rhLTErwAbiJJgmVdCwM2jMtQ150fo1-WnnI-27D8n0TKNpjpg45PsnwQo6fQIsdAVXCk2Loxm96iYag3mqD9oN0SWKFX7s2Rv-TEJZve7QX5XgMUwQSUOk5gRc_szNXCJtc6mwcKumyBC7ANlTDFi5LpNzZVt7YVOC0-faOlU8_EaMt4vVc8CBhHOXLi2yVBqxOY64H0Hucf66oq-4OyI50cusFpuawcCSt2h_DdsheXtHXHyQsYuWEnrNun0F-sRYy1ZiY2uPDFc6ahKQmlL1bQ7Pc67FpgrUI6W7mLpFgaflH23w_3jcKUnhgmGOncrb4lmYIKwZktG3gFK-Cul4sjVG-1F9V3hvsV_SgD8jsfA61Ly3yYsBA2OtFZMUUfxkQk348X0EjVejAcuibFkTOXptwXilhwVO78wHL_lD4P1bAOCE4NnDdFp0RFDqvM1YmNEVwsy9F6Q_91-PSnp7d0KldUgra106hJcTI9td8ERUiz9Lw7QPckLL_bJaRVpSAxV7Ls9usYkpwkE0Vvj3S6ZxN1uRSbm5T9ajvBc9TOQUQzkun6sZ_T0huQH6T6JZyPiTU9xvV4Tw5U0lcXFdA2JWth9caUB_azNgtB2LEBHyEOho0YuQstKZtfiGeKqt8eT-ACGU296kf1YjTVptJ1HDWEmJ7MqTJOsqwFJl0NK76lsLILY_9Q8G-zSEPZfjrq8ipQd-SuI89lRK7MjilozySnFIOb5sdOFx5jClfr5-mJxmLHwNjYVGq9heca4aQ3-7lPbmLtpGdgcAIJkY7MnUITHjKMMo0qeRnOqZ4nufRJ9gHKSKFls0tu6QjGfsMNrEMt2KB9QBHuQWyY_J1jxnKi0Ki6RAVmemy47MgL3vFGo4hoZcTo3-_8mD3nxAMsu_o3z71NC2__-POEOCvRpqUfVjFCiGblIBbK2sh7a44a2_rsuKw7muGW7fO0LPK4ZBN8E-rrhGJcmaJSeiugsrLA_aaBmmT3IA_jS9ElT6tz1EBggBCWrJtLMcixhxSxHmn9c2XG9p1D9Yehxx28PRfToIiovHOVx1dskAmxj_9ENK0-VO1iwX70INvoqk4Cb89vASDph2f--2iFqepWPQiUlrjjFzwsTddmg-Mm9enGOH0-8BMA1homKXmgXhyE0v8PRUTNmew-7QGvgayoTTH6NCXQuLUC7-jQCXjxaUxPeNPv3yLJZgP0X7oXgx35-HFhzAjfiKJRrvumA_tbj9yaOe2yMb8rQog7p6Y0rbaHv-hXHCKvNLqElnFZt9UM1dZU5EewhmQPWJZVtFRucC-CRoc6kRLP2g_ve_YZfnmfhUq8vlLSavPHlGH43yLoNyBRMfmpoM8Rl0BIAoJ7bdMCxbAdA9k9UA0ChcctndS7UXcFaJXxUE5sk5OpiyDIPPZVcFsQGX-L7sojZYTes6VhCklXqhaUZRJOP1ifZPUxiMRlYIF6csMQSE1qafl03GWjp_L9gmoifMh8Zf0aoULd9aMi558k0sczUkiC1X02AC-2pXJuBeyZWGmlzD1KI8uCFdywEjPv82ZycbzkUkA1k8YwROE7iMRT3aAUGfwnoohM4BIVrtnHLrH1Mmwgqg_xsugCfkyBta8xvVRZynSXKp4DkPcMO1WrE_yqlNIjOWmehuNpfeVhNyYrYq7vP7sGwv5tNdVKdolNRorVdwXmo-tUAb49UrBzl3EGLNirEFiocnP285EW9GO6ak0ntez8awx8Gu_DasWLLQCZij0mV4cLmjE5UfEofvixtvcnSbiQl6-aBteeax2uJkKlawQUlj0eFUyBq64HnPTnpNyXOo9Rxbnd9KOAoV1SRhkSfaadg1Nq0puPJ279b4LtWHNaV9eSsRqAlE4QA-NyfDz7ooL-Koc-BRbgKBN5DpcBBu5jYYLtK4uL5xgOMCFQgg2cekuL7lW5XPE-RRK2f3qWlpSSKzTBemX3XDZsW1RrrpzW4jDCg64CcGBcjN2XbIwQ1L2d8tsGowAcTRLMJ8iYrTypPR-a25O5iDEKiGvykNSW1ewzLmmBv5u1AUOT9rI4qs7S5akhm1aXS5YiGkp87T7cAE7vjicoc1wXqhPClOLgXU8jLk6KR8-dSiHAEEaUSXYZHgDMPcfbtBRJfLnlYYRfthbgiLYj4uew_QDK1YTxKOu-0ap686e-K96uFXhbYAnAP97KATp1ygKHCr_AJ-vGOn9Qy82BdcFOjmwgVHPcHc0R33su1xQVa3JUk-IYjSZTV8C4vwNoyyPNLBxu9RYM30jHNHOcF8Idi0IeZxix5y8h0oIWDeQS5eG_2Lb06_gwi-TbgsmMhVrXEaiu1Z-0O_PdKvK9RDAQOq7JQnNlcasVj6wLY4GorCGiUPEiDzNSW65NWmGxSFaQfXTajNle_23ZbNtkzeqpeJypwnYCVsx6y8cpaKyO5TMLAOxUZfjJ__vGqQ&cid=CAQSTwAvHhf_V3BaC8O8IHgqvaFtbIFehzB_dnJDb-RiyLsNRmLY1-Ca5oj_1p2nQS5xXyNXok7A8Ya-R3Pw_vMseGcgb9QmOxkbyCdSNSaeGCoYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2F3seclab.com%2F&ds=l&xdt=1&iif=1&cor=13293513632237795000&adk=929882888&idt=140&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 02:12:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
46657
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4383
x-xss-protection
0
server
cafe
etag
1583492410672046836
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 31 Jan 2024 02:12:28 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20240116/r20110914/ Frame C551 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240116/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AxVTwUddf_h6CCgk5Vr_Fk_ox8Igoyl14Z2QhRQSbvjmFQ6Kx4zJc663Zx84PCr_Wpy8P09uN_aQDlkD87AmhI2Dlg16b1czXpxquAowyE2WHmLOtbHZ7w9KZ1qQVEBlC2wc00Gtt3EcmZ03oN1ALKCOjVLCIf-KjbcQG-QdknOg_1T4mGymeGLsGe5Aq9Kgwztu9g&dbm_d=AKAmf-D20kE5Adl0IyoIHVG99vR9QoCBK03nZ6j8OyyJwDB0aVW4MWPaWXRauBLWr_ZnkKvrLRE7dVCWPuhqsyfgwliMJnv0WrturqAPIl5P964P3xnPE7HR3N0KzENqDgCPZE0nEcg5-6lRvZfxAJVoTvJUB8XNA-JaUU1o4m2xE11JHp0dTU_HDTen3vLB-y0xX7OqCAla4Lcw-vd-pfniYL5TMM8hn2g4Az_Rnl01Zrp0Ihm5KysDKrkfd1iD4ncLbP6TC67OTLRXyMwi3VpmsNwaz4OA-TCwoz3se44HUJe_HF7htszORNSRERVPxdyzBysqMXheV27gotd2iF4Wit-6hE9WtCTBGMle2bJETAuqE-WPS-Csv8wk6Oq2MohsQY4wvnfsTlTpitAB6LVwdyrx3aenjZtRYYUfITKtk6hphhTkVn4fqyFKALXZit9XjMIbpG90W3OFMLMCrLBwyNa8enteI_k7sMKAZLshpprzixp9wP8qsKVMfLJIZjZw6Xi7UBPOhwnn8mp9UFvsIqdTYVubY5bt7Rl2i3ZP4mwHteZYZC7ofezcfMLSTTNwLz_bJxmmN_9lgICziSaLpAYodp4WTcs4rbmj7VMBxyfbQEiPsMTB9gtfoXHwvJVieeaxFhcIgyko-wvpznkUORH4j-LzjZFpquIT7yo84o8tjW-1Tx-U0yzouaegPF3RqD68aLeaoAMF94ujLHjgCTH4K0-HcGpr7Edki5VhNp8xM0py_tY2MMo3QbutJIDG-G7jqxTUKwDlPkRYA-jCVrVjUdaguUrvQ1AafV-lq-Kh28OVC0zEAYltfoiHkR-mmvQICFklfQbfzFAs6SxHkdpp6X600lchTSF7Me6ppysQLr1Ez0DDYIfD-9OKxdPOYkNgZKUK3ALlYLZvqaUckU3T7a59yiMUFif6JVCN-7RbVfN1W5pU1cqQZK9RPHGbkqubYeKCYpL_o9vp-AyH2ccLSnFe_pxEjj_Uq5CBwJfnNAwLeAVP7SP7_GXkXywu4DcquuuhgMJvZShq6yAteX6k9ti4d4u_x582AzBAizTzMa52D6_8hKe0jw1l4HSreA9qNJ8xAVDOKAUH0jRJ_C4NGyuzrrnKKLIy4z2S_fimmv7fREtPcdfnfvJiRVNpqXutVxiwlQRld0tOXqzprbvKaE9Efp-UEMusbKk0B9ibXjlKt9fgO7rhLTErwAbiJJgmVdCwM2jMtQ150fo1-WnnI-27D8n0TKNpjpg45PsnwQo6fQIsdAVXCk2Loxm96iYag3mqD9oN0SWKFX7s2Rv-TEJZve7QX5XgMUwQSUOk5gRc_szNXCJtc6mwcKumyBC7ANlTDFi5LpNzZVt7YVOC0-faOlU8_EaMt4vVc8CBhHOXLi2yVBqxOY64H0Hucf66oq-4OyI50cusFpuawcCSt2h_DdsheXtHXHyQsYuWEnrNun0F-sRYy1ZiY2uPDFc6ahKQmlL1bQ7Pc67FpgrUI6W7mLpFgaflH23w_3jcKUnhgmGOncrb4lmYIKwZktG3gFK-Cul4sjVG-1F9V3hvsV_SgD8jsfA61Ly3yYsBA2OtFZMUUfxkQk348X0EjVejAcuibFkTOXptwXilhwVO78wHL_lD4P1bAOCE4NnDdFp0RFDqvM1YmNEVwsy9F6Q_91-PSnp7d0KldUgra106hJcTI9td8ERUiz9Lw7QPckLL_bJaRVpSAxV7Ls9usYkpwkE0Vvj3S6ZxN1uRSbm5T9ajvBc9TOQUQzkun6sZ_T0huQH6T6JZyPiTU9xvV4Tw5U0lcXFdA2JWth9caUB_azNgtB2LEBHyEOho0YuQstKZtfiGeKqt8eT-ACGU296kf1YjTVptJ1HDWEmJ7MqTJOsqwFJl0NK76lsLILY_9Q8G-zSEPZfjrq8ipQd-SuI89lRK7MjilozySnFIOb5sdOFx5jClfr5-mJxmLHwNjYVGq9heca4aQ3-7lPbmLtpGdgcAIJkY7MnUITHjKMMo0qeRnOqZ4nufRJ9gHKSKFls0tu6QjGfsMNrEMt2KB9QBHuQWyY_J1jxnKi0Ki6RAVmemy47MgL3vFGo4hoZcTo3-_8mD3nxAMsu_o3z71NC2__-POEOCvRpqUfVjFCiGblIBbK2sh7a44a2_rsuKw7muGW7fO0LPK4ZBN8E-rrhGJcmaJSeiugsrLA_aaBmmT3IA_jS9ElT6tz1EBggBCWrJtLMcixhxSxHmn9c2XG9p1D9Yehxx28PRfToIiovHOVx1dskAmxj_9ENK0-VO1iwX70INvoqk4Cb89vASDph2f--2iFqepWPQiUlrjjFzwsTddmg-Mm9enGOH0-8BMA1homKXmgXhyE0v8PRUTNmew-7QGvgayoTTH6NCXQuLUC7-jQCXjxaUxPeNPv3yLJZgP0X7oXgx35-HFhzAjfiKJRrvumA_tbj9yaOe2yMb8rQog7p6Y0rbaHv-hXHCKvNLqElnFZt9UM1dZU5EewhmQPWJZVtFRucC-CRoc6kRLP2g_ve_YZfnmfhUq8vlLSavPHlGH43yLoNyBRMfmpoM8Rl0BIAoJ7bdMCxbAdA9k9UA0ChcctndS7UXcFaJXxUE5sk5OpiyDIPPZVcFsQGX-L7sojZYTes6VhCklXqhaUZRJOP1ifZPUxiMRlYIF6csMQSE1qafl03GWjp_L9gmoifMh8Zf0aoULd9aMi558k0sczUkiC1X02AC-2pXJuBeyZWGmlzD1KI8uCFdywEjPv82ZycbzkUkA1k8YwROE7iMRT3aAUGfwnoohM4BIVrtnHLrH1Mmwgqg_xsugCfkyBta8xvVRZynSXKp4DkPcMO1WrE_yqlNIjOWmehuNpfeVhNyYrYq7vP7sGwv5tNdVKdolNRorVdwXmo-tUAb49UrBzl3EGLNirEFiocnP285EW9GO6ak0ntez8awx8Gu_DasWLLQCZij0mV4cLmjE5UfEofvixtvcnSbiQl6-aBteeax2uJkKlawQUlj0eFUyBq64HnPTnpNyXOo9Rxbnd9KOAoV1SRhkSfaadg1Nq0puPJ279b4LtWHNaV9eSsRqAlE4QA-NyfDz7ooL-Koc-BRbgKBN5DpcBBu5jYYLtK4uL5xgOMCFQgg2cekuL7lW5XPE-RRK2f3qWlpSSKzTBemX3XDZsW1RrrpzW4jDCg64CcGBcjN2XbIwQ1L2d8tsGowAcTRLMJ8iYrTypPR-a25O5iDEKiGvykNSW1ewzLmmBv5u1AUOT9rI4qs7S5akhm1aXS5YiGkp87T7cAE7vjicoc1wXqhPClOLgXU8jLk6KR8-dSiHAEEaUSXYZHgDMPcfbtBRJfLnlYYRfthbgiLYj4uew_QDK1YTxKOu-0ap686e-K96uFXhbYAnAP97KATp1ygKHCr_AJ-vGOn9Qy82BdcFOjmwgVHPcHc0R33su1xQVa3JUk-IYjSZTV8C4vwNoyyPNLBxu9RYM30jHNHOcF8Idi0IeZxix5y8h0oIWDeQS5eG_2Lb06_gwi-TbgsmMhVrXEaiu1Z-0O_PdKvK9RDAQOq7JQnNlcasVj6wLY4GorCGiUPEiDzNSW65NWmGxSFaQfXTajNle_23ZbNtkzeqpeJypwnYCVsx6y8cpaKyO5TMLAOxUZfjJ__vGqQ&cid=CAQSTwAvHhf_V3BaC8O8IHgqvaFtbIFehzB_dnJDb-RiyLsNRmLY1-Ca5oj_1p2nQS5xXyNXok7A8Ya-R3Pw_vMseGcgb9QmOxkbyCdSNSaeGCoYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2F3seclab.com%2F&ds=l&xdt=1&iif=1&cor=13293513632237795000&adk=929882888&idt=140&cac=0&dtd=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:08:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
124
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11885
x-xss-protection
0
server
cafe
etag
16863283086342074828
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 31 Jan 2024 15:08:01 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame C551 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 02:28:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
45712
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Jan 2025 02:28:13 GMT
truncated
/ Frame C551 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
693971948a7c61c749e3d153c5a5210bde0b82e949b984c6455754170e1ff81e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
csi
csi.gstatic.com/ Frame 2C2B 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lrhx63fz&chm=1&ctx=2&gqid=zO2nZeOsGIXv9u8PwZ-M0A4&qqid=CPCplaLa5IMDFR-TjggdsesEug&met.4=fb.e1~lb.hv~ol.x8~bdt.-lz~bpp.-93~idt.-4~dtd.0~dt.-9a&met.3=492.e5_1~492.e6~113.13v_2~112.13u_3&met.1=1.lrhx62c5~6.0~7.0~8.0~9.0~10.0~12.1~13.du~14.e6~15.dw~16.mg~17.mg~18.mg~19.x7~20.x7~21.x8~22.ir~23.ir&met.7=CAUQCBgBMP4DOKwJaAFw8gN4yX6AAZ18iAHywAKwAQG4AQM~CBsQBSD_AzigBA~CB4QChgBIP8DKP8DMIIFOIMBaNUEcIEFeIAMgAHUCYgBgRWwAQG4AQM~CBwQChgBIP8DKP8DMIAFOIEBUIAEWNUEYKYEaNUEcPwEeNhEgAGsQogB1KEBsAEBuAED~CCoQChgBIIAEKIAEMIIGOIMCUIAEWNUEYKYEaNUEcLoFeN-HBIABs4UEiAGS5wywAQG4AQM~CCEQBhgBIJ8IKJ8IMPIIOFNonwhw8Qh4rAKwAQG4AQM~CBsQBiCfCDh-~CCgQChgBIK4JKK4JMNYKOKgBUK8JWIYKYNUJaIYKcK8KeNPCAYABp8ABiAHMhASwAQG4AQM
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400e:c03::78 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:06 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 3BCF 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
65757
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 16 Jan 2024 20:54:08 GMT
expires
Wed, 15 Jan 2025 20:54:08 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 50F8 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
65757
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 16 Jan 2024 20:54:08 GMT
expires
Wed, 15 Jan 2025 20:54:08 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
csi
csi.gstatic.com/ Frame C597 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lrhx63ib&chm=1&ctx=2&gqid=zO2nZd_7F8C89u8P5MOgwA4&qqid=CP_flaLa5IMDFReHjggdaCUHjw&met.4=fb.6~lb.1s~ol.5k~bdt.-1ja~bpp.-16l~idt.-xz~dtd.-xi~dt.-1cj&met.3=492.c_1~518.1t~555.5e~556.5e_1~113.8v_1~113.8x~112.8v_2&met.1=1.lrhx639g~14.0~15.0~16.0~17.0~18.0~19.0~20.0~21.0~1.lrhx634r~6.0~7.0~8.0~9.0~10.0~12.1~13.14~14.15~15.16~16.5p~17.5p~18.5p~19.a9~20.a9~21.aa&met.7=CCgQCBgB~CBIQBxgBIAgoCDA6ODJoCHA5ePAFgAHEA4gBshCqAREKD1BvcHBpbnM6NDAwLDYwMLABAbgBAw~CBwQChgBIAwoDDAzOChoDHAzeMcIgAGbBogBiA2wAQG4AQM~CAkQChgBIA0oDTA2OCloDXA0eOhKgAG8SIgBoLoBsAEBuAED~CB4QChgBIA0oDTA_ODJoDXA2eIAMgAHUCYgBgRWwAQG4AQM~CBwQChgBIA0oDTA_ODJoDXA3eNhEgAGsQogB1KEBsAEBuAED~CCoQChgBIA0oDTCNATiAAWgNcFZ434cEgAGzhQSIAZLnDLABAbgBAw~CBsQChgBIA0oDTBAODM~CCgQChgBIOgBKOgBMJ4CODVo6QFwkAJ408IBgAGnwAGIAcyEBLABAbgBAw~CCgQCBgBMCk48QJoAXAoePkigAHNIIgBwEegAdf-_________wGwAQG4AQM~CBIQBxgBIDkoOTBvODZoPHBueK8HgAGDBYgBvCOgAdf-_________wGqARUKE1JvYm90bzp3Z2h0QDQwMDs3MDCwAQG4AQM~CBsQBhgBIDooOjC4ATh-~CBsQBhgBIDooOjC5ATh_~CEwQChgBIDooOjBoOC5oPHBleNM3gAGnNYgBs32gAdf-_________wGwAQG4AQM~CEsQChgBIDooOjBwODZoPHBpePpLgAHOSYgBh7MBoAHX_v________8BsAEBuAED
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400e:c03::78 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:06 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 846F 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
65757
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 16 Jan 2024 20:54:08 GMT
expires
Wed, 15 Jan 2025 20:54:08 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 3BCF 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:31:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
2334
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 16 Jan 2025 14:31:11 GMT
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 50F8 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:31:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
2334
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 16 Jan 2025 14:31:11 GMT
WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js
pagead2.googlesyndication.com/bg/ Frame 846F 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5828ff27c35c12c94d0d8b3cdfd77b28606034437c009902d28cf7f5bcb6a907
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 15:08:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
86477
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19599
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 15 Jan 2025 15:08:48 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame A9E7 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKo89UCEOuOtqEDGKWd_YICMAE&v=APEucNUDaJ-iKXPqJ_bOYqrbS-21FCKRytLTxN9eiLUwCdSwtpT5I8HZ1tqytFkjATgDjlL5tBSNJQaz5mHcKal-eYPzX9fHIPBX0viR0sujoR6OA-CpZ8J2ng9Y1DlUAb-Rnt0f-wE3PycfKl4v4sFFMCAzKN5hsuZhqUA5_v9maPiuHw1C5Zc
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052384650666721&output=html&h=280&adk=1958173566&adf=867136312&pi=t.aa~a.2964258233~rp.1&w=500&fwrn=4&fwrnh=100&lmt=1705504205&rafmt=1&to=qs&pwprc=8885713159&format=500x280&url=https%3A%2F%2F3seclab.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705504205281&bpp=1&bdt=1699&idt=0&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85f5c5c159c77a69%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_Mb93ZQYCJF9PNRrdD0nXxMvr4sL5w&gpic=UID%3D00000d43700928e7%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_MYzgamZlVuSn9boNcaAHLj5-qNlIw&prev_fmts=0x0%2C1200x280%2C500x280&nras=3&correlator=7814081595830&rume=1&frm=20&pv=1&ga_vid=440884274.1705504204&ga_sid=1705504204&ga_hid=1558612209&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=2001&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31080431%2C95320892%2C95321627%2C95322163%2C95322325%2C31061691%2C31061692&oid=2&psts=AOrYGsl95Ya7pY9kXAFmbNgL7fy4ghf-ulzrwF1d6HFUVvqvJwDESaqv5gDxcdYSHGP0kk2oC1kI7vRjWjmX9Q&pvsid=593978333931182&tmod=1091228091&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052384650666721&output=html&h=280&adk=1958173566&adf=867136312&pi=t.aa~a.2964258233~rp.1&w=500&fwrn=4&fwrnh=100&lmt=1705504205&rafmt=1&to=qs&pwprc=8885713159&format=500x280&url=https%3A%2F%2F3seclab.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705504205281&bpp=1&bdt=1699&idt=0&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85f5c5c159c77a69%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_Mb93ZQYCJF9PNRrdD0nXxMvr4sL5w&gpic=UID%3D00000d43700928e7%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_MYzgamZlVuSn9boNcaAHLj5-qNlIw&prev_fmts=0x0%2C1200x280%2C500x280&nras=3&correlator=7814081595830&rume=1&frm=20&pv=1&ga_vid=440884274.1705504204&ga_sid=1705504204&ga_hid=1558612209&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=2001&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31080431%2C95320892%2C95321627%2C95322163%2C95322325%2C31061691%2C31061692&oid=2&psts=AOrYGsl95Ya7pY9kXAFmbNgL7fy4ghf-ulzrwF1d6HFUVvqvJwDESaqv5gDxcdYSHGP0kk2oC1kI7vRjWjmX9Q&pvsid=593978333931182&tmod=1091228091&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=5
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 17 Jan 2024 15:10:06 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 08B7 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052384650666721&output=html&h=280&adk=1958173566&adf=867136312&pi=t.aa~a.2964258233~rp.1&w=500&fwrn=4&fwrnh=100&lmt=1705504205&rafmt=1&to=qs&pwprc=8885713159&format=500x280&url=https%3A%2F%2F3seclab.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705504205281&bpp=1&bdt=1699&idt=0&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85f5c5c159c77a69%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_Mb93ZQYCJF9PNRrdD0nXxMvr4sL5w&gpic=UID%3D00000d43700928e7%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_MYzgamZlVuSn9boNcaAHLj5-qNlIw&prev_fmts=0x0%2C1200x280%2C500x280&nras=3&correlator=7814081595830&rume=1&frm=20&pv=1&ga_vid=440884274.1705504204&ga_sid=1705504204&ga_hid=1558612209&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=2001&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31080431%2C95320892%2C95321627%2C95322163%2C95322325%2C31061691%2C31061692&oid=2&psts=AOrYGsl95Ya7pY9kXAFmbNgL7fy4ghf-ulzrwF1d6HFUVvqvJwDESaqv5gDxcdYSHGP0kk2oC1kI7vRjWjmX9Q&pvsid=593978333931182&tmod=1091228091&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:10:06 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 15:10:06 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240116/r20110914/client/ Frame 08B7 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240116/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052384650666721&output=html&h=280&adk=1958173566&adf=867136312&pi=t.aa~a.2964258233~rp.1&w=500&fwrn=4&fwrnh=100&lmt=1705504205&rafmt=1&to=qs&pwprc=8885713159&format=500x280&url=https%3A%2F%2F3seclab.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705504205281&bpp=1&bdt=1699&idt=0&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85f5c5c159c77a69%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_Mb93ZQYCJF9PNRrdD0nXxMvr4sL5w&gpic=UID%3D00000d43700928e7%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_MYzgamZlVuSn9boNcaAHLj5-qNlIw&prev_fmts=0x0%2C1200x280%2C500x280&nras=3&correlator=7814081595830&rume=1&frm=20&pv=1&ga_vid=440884274.1705504204&ga_sid=1705504204&ga_hid=1558612209&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=2001&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31080431%2C95320892%2C95321627%2C95322163%2C95322325%2C31061691%2C31061692&oid=2&psts=AOrYGsl95Ya7pY9kXAFmbNgL7fy4ghf-ulzrwF1d6HFUVvqvJwDESaqv5gDxcdYSHGP0kk2oC1kI7vRjWjmX9Q&pvsid=593978333931182&tmod=1091228091&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:31:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
2336
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 31 Jan 2024 14:31:10 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240116/r20110914/client/ Frame 08B7 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240116/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052384650666721&output=html&h=280&adk=1958173566&adf=867136312&pi=t.aa~a.2964258233~rp.1&w=500&fwrn=4&fwrnh=100&lmt=1705504205&rafmt=1&to=qs&pwprc=8885713159&format=500x280&url=https%3A%2F%2F3seclab.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705504205281&bpp=1&bdt=1699&idt=0&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85f5c5c159c77a69%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_Mb93ZQYCJF9PNRrdD0nXxMvr4sL5w&gpic=UID%3D00000d43700928e7%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_MYzgamZlVuSn9boNcaAHLj5-qNlIw&prev_fmts=0x0%2C1200x280%2C500x280&nras=3&correlator=7814081595830&rume=1&frm=20&pv=1&ga_vid=440884274.1705504204&ga_sid=1705504204&ga_hid=1558612209&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=2001&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31080431%2C95320892%2C95321627%2C95322163%2C95322325%2C31061691%2C31061692&oid=2&psts=AOrYGsl95Ya7pY9kXAFmbNgL7fy4ghf-ulzrwF1d6HFUVvqvJwDESaqv5gDxcdYSHGP0kk2oC1kI7vRjWjmX9Q&pvsid=593978333931182&tmod=1091228091&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:00:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
586
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 31 Jan 2024 15:00:20 GMT
l
www.google.com/ads/measurement/ Frame 08B7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRa6KJZ-7o39UBqMIZ1aBLdwkdf_PwnZz3VH7uLs9Rv39BUPsHYEmWl5TpbW5dloGr8sn53Jf9oReOPbfdAB_rWVPVWNQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052384650666721&output=html&h=280&adk=1958173566&adf=867136312&pi=t.aa~a.2964258233~rp.1&w=500&fwrn=4&fwrnh=100&lmt=1705504205&rafmt=1&to=qs&pwprc=8885713159&format=500x280&url=https%3A%2F%2F3seclab.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705504205281&bpp=1&bdt=1699&idt=0&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85f5c5c159c77a69%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_Mb93ZQYCJF9PNRrdD0nXxMvr4sL5w&gpic=UID%3D00000d43700928e7%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_MYzgamZlVuSn9boNcaAHLj5-qNlIw&prev_fmts=0x0%2C1200x280%2C500x280&nras=3&correlator=7814081595830&rume=1&frm=20&pv=1&ga_vid=440884274.1705504204&ga_sid=1705504204&ga_hid=1558612209&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=2001&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31080431%2C95320892%2C95321627%2C95322163%2C95322325%2C31061691%2C31061692&oid=2&psts=AOrYGsl95Ya7pY9kXAFmbNgL7fy4ghf-ulzrwF1d6HFUVvqvJwDESaqv5gDxcdYSHGP0kk2oC1kI7vRjWjmX9Q&pvsid=593978333931182&tmod=1091228091&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 08B7 		205 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052384650666721&output=html&h=280&adk=1958173566&adf=867136312&pi=t.aa~a.2964258233~rp.1&w=500&fwrn=4&fwrnh=100&lmt=1705504205&rafmt=1&to=qs&pwprc=8885713159&format=500x280&url=https%3A%2F%2F3seclab.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705504205281&bpp=1&bdt=1699&idt=0&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85f5c5c159c77a69%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_Mb93ZQYCJF9PNRrdD0nXxMvr4sL5w&gpic=UID%3D00000d43700928e7%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_MYzgamZlVuSn9boNcaAHLj5-qNlIw&prev_fmts=0x0%2C1200x280%2C500x280&nras=3&correlator=7814081595830&rume=1&frm=20&pv=1&ga_vid=440884274.1705504204&ga_sid=1705504204&ga_hid=1558612209&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=2001&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31080431%2C95320892%2C95321627%2C95322163%2C95322325%2C31061691%2C31061692&oid=2&psts=AOrYGsl95Ya7pY9kXAFmbNgL7fy4ghf-ulzrwF1d6HFUVvqvJwDESaqv5gDxcdYSHGP0kk2oC1kI7vRjWjmX9Q&pvsid=593978333931182&tmod=1091228091&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:10:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Jan 2024 15:10:06 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 08B7 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AJO_cHVne2k7CUSSOybF4IlC7l8_6ua8Hq3KWJE7PkWRww3b-qhsbgBbpLe3JuHflmMuwPPoN-A73Vr-F9fP7ehXjtG93jXzIApkNuQXMvdnn9lxo
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052384650666721&output=html&h=280&adk=1958173566&adf=867136312&pi=t.aa~a.2964258233~rp.1&w=500&fwrn=4&fwrnh=100&lmt=1705504205&rafmt=1&to=qs&pwprc=8885713159&format=500x280&url=https%3A%2F%2F3seclab.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705504205281&bpp=1&bdt=1699&idt=0&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85f5c5c159c77a69%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_Mb93ZQYCJF9PNRrdD0nXxMvr4sL5w&gpic=UID%3D00000d43700928e7%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_MYzgamZlVuSn9boNcaAHLj5-qNlIw&prev_fmts=0x0%2C1200x280%2C500x280&nras=3&correlator=7814081595830&rume=1&frm=20&pv=1&ga_vid=440884274.1705504204&ga_sid=1705504204&ga_hid=1558612209&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=2001&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31080431%2C95320892%2C95321627%2C95322163%2C95322325%2C31061691%2C31061692&oid=2&psts=AOrYGsl95Ya7pY9kXAFmbNgL7fy4ghf-ulzrwF1d6HFUVvqvJwDESaqv5gDxcdYSHGP0kk2oC1kI7vRjWjmX9Q&pvsid=593978333931182&tmod=1091228091&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.html
s0.2mdn.net/sadbundle/16194089670991452542/ Frame AFEE 		673 B
438 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16194089670991452542/index.html?e=69&leftOffset=0&topOffset=0&c=Hv1rQvFnSe&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da10d8b8587c8c2f57b549a436dff23e35c7ba130d315e39be083470275b47fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
409
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 17 Jan 2024 15:10:06 GMT
expires
Thu, 16 Jan 2025 15:10:06 GMT
last-modified
Tue, 16 Jan 2024 15:24:49 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame F18A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvKpabPM_TS526cY2Ax0H3Ow6xMg6jLXe3Gq8JIuj_HkpE2n9-2MVJHp8slQjj2DZrEWBsx3p9PywEMEvMPBO8Cbr8KhkDum8pusld8ZnFFb1agZ7GXyxV_QVz3C0SGpf9Bm-pVZYWS7qlibE3vvX_-thJA1oUJzkbbvQA_6sTfQkbGFgcqdkPcvnNl18reARWQFImVpA4rwwGbFlaZ8KEDuI6GfL0paomChhEaLnbUYy3VBqnJ-AcsQeIu5o_6brsrOfmdX8d6-scZWhSSRY0tePGKWdJfdS2Phn7L1PapK8eZ2R84PV_4g2OExHI2-9Kzo98z1JBD6N3KKa-SPlrBESzijMl09TwYSiS25v_T50zDEr3W9c5NWffp80DMcyiYbheuIgsnKDBnVB4AFaGEI1qArlFqMTV-dF6Sov3pKYPV-xDLkaCdqqNDekArpkhTlgTbICeZB7DvvHTYh53jkTYyjKz6qEiO-HdsRvK8Vcs5BDOT-tPGUUzyq_czpnIXbCLnhhYIbKkx8NcyhR-FZ3UNQvCofVX9XaV7trVzapYpK-hJUlnxpgzLEWZDjQFaE3mBojihwcMDSzBv5Zadbzw5Zl3GKu8S0aqQPN7GN7icWB2elaetYMVV6o8amkJL11qwMqlVdciqPJrBe48e5WznlRuSkZLMBl4hE8O2u6B4CL-_upssPN4Qnxxgep-iQrPv5cbP6XSeqOpRr-0LSagln4pJqJyFZWZ8aAbtiy8fgpQZQgBxaQ8Ovu4aVq9f_56nnzqGOJMwuNI1MatrFERd_l57qO68cmJqPm_RIO3IA1ZozB6O1voTy_hR0Kioi8ZxIDH4ZyQD0wAyoReaU6cT2jkUymQ5sLibzDoJMMHxMtaW9MwPoqlX5hWAd-0NEJB2WAMUgoQUAZih-uYDgZ_4DjBfsermsCInDVRWZGutkrCM7fw2u2HpS-Q3mIMvqXyHI350SPbvE5QAHy744k03VkQYIjrbDHFHJiPh0xLqBs7xV8reve72r-MuFauv3BePqLFN7qHPkhfayfcqivvD0rCj2ThlFoUwspa03vwfLtwseoSdlJeV8E260mA_8ua2oiQEZoLWcdEb6Apff-MIsYjK5x9N8YT9VXGFCpNpVyXEa9MJk1-XasnDw1v0cS5U01_OwtPRrg5uIEbvTexGocbZiuOspiuaFCgO-LvxgXhKM8_WiBzvpy8ZtcJGMeOjY0ycKO2maaVzkxZr4JjlKUkg3BkBzYjaahvL25TxnZgEGZRRL9lw7J9nixSyBM3IZRFGKntMVDQlMzvy_sTwhO0DLKC7i-LghwZPBaK3KilJ_KfZEY8XI9VAeDppOlUZ&sai=AMfl-YRudhAfa79WGPTgNKgOZsfxY3z6PNF3h4u3U1UsI4kjZpPYAHOOjUznvdH44ueVJgAjJoKHVLp5HSSj4j95vaha5w5MG-tEWQzk2IKxdYMlxZ2RCpsCP323O9IDRSpcgnJADIg7jTZmSnNCG0rdHnc94aQztEKAlMQC5wbVA8GRSCtZUy0SlvsvY04DzIL7OkGFOFSlc8d3IqR5I2MpmcWz7eKZm9fKpK7XjMgaM5mPUSJ7UU1tp0E5GR7ZWUjR5mhjx2livggvJsB4KydwL4f2NapqtGihWadLzOIaug&sig=Cg0ArKJSzN6yvbtiWa2_EAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=321&cbvp=1&cstd=315&cisv=r20240116.55742&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 17 Jan 2024 15:10:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/16194089670991452542/ Frame CDFE 		673 B
438 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16194089670991452542/index.html?e=69&leftOffset=0&topOffset=0&c=CSTZhzLPkK&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da10d8b8587c8c2f57b549a436dff23e35c7ba130d315e39be083470275b47fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
409
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 17 Jan 2024 15:10:06 GMT
expires
Thu, 16 Jan 2025 15:10:06 GMT
last-modified
Tue, 16 Jan 2024 15:24:49 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 4145 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuZkBeMAi66GGRT0StIbjYSBku2L6w5U5xoewgiHyi1I382txAsec2wn6QnK01bW4DZweBKis8bsYPewYWI6HSoSCs4B5hTuTbL_Qq__F00GocrDQoTWrtGeG4YVl51cVBRWGFKBt69UPkzKiHMImdw-jOV2tM7YRrWta9zcmW7PAJp34Bw7uoU3SlCnRN_IqjobWi0AtpyjdrBFacawJmDS0WB7zsy7aN1ffByBVosVZlRIbZI0Q1CgjNECIveBgMfT7BqxDGTc3E2L0uB7Wdgmz1SvIX7z66wtDJk2PzLHHAc_v7T_9retTx0EqCN6VoWN5F8GUeFRbk1vo-TfOwq6hdlCGuVNrOsuoaez_H6pn-0iKaqm1d0EmtiJbEwepQCaVntAx4ldxFd4B1wpNGtpukiCHiBuVytmj0GsZBZQKvA9uYFcv4tIhjYTOx-lE-bhF4oamWJ3mE_lw_OZ7zXbIvdEGhHMyybAA8itnuXbYKgzXwh6T4dAgqJnYwIIDiciprZiD8unTHbfahQIETBJHmDAhykZhiDHdia3KO1we7j1yOfqHNuf0BOZMrs-PkL-RGicAu66L28oGg0v4Y01PULZIbnoxSCR4HFdp1JpzZ6y3mv1DPytg2H4W7lgSC1pJilnNLKBYLfbA1acuAYfIs6ZoMvi3u9Nw6ijvQCpA0-GoLmgHQyQGF4i8KUDQgTANGN5L7zJGMpAO0qcRgfDjOorOAD0z_pIpa81MKaGKQzSf1zk89_fbZCoN8qp_d_YQPuiLd0eMBKDfQ-nXeE1wemMTDeTLMMKc3YQ8zSMyptL9q-iATKVGFu4fX68d4QcZzh62577CBoqVv0WTgrm8b4E2x-lS49JE42HU0hDEG8jvFYIcBf8oWrpzy3hNkFE5aQFNYN_wrIEioXH7al44f8YhYOBqYhFuNz79SyC0IGQAzcF09Z-yEOIW2I1DzFi_Y3Y_wguZUPDYMv-ZOpZJTUPU2Eqbi1PpOudpPiXTknwOXIY5fYwF_gR8A-BRWK8js1wC1BB7Uq-SwsJ4WOFzP9n2QrP_Qep3offEaHxe3JO-Re2nfQd30qE7O7P38wq42Gq5D0b4nL7BvZdb-cUCcodCdgwYVtr6R9pZHSqa0FYnN_UkylCqE3bifJNIrSi0g4caPyFS-cad9SEp0IPmYvTYlKxmCpDj4zJPLdbLQXcq0Xp9_NSG87aCddl-ZiieAuPnR9f5H21emj3XJUOHtegjk_kWCEJ1kFDOGEGEO8KYW1iWjADNrhTWV42kSyXO1T-qmvNhNTm6wer7Fcz23Nocu0yR8GsiJDqDCxv06Wm4seUaJrX6qy&sai=AMfl-YRQVYD8R43aBs8maT7JPd67v1RixniNra-wOV6okTfIamm349qRjYOFLlGqNJw9jFoa2-iFNZM7taQRsL48XMwTryPa2NIwDzM5vkaYEvf3oOa2Zlei6wVO-9tT665m2ZYAREm3pG8bFALn_IP7tWwkZ7ibw94EiTIzmY2_F5D0-wG6pxq_SbkCpDmzm2p0zH4JkzdyTIAIhBCyd6y-brMbEKyuz8VhMVlHKqadRRJeByeWkaxhrJq_TtXFeTaT5MxMKaWVCCC7UdI5oNCLzAlDrT42u4LhN5mi2pqNiw&sig=Cg0ArKJSzLNVHPdpCIkwEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=286&cbvp=1&cstd=283&cisv=r20240116.42857&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 17 Jan 2024 15:10:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/12977775661556909822/ Frame 48B1 		671 B
439 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12977775661556909822/index.html?e=69&leftOffset=0&topOffset=0&c=2MW6RW6pHX&t=1&renderingType=2&ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
153b9c71df431376e7e82b2a07e232527d66b0bdd19660c177e19f78c77cf564
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
410
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 17 Jan 2024 15:10:06 GMT
expires
Thu, 16 Jan 2025 15:10:06 GMT
last-modified
Tue, 16 Jan 2024 15:33:51 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame C551 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvYPI0UDlDQ1jr99ScyZa44uWXrWaprpK65bXyQkbii_xcKAobTm_R0fIk9g4yk-agBLZRIu8nidQtxVNfwyLD1ZswWMlcq4HRIe9jO5lUtW1X4bp9BlIYCEhU4ky0o--9vu1WA1V2maYYShYpGFmlECMmI7IVb4IIX6I4nTRIavEt5O1Z9dR8UBbY-AJz0VPzgZohFePn3hpwrjOqRFBPSDIjx5z2L-JP39kzAA114ktsnafHhABEcF5n47SZQobvy08pImciEJFaduWFLrmHfluLHd90bD4y8JaWorO5rp_rryqyzmZcCVPPobjGIR6CwusJADyenoohipwpbjZO9pjjZe275UiRB1rTfy48QN2N-qtUUYavvBlrtnHUB4O7MPDOQGPeARuiQbW4YXKDb8ukmhQTMz2OLdi-JvaoLlrsOGpdgYUcNprJqHwYrrCVZu8zBmA44zT7eesaaojNBOa21bglt0-VqiY91u1Lh_B35cmaT8U32pOmj0Ns0SWvgUl0qsGW3a9RJ6pDqHFHx9YiCSFareN1s8nZV-jD_6X_JlPDsTB-IcVwklLZPjVEKexxS0d6yrKSryzB5LR4u3QnCPTUUJbFCTyVZhnvw0TLviYtnxz84QhLEQkoaFwlfpP6d3RyLyqQvKQ0JvoHXaw-tg559mpE7drL_T3LiYi4lCfxf_Zllhi02P-6QmugZR2tLRdX9SEOTAl7xTwoF0irGnBvwPVwy69y3y54Q2pCTFSLAduFmIFnB8HxuFsRekC7lykZK2t4q752VskFpFP0kN8vja2Yn5DR04jTE0RfFR7G_ZFwi8IyY-l_htoYAXDo9YSOIJEQrZ8QpsB-KqCTtL8rN93Zx8Azd_qDkbL1IVH1CQRA1l9PitjXfw6wTeToGfhfTOrnlx7-nu6JRL6uAouQ2lJnlPGzUigVARNlGnyr0J-qcHLaB5iMQxjo5a3QXkiSJkZougec4kB348tOulFM0dTsCGzzEJT3lFsKRrRBwNkQXK8Lm95swTinXCb3SXRdt2L5FnYM4Vr0QrJSIxqZUVSbfrXAEprNLMF0w7PYBB9U2dSzyiNgLDEjRO7nLHzPSNfrBULZLXXSH3Vwkm9dCvgFxORGPFJToUElh3cQ2zzGN6YROBM84P8Ct2u7VSo4O_Fhllz9LPlu-Z_XxThnhB6tDZXT-u6LlOxOFqOzNphZfI0RShgXgSQdppuzfzJGBm76jpWvS0fGYaTIKqM8ajjHgVrJZYbdFi-upJPdwcLCtOPlLTS07y-ZCsGahNLg0QXdcDmvx2bzVw7WH7C1IC0yj5mAAbt2nBQ5uoSwO_lG74ODjRskF9Zpof6T69gc&sai=AMfl-YSobcftFoVH39cg_R_mSlasSEyg3q89Nv-CmV1wMR1ebCEgVh_z2phMYdpqeZ-XbB6wVfVUldV93nNAkb9Tk6aODZZ-BfGIPxOLsoG6E_wPMy2bxbyu1ssXA0-CiCe7USNIdlIQgA9iQ_cRjbZjPBHTmLEjzKELauu4E_tjUhyQLRmexxy9JPymI8ruDRObKeliZTEme7_eSaSPaAHVw4-i9u-s5SShxxQDo1SixRqCLRLdwI5VSJHo1OA1znRY77MlfOxZonRoD6sTT0qsB6mEQj9fYvDrZyNLwQ43iw&sig=Cg0ArKJSzAGxBittWj55EAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=267&cbvp=1&cstd=263&cisv=r20240116.67952&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 17 Jan 2024 15:10:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
rum
dsum-sec.casalemedia.com/ Frame A9E7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBuFcC0xuS1jWKGprg6eIys&google_cver=1
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBuFcC0xuS1jWKGprg6eIys&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKo89UCEOuOtqEDGKWd_YICMAE&v=APEucNUDaJ-iKXPqJ_bOYqrbS-21FCKRytLTxN9eiLUwCdSwtpT5I8HZ1tqytFkjATgDjlL5tBSNJQaz5mHcKal-eYPzX9fHIPBX0viR0sujoR6OA-CpZ8J2ng9Y1DlUAb-Rnt0f-wE3PycfKl4v4sFFMCAzKN5hsuZhqUA5_v9maPiuHw1C5Zc
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:06 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9%2BDrGxGXg1KKFXLfXkavYeffBOFstOc1HWf2v09qf%2BCqT6GeIH25F%2BYbuF8dULjyIed7bVFWXFLnasNoKDrQ1KJtyvthnEE7hGGcq90AB%2BQl6tAYovIEuqMqWjM4EdLTP9xxyPGyZ8AcKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
846f85e89a7f451c-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:06 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBuFcC0xuS1jWKGprg6eIys&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame A9E7
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaftzbSKeWwN67RCUif7OQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBuFcC0xuS1jWKGprg6eIys&google_cver=1
43 B
736 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBuFcC0xuS1jWKGprg6eIys&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKo89UCEOuOtqEDGKWd_YICMAE&v=APEucNUDaJ-iKXPqJ_bOYqrbS-21FCKRytLTxN9eiLUwCdSwtpT5I8HZ1tqytFkjATgDjlL5tBSNJQaz5mHcKal-eYPzX9fHIPBX0viR0sujoR6OA-CpZ8J2ng9Y1DlUAb-Rnt0f-wE3PycfKl4v4sFFMCAzKN5hsuZhqUA5_v9maPiuHw1C5Zc
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:06 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EB9qa%2BL1r6GVLhMGmwfZs0NLIWzhoEDjrELhy1H4C%2BGVF9KkjdCJWkBY3ZrucDFImIM8j35Hgl3JqMshnuS78tI0rJVD2J%2FMOryM7U38halkt%2FqM9Y%2F7TYfv9EcRO9hb5tXDkEzzWBE9OA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
846f85e93bd0451c-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:06 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBuFcC0xuS1jWKGprg6eIys&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame A9E7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEHdSe9yZq2VOAI4sVyI9USg&google_cver=1
43 B
1008 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEHdSe9yZq2VOAI4sVyI9USg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKo89UCEOuOtqEDGKWd_YICMAE&v=APEucNUDaJ-iKXPqJ_bOYqrbS-21FCKRytLTxN9eiLUwCdSwtpT5I8HZ1tqytFkjATgDjlL5tBSNJQaz5mHcKal-eYPzX9fHIPBX0viR0sujoR6OA-CpZ8J2ng9Y1DlUAb-Rnt0f-wE3PycfKl4v4sFFMCAzKN5hsuZhqUA5_v9maPiuHw1C5Zc
Protocol
H2
Server
37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:06 GMT
an-x-request-uuid
b6d1630d-45fd-4105-8a6d-34cdde424217
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
80.255.7.100; 80.255.7.100; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:06 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEHdSe9yZq2VOAI4sVyI9USg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A9E7
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzc4MDQ2ODgzOTQ5NDM1OTgwMg%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzc4MDQ2ODgzOTQ5NDM1OTgwMg%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKo89UCEOuOtqEDGKWd_YICMAE&v=APEucNUDaJ-iKXPqJ_bOYqrbS-21FCKRytLTxN9eiLUwCdSwtpT5I8HZ1tqytFkjATgDjlL5tBSNJQaz5mHcKal-eYPzX9fHIPBX0viR0sujoR6OA-CpZ8J2ng9Y1DlUAb-Rnt0f-wE3PycfKl4v4sFFMCAzKN5hsuZhqUA5_v9maPiuHw1C5Zc
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:06 GMT
an-x-request-uuid
d635189b-d98c-4504-934f-4c304607e3c5
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mzc4MDQ2ODgzOTQ5NDM1OTgwMg%3D%3D
x-proxy-origin
80.255.7.100; 80.255.7.100; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 08B7 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7891764725259&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 08B7 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7891764725259&version=m202309260101&ct=76&x=1&cor=2200309961829521700
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 08B7 		108 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BPMIptiFFtsftUJs2oCZ2mFfJufbgzKZ8aSByGhzPghgbbIG-u3RzOiwknLkO-TJpY0A7lFhNgDMHHJRI1101zOANkAtHFyWizO-P9IjVVs92r-4bgyVL3vtm09UBjvQQEtQA7HZKkxfmae_31ZCy7YQTU8BRqNqYIf7BGBR4AjFx_Gz6lI9kb275HDlkjc_Tgeg7j&dbm_d=AKAmf-C32D5Wrg75xQMgPnsR-mAVABLOPssFyOUlOxKhzd4N8fwmo5UXASfA8pq5n5K__Yw5gvUJKsk5wvguos4IArZaYPKg0j7aFORTYfskL0m-0LhUPy3_jOw-U0f_tc_g05S9waC0PgslaXy6TIwNI9gc0L_mZYa0lIhK5C79WSN0_RTZXuHMGr9dx631nGEtP57VRQlXkLimhfFg98nELAy9HyQaliunuEBYYF3nZw5xlj4N9-83dxZBXYSOO_rpYsUQjrGfnguD3YbuEx3AAxYXYkhMvKeqt0f_B7P-CmCigNJOWCR8tNm0hYCpCsZgOHhJ7DP-vcC4rYbQKIDtMJDqmkG_lBp7U7EJMfxm72Y3Z8eu9hqVlAuu9EIjJeRj7FZyLJRa-A50huWD-l6meuvK5q4I19hYeK7PV_HZbce9YHAF19CJB7xPOIQWb-BInXmh-H0wopn5s5gTDMlTJuyUAfCtH_rk8YNGGxpq4YCRfWlB9xxgyFqRgL-pfPJ_SPXZVmgH5ewWGP27Z_fqp5Iv0tkz5_z3K2tD908qjNC0f27GFFBc2yVnbCD_ZnBESJ269B_desv4JDJpttLkzbdas7_G2SmPBuO_RhYdXWO48ZPE2FWoSn_--v-2UWggkSaCHK8n3i02R5KEkUB-HtIzM2yLXX6nXGBMv1RUy1a9QrHKwtldXHR1QbxN08C34hRoiQFM7tBWJonXbZtaalqffqmjMTDIVNc5XKi0m9wblX_XMAh4J-U3eipqd1_o0L1ltdVj59uKmxACpYFeCxdplzcVzw-nHkkPBJZR1dnwJ1ckzdAGaKjeBCJt2FKxIYzf05edWwnFSEtdK_OwWsFvKUbV3WSG2qpncP05AwMBE0MEH4UYcrdDO9x1bblHpj2bHvOKh1sK7a3C8rXGU6x_dzXK5n6LV2_WnlXk_YCupuLhMGXki0gLiXopfv_hTqH1I-fGvuwjcSdzrJdGcb5z41OJtuzT2bc3JVDwsTyTm-WByERSEt-DPMs-kqSDz9U24EYGw7n3CW2AY60V8Ctfe1esi2L8vO4RIp1Kd6_oCiTGb0d5FtbyyU8W4iaqIice8Y9oqX98HCE-fxA2I2AQ_eDXeen1TQSLRXc9YSgmglWxg34qgJWXvhOCz1XX-UYfMk-QYjv3ibKfz9OTVC-dXUgM5muCLPzgThQRb5jKqbujSxodPzePhbIPmdfuGyarxwpAfXraNt5nOhNO5euOMPL3G_vzIJCVfNnG_kWjd1b5Kiamz6ARLcC-dYIjDqSobL1aJNKi_RQ2IujHYKfZUsH02G1P6sI8j_cjY2GH1mLiMMHrU8JqhO-LnmAzbmuRxUuRTvfSc1pYx2LJJtDXZDJy3PRiFCEMgSFPwHs31qibPiTaB7konxA3MOMkr2bs7RgLol_oYwbksjIPTwZxF_FVYyFsxkzaGpJaibcKu1TjqtV8NOyAo1gDH639BQE175UHaf4seom3gHUm3GFtxed-fQ9Q0Defgzi_Jbki-dVucJcHgl_mwQyv3I-2COdSNyqKXVPsdK4pRBynKhBgnwy3_C50QFFJE6JAMfWaffGH49af8dZSj01R1LueLw6nKC0sVWuSEKaJxDAVZuLhmlFjFro270eLjI3jjTNTziVhDonndd1qegElznRoIJfx5szaImmOYpUCVVmsPLFh1ul4GUH805osuarYE-IXrCmrlQPqUmwowpNUNFvtA6iChZvlc2vJ3Bd0L0o7YWFNR-_upriFnC6FBY_np_GxN0c7Q7Ql9gRIa3FJoisEdnYrqQZ5SyF5YOlY_EAt7zVeHQuzzvi9_NqjAtKEYPMUSiiM0w0jZ_vNkBrOd1r8pJ8cCp_MCn9hdHeP3wGMLL6rPYV-6NssaC2rQpEJCzCKFNN-E-wWNl1XkTdZnOpl69VqIytEoUDO5kblzWuk5JaE2xQrugsdj96YW96uxLoGNJcryAMqg7KpigoPROB_RwccZbkmM2OKozuG5x5W4M9aZCzm-21r_xC1qaaRJppc6oMnGQUAkIRILeksRwfuCk0JScKnlYZtKfbs3vuHekCNFopAIoZy2nIfywOTt_y3Dw9pN0S0L_1GvKb9lbkipd6ATIgDh0LhnJWJxxe1LB5Ed5AWu9KeMAP-62LKSkbAVo-ReNpJu2QcJx54htTzp8tuZiQn9B_9mXerpoNfjQP84FWtoDL5s3XerJ1GWaZdiqP2wBNJPnGGNUUEGxqv7s4L7FWW-8qvQyV5cnu2wjmzN_FsxvZJnsP9Z6lbdA3WvxN9h7gvel5A3RldN9R8zBaVHjfIWobp_lMReiHGTna7K-DQxfBqa9PpFIxecZCOnUSX_SazoBtPwnzXW0USGCDl3AYShyA8AjfmH9GGjbOjdcjNLeT-1iJZu2UcnfyuNz3OEAsjq2qLihf0Eu931BxDjxNK9Irqxgfn4ePJwXFmwI0fCrTm2uA9IG4vCwPjjfq7V-gEEOto8WCviCYbTwBLQAT5pQS9Hgm6qKUgZCZ5xQdSjNRFk5S8vEQlrwKgaNmDPBhwattdB7YkM7fUwII9yzTxtesUYtO-eih10EV67_CmwXQyLFUg9q4NsN5LeztCpDptLx6MqCdx2RrTq0DgtJYTfT9QivlsdZuf3mI-LSFmt3GXwEL_AdSBib_XzjLmqohTU3CfpGFLyVI7dA7Qg3ZJMlsgG-6eNf_aSiOAqMvwUKt11vFScfVutqSb5Sv7OEA8YEg9UDnLYybnHC_YIC40ETY7djrXFCiVpyveHVfFTRRVTYpT0eIzsqUyfjDo8OPWiBhQ4epBDfdwBp7Ws5pIBgpDioeG7sNll_fy4420xowPyIAKKY2lRYfhuEDheYdbGD78k8wIEuAnh6HdI2f16MtNYn_yJz4ZkJ730GT8yVVl-YtzywKKcIQenMsCm0WKSaMii9Lvo8ffEnJsxzIZe2JEy3VGOnBBlBQ0heyiwDfOyRoAcu90K_70lCXFHkGTffyx2GIZgDHehLKS-GRRTYaZgxx6hGHK85UmrHYlB5G3XI2E504HfAthoBY6M1wWpSb5gDiklndm1hm36kzuOGiVRX4hpjVff4bMsrDXnKOIQCuhRoiFKXo-I1Y5VaRhvBlEx9yKZmZ_KFW435aRj9vNuommJI1VXdkutj6QlQVo0uiuTpq6w0px9coyelqk_vRseIUX6ypmTzfjghxL0AHaWOsYF6-ldlgSw3uSBHSTTr7CqTPOjLT0GAGMGSiXwcDaOzfOcUBzxw0ElhzISGMJTSrpEjgFVZmO3f0USwqgXUwSBoAAia8LQyavxU2VALnXMhhRqACcHOjLcyes0B3qmBbFVR34m6zVOeLoM6avm1uZMIT_g_5RxgA6eAm4-l_lu2tnhZIRX32Th9CpHDG_ZT35yBzkkOtT79HorBkHLLeeqCTIrcMgdB-01VGQPUmboUI9J_3vDhiTQb4kqPhg9Vy1wXGMFwxj_uzohErrpXKzZ2xdgT7Ocvy1BzVXHID-8e839CZAN-DuNbk739ISnsMaqGVBO_0nveNOwVc5cEE62jKDpwzU5u00ydZZH8ljdQJ-p7q66E43teZkASmxV6KopyQYGjKLiYRS629Grc-QmhDyYkJPGcyI-giHzI9vTC430yXgYQv8f9hsAo3c1Kyv1i_2YBiVuoETEw&cid=CAQSPAAvHhf_VquEJ6aHznMmNyaSzfbZGy4bnpVjI_4rYT-07g9kP4efMI-0lpzFdoInu6TI20lXs8kMKW-XzBgB&dv3_ver=m202309260101&rfl=https%3A%2F%2F3seclab.com%2F&ds=l&xdt=1&iif=1&cor=2200309961829521700&adk=1761367584&idt=117&cac=0&dtd=7
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0a147c4ad6d7c25b8f8e60d007a049bcdfc63f9d250d56cf55bbc9ca88202297
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052384650666721&output=html&h=280&adk=1958173566&adf=867136312&pi=t.aa~a.2964258233~rp.1&w=500&fwrn=4&fwrnh=100&lmt=1705504205&rafmt=1&to=qs&pwprc=8885713159&format=500x280&url=https%3A%2F%2F3seclab.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705504205281&bpp=1&bdt=1699&idt=0&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85f5c5c159c77a69%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_Mb93ZQYCJF9PNRrdD0nXxMvr4sL5w&gpic=UID%3D00000d43700928e7%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_MYzgamZlVuSn9boNcaAHLj5-qNlIw&prev_fmts=0x0%2C1200x280%2C500x280&nras=3&correlator=7814081595830&rume=1&frm=20&pv=1&ga_vid=440884274.1705504204&ga_sid=1705504204&ga_hid=1558612209&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=2001&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31080431%2C95320892%2C95321627%2C95322163%2C95322325%2C31061691%2C31061692&oid=2&psts=AOrYGsl95Ya7pY9kXAFmbNgL7fy4ghf-ulzrwF1d6HFUVvqvJwDESaqv5gDxcdYSHGP0kk2oC1kI7vRjWjmX9Q&pvsid=593978333931182&tmod=1091228091&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:06 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3BCF 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BC3j6ze2nZafIJtW89u8P_MC3gAwAAAAAOAHgBAI&bg=!ERKlEl3NAAa8BdJLnAU7ADQBe5WfOPDyvbcIFvo4kPS6H9urHRBkxLUAnG7ktonrzl8asb_UU-aw_D2ZIWcDz4WE-0tiAgAAAJJSAAAAA2gBB5kC_3NOWgvmRGtMSpkUg1f4bT8hQQHgGR2bGTht9fNUCsO_q8QwTb6XKixsXN7Vn9L98btAxHqYx7Yly2GsOn6fdrQcGa8UOm6RRZEQxRPyqLuI01pQqhwSdu-vDi9Ad8MW-F6fH5DoqClKWPrwabVhKYKJRiSiY_1VAFek-4iu3H-Sb6oThW_mYZaAmkZS09XWLubK6MtjaVd93XgvxCHAvonl7wlqBQZobusi1SkjlsYuX3G4Kb18JIob6fIHsC1IKlsJx5egJdWbZwS0ybo4DhwYaiKvgt-2IAyCYF1fBccWSk-CGW7i-3JAwldtiLJ980nhFMC-N5T6mb-RL1huT3ay7_avOlwsjUPKZbJugsoQb6qUyUG7GvuQqcTLOrpBFxAosCcWk11p3siR4jf8YWmCTY3BigPS5nbEJkm_ZeAllwaAYbg9Z42Xusq-o2rkuIOBS3LHvYxWhkG0PAec3_FvJMwseuDUPqwj4qOEqMJo_FvSsPumDxD3Vaw3CwSwJFb-MDyGlLE3ipm2ss7Q_Ue-xuJBCadzAyNCbhXlVE5s1Ut6jhhuIQRE4ghmxAWcDUP0UBA1PrCqfJ607q2lFhUNeF0igHWm2iTRKfij3WktLAeO5VPLb_0HRDjWfSzAK5s2mX4vnPCdytd5F5PUi55W3KhSdJRYm7v5cUGhhpBKlQMNnbVPgQGrPlU7H0eznNsLIUQ6GwLEcm12PdTr-5Zie-_NUIBB6sqJOkvl5Bp-Rh-KX2zzP1BnzQYTvk_kjt81CFhcKCaP-ocobfEYlQ8X5h0vXFlAFL5Bh1o_Qv04WsH0LwTDmZI6LdQ3yga39coGWO2RQxHXmvVFPfkqxx95MoEpK8pOkFLLDCrSnr3rBy9xc2prsDvKbGDia4X7NjIVu6H7_TvPwyFUByzRqS-Klm5QF7f-oMgqAbG_v7-UXTEa2JIiB1gwkdkUOPb7bGTWpe7SqtPyayB5Bo3sqU3pzK-jMd9ATbR2e2qYE26xUwCrhLy5fMX9l-GVVums
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240116/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 50F8 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BawITze2nZequJ7nT9u8P0KKg-AYAAAAAOAHgBAI&bg=!dXaldjnNAAa8BdJLnAU7ADQBe5WfOKopfu-RqhH9gYe-JUr0GURRMqMD3NIBwuIEzJk8C_OZmE9Tc1C67JsvK_Eo28b3AgAAAI9SAAAAAWgBBwoAS8v8QfxLDeNFqiv4PoFLBeTiYfALpRVogaLlzLCz2GuKkCea71vARJCUdGTiNzCUK_uEVZdjjBt1RckgQIlL0L6UjF1SEMDXwbRKJpkDEienXGZfR2J2-iUg0ragpZ6MYFFKSTn2MlLjELdzWSAkofVdDKWLOclWpTbCvTFCjUeGUoeJ3bElLh6HHL_y7ijvoNn92nfLaDVTWzC0v9lKbnpMpiCuswirxx_tdADOBUbwRaqEpj2aeFeEQ0bSYlOa2pDDqmxkNytqF5pxFgLrBGUkf3eHAE2H16CNTj5a1zYiKu1j7uxIGxtrMDaCtejCHe2wjFm3EIRln2rRKM4uO_z-tg6OhErdvr4K2g_2GRWK8X77yQ7ZJDm___l7rcUq2nX20OfeNkGvEkEU85vrzNAKfQx3HQCJXva8zd8x_x8BbdWVL15jX7PczsaXVU6MTn9xyIaNZWIRbs0XIxBlTo9-o2dkbCZD8Kkdel2F7qWA2WafwYz1dGPoqAtmUau89UkOk6Xq_oTQBFxTPrMyx97Uv7urEvC1HN6WS3hwf29r3Sa8Kn5H1xb_VhQZksBhN50u3CHY4xVBj9R_Svm3--33dQ11hd6_Hv9Rs0SESBSaT_lN2rWxMXDilFWF5TVoqJUVr66d3whBaKH479SQNn96X-nLkEtLdV0BChgMMq60l-ymmSoeUPote8M8VmKk-JZyAClB0P4jq0TZ7cHo8K0nRecPwzAORB4L8ReHLtUMybKmYd06wU0aJEvUT7s-2cdbOu-IpeQDgHRRN1AIfYYCBxK9v5MwpeebxWIeqBzZD6W-85A_FRg9ShFIEKCU-gExYvtFxjtD09UYs1JUPvbCgYWCPZuW91c7F-B0maKZ6cgvzJu-96Vm4aG9VBfBf3t46u57NdsmXzPjYP5cdjcL9WxSVRJ0d_H7ve7PFATtilRr0Z9vyrQXySMSJ9d1ueCIu22qp1wlsOeRUvOnY3Foo1J1WfX4SePdvihPxPQTy5jIptI0e1i2DXPraxbtatb1RYE-utLawjCEgp6v9HLYb2BiDobFcW1o_KbRHUunDCUCXMTrU-UjbjngkMD9v5WthScapSexoX9ENidyEmk1jjsVOtIQHnULqdsBphdgduFer8fjJ1P0u5UxsLSDOA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240116/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 2C2B 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsug3vU4zTMyf6yh2HbUEaDcGyCvUXLQEMScjA9fjIY4JrSQP9IHemL3cUPOX0y4WnKVShIzrO6bXAa36CXY35fKji0Kc2U6OJmMnvHnajYZPr1x7fuoFA&sig=Cg0ArKJSzKhISta12UjaEAE&id=lidar2&mcvt=1006&p=0,0,280,1200&mtos=0,0,1006,1006,1006&tos=0,0,1006,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=0.55&if=1&vu=1&app=0&itpl=20&adk=3127313283&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705504204373&rpt=792&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.eu.criteo.net/ Frame 5A3B 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=AV5FQwjvnEF7U5QrOUcAzCR16N1XVR6_EOUVjPbw5PcbqxC64dkQ1jXYexDQyBwI43S6NPzBn62SSrc0H35pF6BJbScEI3FLwZLmHoPzsFMqALJf5---XgwY-EZKMOnVj9ossspLrHSxIBYxOgfDEeDl0VdGUgiQTDeRXD0LDvLzCxd8Y2VwJIRwGgAiw30_gnYBG9uwjBQY_bk4rt43A4F4uxY0PlfNZcKbVaSGYW_IOVfWFO_WD_bi49IZhdZFWiNqUg&sds=2&rev=90178&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZaftzAAHSfAIjpMfAATrsTNCspt873sIeBAbPw&u=%7CvxOjmpYt4c5bWNppj4a%2FcATBqo9ouGngG0TmeF5gn5o%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC86wfSmyRjLjQ2HlU1snrP-kKGzdzDuHb3ffNqbpvK0_-3myhivls6z-eT_707RfgKbR8RiA0vQe5r5udZ7kOeUKLBKxw_uoTtN80_Ykd7-ZeAFSAC0P4YbG2OLzLbZzBJIu29H6cIx5VPybDOhRfaYBfFBbcJNWIxdybf8QG67I-ZH-wj0Ewr9XCaJLN8ekfKA6IWGUoLqQcie5NYXxfisZPrCsCB35C5wN8AKIMJV4sqQRTBX3vZJXUEhXVX_jaKS_12uWtKY5roMCV4xyQp42zME8CsFh1yuQP9vM2i-ttyzUJIFor484ipyitoELBZQ78x8_xOWQ2dxMloUGtaWLk0pxubP1IAeScNNHSLHRcvejGwjaQJJbN6YtNex4jBMGrZ6zBYTx1tKaU5MI84yLT2FqGvfvFmdAjJoxbyOpEi7Uw5o8cq5SoGgw8e8ruFQ-E0dj6iNcdAu6Buz8cpUl5WsSfSK-e1WduNcSqCTntnuwGNABt7ygR4lcXJyClGsu7hBhWvjV0LyzncxLtv337GR6EZ7lz6VdxVbNwjP7wcft2tOiLoZq08faEjWKWWJC5EooCJEaBo5DuiZgyHu7U&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQdcbzO2nZfCTHZ-muvQPsdeT0AvJntKxXLWY49aTAcCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi03MDUyMzg0NjUwNjY2NzIxyAEJqQJTBsBb_z-yPqgDAcgDAqoE3AFP0CWYPcdQ3NTXTZlUpBa__eY_B9kHRSmEO0wpEV3umIVLST3tOJwtG9kSr-pS6fkT0bSKmVHnx8xZ_xLYJnq3UvvvbzAtTVV31VRKf2qwEjYOgMJZynNAyx8yoxhKCza4Uiu0UGpmnibm-6PtPns8ng29vtYiYEAfHCz94tkvAFTkhe7_v_Ret_FeIn-fZ0am2-551jGcTEQ_JXSgjkBbuDsHgjvRur67-78erJ6bUPwtngnEdSmJh1CIxRDmWzluTSCuC7_wrJN3ttEzKkyC0W8Gh9dCAsCh-_ttgAb1p52QmJX-uHCgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYtvKQotrkgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3Bqm_lEAp3k2R6jEV3mV600ymZRA%26client%3Dca-pub-7052384650666721%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 17 Jan 2024 15:10:06 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 846F 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B1VxLze2nZbCzKeTB9u8Ps6icGAAAAAA4AeAEAg&bg=!5uWl5arNAAZVxkGXdcY7ADQBe5WfOIGXXrd0z4u7D8buE3OX0Sgw9wJ0BFbxEZb7yQ5k7WGkTT5F3f1VPSyXEJWd0vpoAgAAAJFSAAAAAmgBBwoAdtfdPKuYNP1HiK4RSeJU8fG4OHjQHxWhIWgXjaLbIqmsWh2-fuKtskbOOASMRluHjO6yERHTF3d6oWLcxx3sgqGuJXC6JYQC1u11du6ytQ6WnSFXYAMuQ0Ppmz8u3VDHbNAKi8P-wAxCtCS1PiG6Ce9H64ALvmiZAwRiaP6QlXuPnucAEnCU_eHQLYGt4HDUkjWZrWNtspRLeemWFktcjmzGLNagoSi1MC8nDJB8kfB56GkRZH4Si2Wx1hSwbFE0eBfXp2CFPTcLG4oN-lJtwB4s2lrDh3KWEJkalyVxlTeaNFD1Qc3UdKJz0_kG0yzyOXCw_r8wutQMHuqec9Isct7JP1p4dozfs_27QMEH91dQJUDj4b-IBfJMEKKw4O4Wwppn_CWz4OBiUj-04fWuOoUVsjEhQq1Qgr8rsziFQom6gXzN1C5arVNR0pl6r4u6fXH_COSJCw4ypG-xoNFhm1F5wcQ3Km3T7-l-xkQYqUOfuoVBh3r6LsjpvuXFWLY3y7WN9lxDbhS9tNoZ4c5znIcoF1UMIX8kx_cSmAc9XM10A-BJpaaiyUH4ZXbbKsWt51KoX6VHEP4vpsWJSo1zt0JkFY-vz9WeE7eKOBn_9qELQcoOnDvOi1lpypS2RJUNpAHjHzgw2Fob_R-BWBCbSdG3P6_HslHojzT5nKGPdEe9_DPSBCluAksUgkWjzWfZEjttGFKH7CnEPg-M-qDqYy_IeptobcLHuNxUeWalkMimZK1-rsitBtzHT0xvdMzvM0v4NyMwmvgW5fwQvACkFH-NdPxXWNyrLWefyGIe4GV6ntvdFqt-DqkE91dC9PBaroTsuLcWcxoLSbYUB3DigY9SY3nvLfVfbGEvqlB0lAd8CG8mrY4sEWBdtL3GgE8PaDpr77ToVRTJSnwf2Tbu5IRhqSPhH6okzGw2I3S7yqLdB-ECLNfTA_zmbNm62t-Di6UDOCXQTEotW8AD-m_kM6Rp2xdPTHeubRCT8naX0Tq2kMgtYoWya5HTdGBF3i9KVvNAgkaWdLnMi1lS7WsQpTmivqb8rflPIFhk7eGg2NP4qKc-lIerBy_6IVg0ZszHgrL1QSP2vlxmFLzxdO7PSYmj-sumWh42Uqb2ysMlch_sdevYiJlJnd3HuisJ-9MvQf1Q4paWFQ0gDsqy32to86QExkswc1NDAvzeV40w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240116/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
4b0ef9dfa83525e0607f42119c034d23.js
www.gstatic.com/mysidia/ Frame 561F 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/4b0ef9dfa83525e0607f42119c034d23.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052384650666721&output=html&h=280&adk=3232636341&adf=3254513062&pi=t.aa~a.4122652283~rp.1&w=500&fwrn=4&fwrnh=100&lmt=1705504205&rafmt=1&to=qs&pwprc=8885713159&format=500x280&url=https%3A%2F%2F3seclab.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705504205281&bpp=1&bdt=1699&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85f5c5c159c77a69%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_Mb93ZQYCJF9PNRrdD0nXxMvr4sL5w&gpic=UID%3D00000d43700928e7%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_MYzgamZlVuSn9boNcaAHLj5-qNlIw&prev_fmts=0x0%2C1200x280&nras=2&correlator=7814081595830&rume=1&frm=20&pv=1&ga_vid=440884274.1705504204&ga_sid=1705504204&ga_hid=1558612209&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31080431%2C95320892%2C95321627%2C95322163%2C95322325%2C31061691%2C31061692&oid=2&psts=AOrYGsl95Ya7pY9kXAFmbNgL7fy4ghf-ulzrwF1d6HFUVvqvJwDESaqv5gDxcdYSHGP0kk2oC1kI7vRjWjmX9Q&pvsid=593978333931182&tmod=1091228091&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
97c530c44249746307c2b01b37eed0f53757d139bc4243798f468c71da9844da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 02:13:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46611
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4079
x-xss-protection
0
last-modified
Thu, 11 Jan 2024 22:51:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 16 Apr 2024 02:13:15 GMT
67b2cf2770e31c0fa9735c0b8b540980.js
www.gstatic.com/mysidia/ Frame 561F 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/67b2cf2770e31c0fa9735c0b8b540980.js?tag=text/vanilla_highlight
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052384650666721&output=html&h=280&adk=3232636341&adf=3254513062&pi=t.aa~a.4122652283~rp.1&w=500&fwrn=4&fwrnh=100&lmt=1705504205&rafmt=1&to=qs&pwprc=8885713159&format=500x280&url=https%3A%2F%2F3seclab.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705504205281&bpp=1&bdt=1699&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85f5c5c159c77a69%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_Mb93ZQYCJF9PNRrdD0nXxMvr4sL5w&gpic=UID%3D00000d43700928e7%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_MYzgamZlVuSn9boNcaAHLj5-qNlIw&prev_fmts=0x0%2C1200x280&nras=2&correlator=7814081595830&rume=1&frm=20&pv=1&ga_vid=440884274.1705504204&ga_sid=1705504204&ga_hid=1558612209&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31080431%2C95320892%2C95321627%2C95322163%2C95322325%2C31061691%2C31061692&oid=2&psts=AOrYGsl95Ya7pY9kXAFmbNgL7fy4ghf-ulzrwF1d6HFUVvqvJwDESaqv5gDxcdYSHGP0kk2oC1kI7vRjWjmX9Q&pvsid=593978333931182&tmod=1091228091&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
559ed27b48f52ad1c65466a95a120b8264f7dea4a23d31f2ebb3b5beca3321f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 02:21:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46111
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4763
x-xss-protection
0
last-modified
Thu, 11 Jan 2024 22:51:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 16 Apr 2024 02:21:35 GMT
Enabler_01_250.js
s0.2mdn.net/879366/ Frame 48B1 		120 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12977775661556909822/index.html?e=69&leftOffset=0&topOffset=0&c=2MW6RW6pHX&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12977775661556909822/index.html?e=69&leftOffset=0&topOffset=0&c=2MW6RW6pHX&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 11:17:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13962
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42247
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 18 Jan 2024 11:17:24 GMT
template-2d058155.js
s0.2mdn.net/sadbundle/12977775661556909822/ Frame 48B1 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12977775661556909822/template-2d058155.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12977775661556909822/index.html?e=69&leftOffset=0&topOffset=0&c=2MW6RW6pHX&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55ee9510e78623f5fd1309067dc6e7a15f70d48e23e5658a0aa81be100ad232b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/12977775661556909822/index.html?e=69&leftOffset=0&topOffset=0&c=2MW6RW6pHX&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 16 Jan 2025 02:28:38 GMT
date
Wed, 17 Jan 2024 02:28:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45688
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13540
x-xss-protection
0
last-modified
Tue, 16 Jan 2024 15:33:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
index-70c4f56f.css
s0.2mdn.net/sadbundle/12977775661556909822/ Frame 48B1 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12977775661556909822/index-70c4f56f.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12977775661556909822/index.html?e=69&leftOffset=0&topOffset=0&c=2MW6RW6pHX&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
70c4f56f8e13e9387d9c65b17636a678eb6ccf82a8255cb1d2eb9192f7e478bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12977775661556909822/index.html?e=69&leftOffset=0&topOffset=0&c=2MW6RW6pHX&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 15 Jan 2025 23:18:26 GMT
date
Tue, 16 Jan 2024 23:18:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
57100
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1455
x-xss-protection
0
last-modified
Tue, 16 Jan 2024 15:33:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
Enabler_01_250.js
s0.2mdn.net/879366/ Frame AFEE 		120 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16194089670991452542/index.html?e=69&leftOffset=0&topOffset=0&c=Hv1rQvFnSe&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16194089670991452542/index.html?e=69&leftOffset=0&topOffset=0&c=Hv1rQvFnSe&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 11:17:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13962
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42247
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 18 Jan 2024 11:17:24 GMT
template-2d058155.js
s0.2mdn.net/sadbundle/16194089670991452542/ Frame AFEE 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16194089670991452542/template-2d058155.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16194089670991452542/index.html?e=69&leftOffset=0&topOffset=0&c=Hv1rQvFnSe&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55ee9510e78623f5fd1309067dc6e7a15f70d48e23e5658a0aa81be100ad232b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/16194089670991452542/index.html?e=69&leftOffset=0&topOffset=0&c=Hv1rQvFnSe&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 15 Jan 2025 15:25:19 GMT
date
Tue, 16 Jan 2024 15:25:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85487
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13540
x-xss-protection
0
last-modified
Tue, 16 Jan 2024 15:24:49 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
index-70c4f56f.css
s0.2mdn.net/sadbundle/16194089670991452542/ Frame AFEE 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16194089670991452542/index-70c4f56f.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16194089670991452542/index.html?e=69&leftOffset=0&topOffset=0&c=Hv1rQvFnSe&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
70c4f56f8e13e9387d9c65b17636a678eb6ccf82a8255cb1d2eb9192f7e478bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16194089670991452542/index.html?e=69&leftOffset=0&topOffset=0&c=Hv1rQvFnSe&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 15 Jan 2025 15:25:19 GMT
date
Tue, 16 Jan 2024 15:25:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85487
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1455
x-xss-protection
0
last-modified
Tue, 16 Jan 2024 15:24:49 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
Enabler_01_250.js
s0.2mdn.net/879366/ Frame CDFE 		120 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16194089670991452542/index.html?e=69&leftOffset=0&topOffset=0&c=CSTZhzLPkK&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16194089670991452542/index.html?e=69&leftOffset=0&topOffset=0&c=CSTZhzLPkK&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 11:17:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13962
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42247
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 21:28:42 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 18 Jan 2024 11:17:24 GMT
template-2d058155.js
s0.2mdn.net/sadbundle/16194089670991452542/ Frame CDFE 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16194089670991452542/template-2d058155.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16194089670991452542/index.html?e=69&leftOffset=0&topOffset=0&c=CSTZhzLPkK&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55ee9510e78623f5fd1309067dc6e7a15f70d48e23e5658a0aa81be100ad232b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/16194089670991452542/index.html?e=69&leftOffset=0&topOffset=0&c=CSTZhzLPkK&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 15 Jan 2025 15:25:19 GMT
date
Tue, 16 Jan 2024 15:25:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85487
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13540
x-xss-protection
0
last-modified
Tue, 16 Jan 2024 15:24:49 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
index-70c4f56f.css
s0.2mdn.net/sadbundle/16194089670991452542/ Frame CDFE 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16194089670991452542/index-70c4f56f.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16194089670991452542/index.html?e=69&leftOffset=0&topOffset=0&c=CSTZhzLPkK&t=1&renderingType=2&ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
70c4f56f8e13e9387d9c65b17636a678eb6ccf82a8255cb1d2eb9192f7e478bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16194089670991452542/index.html?e=69&leftOffset=0&topOffset=0&c=CSTZhzLPkK&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 15 Jan 2025 15:25:19 GMT
date
Tue, 16 Jan 2024 15:25:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85487
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1455
x-xss-protection
0
last-modified
Tue, 16 Jan 2024 15:24:49 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
css
fonts.googleapis.com/ Frame 561F 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052384650666721&output=html&h=280&adk=3232636341&adf=3254513062&pi=t.aa~a.4122652283~rp.1&w=500&fwrn=4&fwrnh=100&lmt=1705504205&rafmt=1&to=qs&pwprc=8885713159&format=500x280&url=https%3A%2F%2F3seclab.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705504205281&bpp=1&bdt=1699&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85f5c5c159c77a69%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_Mb93ZQYCJF9PNRrdD0nXxMvr4sL5w&gpic=UID%3D00000d43700928e7%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_MYzgamZlVuSn9boNcaAHLj5-qNlIw&prev_fmts=0x0%2C1200x280&nras=2&correlator=7814081595830&rume=1&frm=20&pv=1&ga_vid=440884274.1705504204&ga_sid=1705504204&ga_hid=1558612209&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31080431%2C95320892%2C95321627%2C95322163%2C95322325%2C31061691%2C31061692&oid=2&psts=AOrYGsl95Ya7pY9kXAFmbNgL7fy4ghf-ulzrwF1d6HFUVvqvJwDESaqv5gDxcdYSHGP0kk2oC1kI7vRjWjmX9Q&pvsid=593978333931182&tmod=1091228091&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
98ea92621a1e03efc11987fba7aff5dae88cd39ffa85960a627b7c8c7b002e8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 17 Jan 2024 15:10:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 17 Jan 2024 13:20:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 17 Jan 2024 15:10:06 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240116/r20110914/client/ Frame 561F 		2 KB
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240116/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052384650666721&output=html&h=280&adk=3232636341&adf=3254513062&pi=t.aa~a.4122652283~rp.1&w=500&fwrn=4&fwrnh=100&lmt=1705504205&rafmt=1&to=qs&pwprc=8885713159&format=500x280&url=https%3A%2F%2F3seclab.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705504205281&bpp=1&bdt=1699&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85f5c5c159c77a69%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_Mb93ZQYCJF9PNRrdD0nXxMvr4sL5w&gpic=UID%3D00000d43700928e7%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_MYzgamZlVuSn9boNcaAHLj5-qNlIw&prev_fmts=0x0%2C1200x280&nras=2&correlator=7814081595830&rume=1&frm=20&pv=1&ga_vid=440884274.1705504204&ga_sid=1705504204&ga_hid=1558612209&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31080431%2C95320892%2C95321627%2C95322163%2C95322325%2C31061691%2C31061692&oid=2&psts=AOrYGsl95Ya7pY9kXAFmbNgL7fy4ghf-ulzrwF1d6HFUVvqvJwDESaqv5gDxcdYSHGP0kk2oC1kI7vRjWjmX9Q&pvsid=593978333931182&tmod=1091228091&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 02:23:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
45980
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 31 Jan 2024 02:23:46 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240116/r20110914/ Frame 561F 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240116/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052384650666721&output=html&h=280&adk=3232636341&adf=3254513062&pi=t.aa~a.4122652283~rp.1&w=500&fwrn=4&fwrnh=100&lmt=1705504205&rafmt=1&to=qs&pwprc=8885713159&format=500x280&url=https%3A%2F%2F3seclab.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705504205281&bpp=1&bdt=1699&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85f5c5c159c77a69%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_Mb93ZQYCJF9PNRrdD0nXxMvr4sL5w&gpic=UID%3D00000d43700928e7%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_MYzgamZlVuSn9boNcaAHLj5-qNlIw&prev_fmts=0x0%2C1200x280&nras=2&correlator=7814081595830&rume=1&frm=20&pv=1&ga_vid=440884274.1705504204&ga_sid=1705504204&ga_hid=1558612209&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31080431%2C95320892%2C95321627%2C95322163%2C95322325%2C31061691%2C31061692&oid=2&psts=AOrYGsl95Ya7pY9kXAFmbNgL7fy4ghf-ulzrwF1d6HFUVvqvJwDESaqv5gDxcdYSHGP0kk2oC1kI7vRjWjmX9Q&pvsid=593978333931182&tmod=1091228091&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:00:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
586
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 31 Jan 2024 15:00:20 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240116/r20110914/client/ Frame 561F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240116/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052384650666721&output=html&h=280&adk=3232636341&adf=3254513062&pi=t.aa~a.4122652283~rp.1&w=500&fwrn=4&fwrnh=100&lmt=1705504205&rafmt=1&to=qs&pwprc=8885713159&format=500x280&url=https%3A%2F%2F3seclab.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705504205281&bpp=1&bdt=1699&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85f5c5c159c77a69%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_Mb93ZQYCJF9PNRrdD0nXxMvr4sL5w&gpic=UID%3D00000d43700928e7%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_MYzgamZlVuSn9boNcaAHLj5-qNlIw&prev_fmts=0x0%2C1200x280&nras=2&correlator=7814081595830&rume=1&frm=20&pv=1&ga_vid=440884274.1705504204&ga_sid=1705504204&ga_hid=1558612209&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31080431%2C95320892%2C95321627%2C95322163%2C95322325%2C31061691%2C31061692&oid=2&psts=AOrYGsl95Ya7pY9kXAFmbNgL7fy4ghf-ulzrwF1d6HFUVvqvJwDESaqv5gDxcdYSHGP0kk2oC1kI7vRjWjmX9Q&pvsid=593978333931182&tmod=1091228091&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:31:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
2336
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 31 Jan 2024 14:31:10 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240116/r20110914/client/ Frame 561F 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240116/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052384650666721&output=html&h=280&adk=3232636341&adf=3254513062&pi=t.aa~a.4122652283~rp.1&w=500&fwrn=4&fwrnh=100&lmt=1705504205&rafmt=1&to=qs&pwprc=8885713159&format=500x280&url=https%3A%2F%2F3seclab.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705504205281&bpp=1&bdt=1699&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85f5c5c159c77a69%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_Mb93ZQYCJF9PNRrdD0nXxMvr4sL5w&gpic=UID%3D00000d43700928e7%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_MYzgamZlVuSn9boNcaAHLj5-qNlIw&prev_fmts=0x0%2C1200x280&nras=2&correlator=7814081595830&rume=1&frm=20&pv=1&ga_vid=440884274.1705504204&ga_sid=1705504204&ga_hid=1558612209&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31080431%2C95320892%2C95321627%2C95322163%2C95322325%2C31061691%2C31061692&oid=2&psts=AOrYGsl95Ya7pY9kXAFmbNgL7fy4ghf-ulzrwF1d6HFUVvqvJwDESaqv5gDxcdYSHGP0kk2oC1kI7vRjWjmX9Q&pvsid=593978333931182&tmod=1091228091&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:00:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
586
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 31 Jan 2024 15:00:20 GMT
l
www.google.com/ads/measurement/ Frame 561F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR8sMTXMCdqaCPpPfAO5H53eJNOIB9QpRAsi_xdGv5nztQ0Gyv45gtcFPC_C1jOKw5boMd2lfa_nTZ9mqMZLwhz_3rRHA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052384650666721&output=html&h=280&adk=3232636341&adf=3254513062&pi=t.aa~a.4122652283~rp.1&w=500&fwrn=4&fwrnh=100&lmt=1705504205&rafmt=1&to=qs&pwprc=8885713159&format=500x280&url=https%3A%2F%2F3seclab.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705504205281&bpp=1&bdt=1699&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85f5c5c159c77a69%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_Mb93ZQYCJF9PNRrdD0nXxMvr4sL5w&gpic=UID%3D00000d43700928e7%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_MYzgamZlVuSn9boNcaAHLj5-qNlIw&prev_fmts=0x0%2C1200x280&nras=2&correlator=7814081595830&rume=1&frm=20&pv=1&ga_vid=440884274.1705504204&ga_sid=1705504204&ga_hid=1558612209&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31080431%2C95320892%2C95321627%2C95322163%2C95322325%2C31061691%2C31061692&oid=2&psts=AOrYGsl95Ya7pY9kXAFmbNgL7fy4ghf-ulzrwF1d6HFUVvqvJwDESaqv5gDxcdYSHGP0kk2oC1kI7vRjWjmX9Q&pvsid=593978333931182&tmod=1091228091&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 561F 		205 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js?cache=44809772
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052384650666721&output=html&h=280&adk=3232636341&adf=3254513062&pi=t.aa~a.4122652283~rp.1&w=500&fwrn=4&fwrnh=100&lmt=1705504205&rafmt=1&to=qs&pwprc=8885713159&format=500x280&url=https%3A%2F%2F3seclab.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705504205281&bpp=1&bdt=1699&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85f5c5c159c77a69%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_Mb93ZQYCJF9PNRrdD0nXxMvr4sL5w&gpic=UID%3D00000d43700928e7%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_MYzgamZlVuSn9boNcaAHLj5-qNlIw&prev_fmts=0x0%2C1200x280&nras=2&correlator=7814081595830&rume=1&frm=20&pv=1&ga_vid=440884274.1705504204&ga_sid=1705504204&ga_hid=1558612209&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31080431%2C95320892%2C95321627%2C95322163%2C95322325%2C31061691%2C31061692&oid=2&psts=AOrYGsl95Ya7pY9kXAFmbNgL7fy4ghf-ulzrwF1d6HFUVvqvJwDESaqv5gDxcdYSHGP0kk2oC1kI7vRjWjmX9Q&pvsid=593978333931182&tmod=1091228091&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c079199a5435fa99db800056db5eaf70effb0229c4440048016a325996678094
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:49:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
1212
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
63250
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 15:49:54 GMT
4cee352c918c506f58256258d534a665.js
www.gstatic.com/mysidia/ Frame 561F 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052384650666721&output=html&h=280&adk=3232636341&adf=3254513062&pi=t.aa~a.4122652283~rp.1&w=500&fwrn=4&fwrnh=100&lmt=1705504205&rafmt=1&to=qs&pwprc=8885713159&format=500x280&url=https%3A%2F%2F3seclab.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705504205281&bpp=1&bdt=1699&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85f5c5c159c77a69%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_Mb93ZQYCJF9PNRrdD0nXxMvr4sL5w&gpic=UID%3D00000d43700928e7%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_MYzgamZlVuSn9boNcaAHLj5-qNlIw&prev_fmts=0x0%2C1200x280&nras=2&correlator=7814081595830&rume=1&frm=20&pv=1&ga_vid=440884274.1705504204&ga_sid=1705504204&ga_hid=1558612209&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31080431%2C95320892%2C95321627%2C95322163%2C95322325%2C31061691%2C31061692&oid=2&psts=AOrYGsl95Ya7pY9kXAFmbNgL7fy4ghf-ulzrwF1d6HFUVvqvJwDESaqv5gDxcdYSHGP0kk2oC1kI7vRjWjmX9Q&pvsid=593978333931182&tmod=1091228091&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 19:19:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71436
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15452
x-xss-protection
0
last-modified
Sat, 13 Jan 2024 00:04:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 15 Apr 2024 19:19:30 GMT
skeleton.js
fw.adsafeprotected.com/rjss/st/1875473/77671614/ Frame 08B7 		270 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/1875473/77671614/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1015657930&ias_pubId=pub-7052384650666721&ias_chanId=1&ias_placementId=20907174852&bidurl=https://3seclab.com/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0jOvu4sY6JdtFgBUSovMTdp
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.100.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-100-143.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
33e6de7cfb3f4e549f0e126579ccc264c63f75503ebaed6bfe193e38ab603a89

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:06 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 08B7 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 21:44:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62747
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 17 Jan 2024 21:44:19 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20240116/r20110914/elements/html/ Frame 08B7 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240116/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BPMIptiFFtsftUJs2oCZ2mFfJufbgzKZ8aSByGhzPghgbbIG-u3RzOiwknLkO-TJpY0A7lFhNgDMHHJRI1101zOANkAtHFyWizO-P9IjVVs92r-4bgyVL3vtm09UBjvQQEtQA7HZKkxfmae_31ZCy7YQTU8BRqNqYIf7BGBR4AjFx_Gz6lI9kb275HDlkjc_Tgeg7j&dbm_d=AKAmf-C32D5Wrg75xQMgPnsR-mAVABLOPssFyOUlOxKhzd4N8fwmo5UXASfA8pq5n5K__Yw5gvUJKsk5wvguos4IArZaYPKg0j7aFORTYfskL0m-0LhUPy3_jOw-U0f_tc_g05S9waC0PgslaXy6TIwNI9gc0L_mZYa0lIhK5C79WSN0_RTZXuHMGr9dx631nGEtP57VRQlXkLimhfFg98nELAy9HyQaliunuEBYYF3nZw5xlj4N9-83dxZBXYSOO_rpYsUQjrGfnguD3YbuEx3AAxYXYkhMvKeqt0f_B7P-CmCigNJOWCR8tNm0hYCpCsZgOHhJ7DP-vcC4rYbQKIDtMJDqmkG_lBp7U7EJMfxm72Y3Z8eu9hqVlAuu9EIjJeRj7FZyLJRa-A50huWD-l6meuvK5q4I19hYeK7PV_HZbce9YHAF19CJB7xPOIQWb-BInXmh-H0wopn5s5gTDMlTJuyUAfCtH_rk8YNGGxpq4YCRfWlB9xxgyFqRgL-pfPJ_SPXZVmgH5ewWGP27Z_fqp5Iv0tkz5_z3K2tD908qjNC0f27GFFBc2yVnbCD_ZnBESJ269B_desv4JDJpttLkzbdas7_G2SmPBuO_RhYdXWO48ZPE2FWoSn_--v-2UWggkSaCHK8n3i02R5KEkUB-HtIzM2yLXX6nXGBMv1RUy1a9QrHKwtldXHR1QbxN08C34hRoiQFM7tBWJonXbZtaalqffqmjMTDIVNc5XKi0m9wblX_XMAh4J-U3eipqd1_o0L1ltdVj59uKmxACpYFeCxdplzcVzw-nHkkPBJZR1dnwJ1ckzdAGaKjeBCJt2FKxIYzf05edWwnFSEtdK_OwWsFvKUbV3WSG2qpncP05AwMBE0MEH4UYcrdDO9x1bblHpj2bHvOKh1sK7a3C8rXGU6x_dzXK5n6LV2_WnlXk_YCupuLhMGXki0gLiXopfv_hTqH1I-fGvuwjcSdzrJdGcb5z41OJtuzT2bc3JVDwsTyTm-WByERSEt-DPMs-kqSDz9U24EYGw7n3CW2AY60V8Ctfe1esi2L8vO4RIp1Kd6_oCiTGb0d5FtbyyU8W4iaqIice8Y9oqX98HCE-fxA2I2AQ_eDXeen1TQSLRXc9YSgmglWxg34qgJWXvhOCz1XX-UYfMk-QYjv3ibKfz9OTVC-dXUgM5muCLPzgThQRb5jKqbujSxodPzePhbIPmdfuGyarxwpAfXraNt5nOhNO5euOMPL3G_vzIJCVfNnG_kWjd1b5Kiamz6ARLcC-dYIjDqSobL1aJNKi_RQ2IujHYKfZUsH02G1P6sI8j_cjY2GH1mLiMMHrU8JqhO-LnmAzbmuRxUuRTvfSc1pYx2LJJtDXZDJy3PRiFCEMgSFPwHs31qibPiTaB7konxA3MOMkr2bs7RgLol_oYwbksjIPTwZxF_FVYyFsxkzaGpJaibcKu1TjqtV8NOyAo1gDH639BQE175UHaf4seom3gHUm3GFtxed-fQ9Q0Defgzi_Jbki-dVucJcHgl_mwQyv3I-2COdSNyqKXVPsdK4pRBynKhBgnwy3_C50QFFJE6JAMfWaffGH49af8dZSj01R1LueLw6nKC0sVWuSEKaJxDAVZuLhmlFjFro270eLjI3jjTNTziVhDonndd1qegElznRoIJfx5szaImmOYpUCVVmsPLFh1ul4GUH805osuarYE-IXrCmrlQPqUmwowpNUNFvtA6iChZvlc2vJ3Bd0L0o7YWFNR-_upriFnC6FBY_np_GxN0c7Q7Ql9gRIa3FJoisEdnYrqQZ5SyF5YOlY_EAt7zVeHQuzzvi9_NqjAtKEYPMUSiiM0w0jZ_vNkBrOd1r8pJ8cCp_MCn9hdHeP3wGMLL6rPYV-6NssaC2rQpEJCzCKFNN-E-wWNl1XkTdZnOpl69VqIytEoUDO5kblzWuk5JaE2xQrugsdj96YW96uxLoGNJcryAMqg7KpigoPROB_RwccZbkmM2OKozuG5x5W4M9aZCzm-21r_xC1qaaRJppc6oMnGQUAkIRILeksRwfuCk0JScKnlYZtKfbs3vuHekCNFopAIoZy2nIfywOTt_y3Dw9pN0S0L_1GvKb9lbkipd6ATIgDh0LhnJWJxxe1LB5Ed5AWu9KeMAP-62LKSkbAVo-ReNpJu2QcJx54htTzp8tuZiQn9B_9mXerpoNfjQP84FWtoDL5s3XerJ1GWaZdiqP2wBNJPnGGNUUEGxqv7s4L7FWW-8qvQyV5cnu2wjmzN_FsxvZJnsP9Z6lbdA3WvxN9h7gvel5A3RldN9R8zBaVHjfIWobp_lMReiHGTna7K-DQxfBqa9PpFIxecZCOnUSX_SazoBtPwnzXW0USGCDl3AYShyA8AjfmH9GGjbOjdcjNLeT-1iJZu2UcnfyuNz3OEAsjq2qLihf0Eu931BxDjxNK9Irqxgfn4ePJwXFmwI0fCrTm2uA9IG4vCwPjjfq7V-gEEOto8WCviCYbTwBLQAT5pQS9Hgm6qKUgZCZ5xQdSjNRFk5S8vEQlrwKgaNmDPBhwattdB7YkM7fUwII9yzTxtesUYtO-eih10EV67_CmwXQyLFUg9q4NsN5LeztCpDptLx6MqCdx2RrTq0DgtJYTfT9QivlsdZuf3mI-LSFmt3GXwEL_AdSBib_XzjLmqohTU3CfpGFLyVI7dA7Qg3ZJMlsgG-6eNf_aSiOAqMvwUKt11vFScfVutqSb5Sv7OEA8YEg9UDnLYybnHC_YIC40ETY7djrXFCiVpyveHVfFTRRVTYpT0eIzsqUyfjDo8OPWiBhQ4epBDfdwBp7Ws5pIBgpDioeG7sNll_fy4420xowPyIAKKY2lRYfhuEDheYdbGD78k8wIEuAnh6HdI2f16MtNYn_yJz4ZkJ730GT8yVVl-YtzywKKcIQenMsCm0WKSaMii9Lvo8ffEnJsxzIZe2JEy3VGOnBBlBQ0heyiwDfOyRoAcu90K_70lCXFHkGTffyx2GIZgDHehLKS-GRRTYaZgxx6hGHK85UmrHYlB5G3XI2E504HfAthoBY6M1wWpSb5gDiklndm1hm36kzuOGiVRX4hpjVff4bMsrDXnKOIQCuhRoiFKXo-I1Y5VaRhvBlEx9yKZmZ_KFW435aRj9vNuommJI1VXdkutj6QlQVo0uiuTpq6w0px9coyelqk_vRseIUX6ypmTzfjghxL0AHaWOsYF6-ldlgSw3uSBHSTTr7CqTPOjLT0GAGMGSiXwcDaOzfOcUBzxw0ElhzISGMJTSrpEjgFVZmO3f0USwqgXUwSBoAAia8LQyavxU2VALnXMhhRqACcHOjLcyes0B3qmBbFVR34m6zVOeLoM6avm1uZMIT_g_5RxgA6eAm4-l_lu2tnhZIRX32Th9CpHDG_ZT35yBzkkOtT79HorBkHLLeeqCTIrcMgdB-01VGQPUmboUI9J_3vDhiTQb4kqPhg9Vy1wXGMFwxj_uzohErrpXKzZ2xdgT7Ocvy1BzVXHID-8e839CZAN-DuNbk739ISnsMaqGVBO_0nveNOwVc5cEE62jKDpwzU5u00ydZZH8ljdQJ-p7q66E43teZkASmxV6KopyQYGjKLiYRS629Grc-QmhDyYkJPGcyI-giHzI9vTC430yXgYQv8f9hsAo3c1Kyv1i_2YBiVuoETEw&cid=CAQSPAAvHhf_VquEJ6aHznMmNyaSzfbZGy4bnpVjI_4rYT-07g9kP4efMI-0lpzFdoInu6TI20lXs8kMKW-XzBgB&dv3_ver=m202309260101&rfl=https%3A%2F%2F3seclab.com%2F&ds=l&xdt=1&iif=1&cor=2200309961829521700&adk=1761367584&idt=117&cac=0&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 02:12:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
46658
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4383
x-xss-protection
0
server
cafe
etag
1583492410672046836
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 31 Jan 2024 02:12:28 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20240116/r20110914/ Frame 08B7 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240116/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BPMIptiFFtsftUJs2oCZ2mFfJufbgzKZ8aSByGhzPghgbbIG-u3RzOiwknLkO-TJpY0A7lFhNgDMHHJRI1101zOANkAtHFyWizO-P9IjVVs92r-4bgyVL3vtm09UBjvQQEtQA7HZKkxfmae_31ZCy7YQTU8BRqNqYIf7BGBR4AjFx_Gz6lI9kb275HDlkjc_Tgeg7j&dbm_d=AKAmf-C32D5Wrg75xQMgPnsR-mAVABLOPssFyOUlOxKhzd4N8fwmo5UXASfA8pq5n5K__Yw5gvUJKsk5wvguos4IArZaYPKg0j7aFORTYfskL0m-0LhUPy3_jOw-U0f_tc_g05S9waC0PgslaXy6TIwNI9gc0L_mZYa0lIhK5C79WSN0_RTZXuHMGr9dx631nGEtP57VRQlXkLimhfFg98nELAy9HyQaliunuEBYYF3nZw5xlj4N9-83dxZBXYSOO_rpYsUQjrGfnguD3YbuEx3AAxYXYkhMvKeqt0f_B7P-CmCigNJOWCR8tNm0hYCpCsZgOHhJ7DP-vcC4rYbQKIDtMJDqmkG_lBp7U7EJMfxm72Y3Z8eu9hqVlAuu9EIjJeRj7FZyLJRa-A50huWD-l6meuvK5q4I19hYeK7PV_HZbce9YHAF19CJB7xPOIQWb-BInXmh-H0wopn5s5gTDMlTJuyUAfCtH_rk8YNGGxpq4YCRfWlB9xxgyFqRgL-pfPJ_SPXZVmgH5ewWGP27Z_fqp5Iv0tkz5_z3K2tD908qjNC0f27GFFBc2yVnbCD_ZnBESJ269B_desv4JDJpttLkzbdas7_G2SmPBuO_RhYdXWO48ZPE2FWoSn_--v-2UWggkSaCHK8n3i02R5KEkUB-HtIzM2yLXX6nXGBMv1RUy1a9QrHKwtldXHR1QbxN08C34hRoiQFM7tBWJonXbZtaalqffqmjMTDIVNc5XKi0m9wblX_XMAh4J-U3eipqd1_o0L1ltdVj59uKmxACpYFeCxdplzcVzw-nHkkPBJZR1dnwJ1ckzdAGaKjeBCJt2FKxIYzf05edWwnFSEtdK_OwWsFvKUbV3WSG2qpncP05AwMBE0MEH4UYcrdDO9x1bblHpj2bHvOKh1sK7a3C8rXGU6x_dzXK5n6LV2_WnlXk_YCupuLhMGXki0gLiXopfv_hTqH1I-fGvuwjcSdzrJdGcb5z41OJtuzT2bc3JVDwsTyTm-WByERSEt-DPMs-kqSDz9U24EYGw7n3CW2AY60V8Ctfe1esi2L8vO4RIp1Kd6_oCiTGb0d5FtbyyU8W4iaqIice8Y9oqX98HCE-fxA2I2AQ_eDXeen1TQSLRXc9YSgmglWxg34qgJWXvhOCz1XX-UYfMk-QYjv3ibKfz9OTVC-dXUgM5muCLPzgThQRb5jKqbujSxodPzePhbIPmdfuGyarxwpAfXraNt5nOhNO5euOMPL3G_vzIJCVfNnG_kWjd1b5Kiamz6ARLcC-dYIjDqSobL1aJNKi_RQ2IujHYKfZUsH02G1P6sI8j_cjY2GH1mLiMMHrU8JqhO-LnmAzbmuRxUuRTvfSc1pYx2LJJtDXZDJy3PRiFCEMgSFPwHs31qibPiTaB7konxA3MOMkr2bs7RgLol_oYwbksjIPTwZxF_FVYyFsxkzaGpJaibcKu1TjqtV8NOyAo1gDH639BQE175UHaf4seom3gHUm3GFtxed-fQ9Q0Defgzi_Jbki-dVucJcHgl_mwQyv3I-2COdSNyqKXVPsdK4pRBynKhBgnwy3_C50QFFJE6JAMfWaffGH49af8dZSj01R1LueLw6nKC0sVWuSEKaJxDAVZuLhmlFjFro270eLjI3jjTNTziVhDonndd1qegElznRoIJfx5szaImmOYpUCVVmsPLFh1ul4GUH805osuarYE-IXrCmrlQPqUmwowpNUNFvtA6iChZvlc2vJ3Bd0L0o7YWFNR-_upriFnC6FBY_np_GxN0c7Q7Ql9gRIa3FJoisEdnYrqQZ5SyF5YOlY_EAt7zVeHQuzzvi9_NqjAtKEYPMUSiiM0w0jZ_vNkBrOd1r8pJ8cCp_MCn9hdHeP3wGMLL6rPYV-6NssaC2rQpEJCzCKFNN-E-wWNl1XkTdZnOpl69VqIytEoUDO5kblzWuk5JaE2xQrugsdj96YW96uxLoGNJcryAMqg7KpigoPROB_RwccZbkmM2OKozuG5x5W4M9aZCzm-21r_xC1qaaRJppc6oMnGQUAkIRILeksRwfuCk0JScKnlYZtKfbs3vuHekCNFopAIoZy2nIfywOTt_y3Dw9pN0S0L_1GvKb9lbkipd6ATIgDh0LhnJWJxxe1LB5Ed5AWu9KeMAP-62LKSkbAVo-ReNpJu2QcJx54htTzp8tuZiQn9B_9mXerpoNfjQP84FWtoDL5s3XerJ1GWaZdiqP2wBNJPnGGNUUEGxqv7s4L7FWW-8qvQyV5cnu2wjmzN_FsxvZJnsP9Z6lbdA3WvxN9h7gvel5A3RldN9R8zBaVHjfIWobp_lMReiHGTna7K-DQxfBqa9PpFIxecZCOnUSX_SazoBtPwnzXW0USGCDl3AYShyA8AjfmH9GGjbOjdcjNLeT-1iJZu2UcnfyuNz3OEAsjq2qLihf0Eu931BxDjxNK9Irqxgfn4ePJwXFmwI0fCrTm2uA9IG4vCwPjjfq7V-gEEOto8WCviCYbTwBLQAT5pQS9Hgm6qKUgZCZ5xQdSjNRFk5S8vEQlrwKgaNmDPBhwattdB7YkM7fUwII9yzTxtesUYtO-eih10EV67_CmwXQyLFUg9q4NsN5LeztCpDptLx6MqCdx2RrTq0DgtJYTfT9QivlsdZuf3mI-LSFmt3GXwEL_AdSBib_XzjLmqohTU3CfpGFLyVI7dA7Qg3ZJMlsgG-6eNf_aSiOAqMvwUKt11vFScfVutqSb5Sv7OEA8YEg9UDnLYybnHC_YIC40ETY7djrXFCiVpyveHVfFTRRVTYpT0eIzsqUyfjDo8OPWiBhQ4epBDfdwBp7Ws5pIBgpDioeG7sNll_fy4420xowPyIAKKY2lRYfhuEDheYdbGD78k8wIEuAnh6HdI2f16MtNYn_yJz4ZkJ730GT8yVVl-YtzywKKcIQenMsCm0WKSaMii9Lvo8ffEnJsxzIZe2JEy3VGOnBBlBQ0heyiwDfOyRoAcu90K_70lCXFHkGTffyx2GIZgDHehLKS-GRRTYaZgxx6hGHK85UmrHYlB5G3XI2E504HfAthoBY6M1wWpSb5gDiklndm1hm36kzuOGiVRX4hpjVff4bMsrDXnKOIQCuhRoiFKXo-I1Y5VaRhvBlEx9yKZmZ_KFW435aRj9vNuommJI1VXdkutj6QlQVo0uiuTpq6w0px9coyelqk_vRseIUX6ypmTzfjghxL0AHaWOsYF6-ldlgSw3uSBHSTTr7CqTPOjLT0GAGMGSiXwcDaOzfOcUBzxw0ElhzISGMJTSrpEjgFVZmO3f0USwqgXUwSBoAAia8LQyavxU2VALnXMhhRqACcHOjLcyes0B3qmBbFVR34m6zVOeLoM6avm1uZMIT_g_5RxgA6eAm4-l_lu2tnhZIRX32Th9CpHDG_ZT35yBzkkOtT79HorBkHLLeeqCTIrcMgdB-01VGQPUmboUI9J_3vDhiTQb4kqPhg9Vy1wXGMFwxj_uzohErrpXKzZ2xdgT7Ocvy1BzVXHID-8e839CZAN-DuNbk739ISnsMaqGVBO_0nveNOwVc5cEE62jKDpwzU5u00ydZZH8ljdQJ-p7q66E43teZkASmxV6KopyQYGjKLiYRS629Grc-QmhDyYkJPGcyI-giHzI9vTC430yXgYQv8f9hsAo3c1Kyv1i_2YBiVuoETEw&cid=CAQSPAAvHhf_VquEJ6aHznMmNyaSzfbZGy4bnpVjI_4rYT-07g9kP4efMI-0lpzFdoInu6TI20lXs8kMKW-XzBgB&dv3_ver=m202309260101&rfl=https%3A%2F%2F3seclab.com%2F&ds=l&xdt=1&iif=1&cor=2200309961829521700&adk=1761367584&idt=117&cac=0&dtd=7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:08:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
125
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11885
x-xss-protection
0
server
cafe
etag
16863283086342074828
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 31 Jan 2024 15:08:01 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 08B7 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 02:28:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
45713
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Jan 2025 02:28:13 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame C74F 		1 KB
648 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052384650666721&output=html&h=280&adk=1958173566&adf=867136312&pi=t.aa~a.2964258233~rp.1&w=500&fwrn=4&fwrnh=100&lmt=1705504205&rafmt=1&to=qs&pwprc=8885713159&format=500x280&url=https%3A%2F%2F3seclab.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705504205281&bpp=1&bdt=1699&idt=0&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85f5c5c159c77a69%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_Mb93ZQYCJF9PNRrdD0nXxMvr4sL5w&gpic=UID%3D00000d43700928e7%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_MYzgamZlVuSn9boNcaAHLj5-qNlIw&prev_fmts=0x0%2C1200x280%2C500x280&nras=3&correlator=7814081595830&rume=1&frm=20&pv=1&ga_vid=440884274.1705504204&ga_sid=1705504204&ga_hid=1558612209&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=2001&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31080431%2C95320892%2C95321627%2C95322163%2C95322325%2C31061691%2C31061692&oid=2&psts=AOrYGsl95Ya7pY9kXAFmbNgL7fy4ghf-ulzrwF1d6HFUVvqvJwDESaqv5gDxcdYSHGP0kk2oC1kI7vRjWjmX9Q&pvsid=593978333931182&tmod=1091228091&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
71395
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 16 Jan 2024 19:20:11 GMT
etag
48472445140208031
expires
Wed, 17 Jan 2024 19:20:11 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 08B7 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0be287ca7f0489e9605b3ea6690cb4c0f124e0068209f5d6ed575e70dd1efee7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
s
googleads.g.doubleclick.net/pagead/drt/ Frame 8524 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052384650666721&output=html&h=280&adk=3232636341&adf=3254513062&pi=t.aa~a.4122652283~rp.1&w=500&fwrn=4&fwrnh=100&lmt=1705504205&rafmt=1&to=qs&pwprc=8885713159&format=500x280&url=https%3A%2F%2F3seclab.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705504205281&bpp=1&bdt=1699&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85f5c5c159c77a69%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_Mb93ZQYCJF9PNRrdD0nXxMvr4sL5w&gpic=UID%3D00000d43700928e7%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_MYzgamZlVuSn9boNcaAHLj5-qNlIw&prev_fmts=0x0%2C1200x280&nras=2&correlator=7814081595830&rume=1&frm=20&pv=1&ga_vid=440884274.1705504204&ga_sid=1705504204&ga_hid=1558612209&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31080431%2C95320892%2C95321627%2C95322163%2C95322325%2C31061691%2C31061692&oid=2&psts=AOrYGsl95Ya7pY9kXAFmbNgL7fy4ghf-ulzrwF1d6HFUVvqvJwDESaqv5gDxcdYSHGP0kk2oC1kI7vRjWjmX9Q&pvsid=593978333931182&tmod=1091228091&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052384650666721&output=html&h=280&adk=3232636341&adf=3254513062&pi=t.aa~a.4122652283~rp.1&w=500&fwrn=4&fwrnh=100&lmt=1705504205&rafmt=1&to=qs&pwprc=8885713159&format=500x280&url=https%3A%2F%2F3seclab.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705504205281&bpp=1&bdt=1699&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85f5c5c159c77a69%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_Mb93ZQYCJF9PNRrdD0nXxMvr4sL5w&gpic=UID%3D00000d43700928e7%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_MYzgamZlVuSn9boNcaAHLj5-qNlIw&prev_fmts=0x0%2C1200x280&nras=2&correlator=7814081595830&rume=1&frm=20&pv=1&ga_vid=440884274.1705504204&ga_sid=1705504204&ga_hid=1558612209&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31080431%2C95320892%2C95321627%2C95322163%2C95322325%2C31061691%2C31061692&oid=2&psts=AOrYGsl95Ya7pY9kXAFmbNgL7fy4ghf-ulzrwF1d6HFUVvqvJwDESaqv5gDxcdYSHGP0kk2oC1kI7vRjWjmX9Q&pvsid=593978333931182&tmod=1091228091&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2429
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 17 Jan 2024 14:29:37 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame F5C6 		1 KB
648 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052384650666721&output=html&h=280&adk=3232636341&adf=3254513062&pi=t.aa~a.4122652283~rp.1&w=500&fwrn=4&fwrnh=100&lmt=1705504205&rafmt=1&to=qs&pwprc=8885713159&format=500x280&url=https%3A%2F%2F3seclab.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705504205281&bpp=1&bdt=1699&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85f5c5c159c77a69%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_Mb93ZQYCJF9PNRrdD0nXxMvr4sL5w&gpic=UID%3D00000d43700928e7%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_MYzgamZlVuSn9boNcaAHLj5-qNlIw&prev_fmts=0x0%2C1200x280&nras=2&correlator=7814081595830&rume=1&frm=20&pv=1&ga_vid=440884274.1705504204&ga_sid=1705504204&ga_hid=1558612209&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31080431%2C95320892%2C95321627%2C95322163%2C95322325%2C31061691%2C31061692&oid=2&psts=AOrYGsl95Ya7pY9kXAFmbNgL7fy4ghf-ulzrwF1d6HFUVvqvJwDESaqv5gDxcdYSHGP0kk2oC1kI7vRjWjmX9Q&pvsid=593978333931182&tmod=1091228091&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
71395
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 16 Jan 2024 19:20:11 GMT
etag
48472445140208031
expires
Wed, 17 Jan 2024 19:20:11 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 561F 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cab592df2cdafc6691a72631ba50837628b535989afb2ef1d98d3819838d60ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 77B6 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
65758
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 16 Jan 2024 20:54:08 GMT
expires
Wed, 15 Jan 2025 20:54:08 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
current
dclk-match.dotomi.com/match/bounce/ Frame C74F 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEMhE-DhnIw7PYkMguOhbOFA&google_cver=1&google_push=AXcoOmQz52OxV0et1CWDeCyxuBd-HlxqnD9d4u3WUdtQAPdvd0PLgRmmHzHHbYNiiPel2R2BEwD6fGxrPUGt2lK61ENJfdcrVryps7EmhSbA5opgdkvIWRQkJFzPmfE0N8DRHpUdnoOV39t8WnPlFdWyQxCxkSE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052384650666721&output=html&h=280&adk=1958173566&adf=867136312&pi=t.aa~a.2964258233~rp.1&w=500&fwrn=4&fwrnh=100&lmt=1705504205&rafmt=1&to=qs&pwprc=8885713159&format=500x280&url=https%3A%2F%2F3seclab.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705504205281&bpp=1&bdt=1699&idt=0&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85f5c5c159c77a69%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_Mb93ZQYCJF9PNRrdD0nXxMvr4sL5w&gpic=UID%3D00000d43700928e7%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_MYzgamZlVuSn9boNcaAHLj5-qNlIw&prev_fmts=0x0%2C1200x280%2C500x280&nras=3&correlator=7814081595830&rume=1&frm=20&pv=1&ga_vid=440884274.1705504204&ga_sid=1705504204&ga_hid=1558612209&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=2001&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31080431%2C95320892%2C95321627%2C95322163%2C95322325%2C31061691%2C31061692&oid=2&psts=AOrYGsl95Ya7pY9kXAFmbNgL7fy4ghf-ulzrwF1d6HFUVvqvJwDESaqv5gDxcdYSHGP0kk2oC1kI7vRjWjmX9Q&pvsid=593978333931182&tmod=1091228091&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2040 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:06 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame C74F
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELv3UIUs6RM8RbxcATef6K0&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELv3UIUs6RM8RbxcATef6K0&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TVJiNUFZT3MxUnE3eW01&google_gid=CAESELv3UIUs6RM8RbxcATef6K0&google_cver=1&google_push=AXcoOmSsGuDjYHHGLk9kHUa0m_pjp-jlFTaRrWwKmCeNXFB...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TVJiNUFZT3MxUnE3eW01&google_gid=CAESELv3UIUs6RM8RbxcATef6K0&google_cver=1&google_push=AXcoOmSsGuDjYHHGLk9kHUa0m_pjp-jlFTaRrWwKmCeNXFBRtPk_yeTA20YW9bF-vh2Jhdgg80G22kIDMZFoZ-5fvseFgBR2YsLaIiByay2AO7HEM-I8sPxTnR_ywzKiixc06MZ-p4gRb6EU3jBc3sdJbVS0Uzw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052384650666721&output=html&h=280&adk=1958173566&adf=867136312&pi=t.aa~a.2964258233~rp.1&w=500&fwrn=4&fwrnh=100&lmt=1705504205&rafmt=1&to=qs&pwprc=8885713159&format=500x280&url=https%3A%2F%2F3seclab.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705504205281&bpp=1&bdt=1699&idt=0&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85f5c5c159c77a69%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_Mb93ZQYCJF9PNRrdD0nXxMvr4sL5w&gpic=UID%3D00000d43700928e7%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_MYzgamZlVuSn9boNcaAHLj5-qNlIw&prev_fmts=0x0%2C1200x280%2C500x280&nras=3&correlator=7814081595830&rume=1&frm=20&pv=1&ga_vid=440884274.1705504204&ga_sid=1705504204&ga_hid=1558612209&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=2001&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31080431%2C95320892%2C95321627%2C95322163%2C95322325%2C31061691%2C31061692&oid=2&psts=AOrYGsl95Ya7pY9kXAFmbNgL7fy4ghf-ulzrwF1d6HFUVvqvJwDESaqv5gDxcdYSHGP0kk2oC1kI7vRjWjmX9Q&pvsid=593978333931182&tmod=1091228091&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=5
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 17 Jan 2024 15:10:05 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-0f7f5cc7c951f6e61@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=TVJiNUFZT3MxUnE3eW01&google_gid=CAESELv3UIUs6RM8RbxcATef6K0&google_cver=1&google_push=AXcoOmSsGuDjYHHGLk9kHUa0m_pjp-jlFTaRrWwKmCeNXFBRtPk_yeTA20YW9bF-vh2Jhdgg80G22kIDMZFoZ-5fvseFgBR2YsLaIiByay2AO7HEM-I8sPxTnR_ywzKiixc06MZ-p4gRb6EU3jBc3sdJbVS0Uzw
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C74F
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFQlNeu-g22OWr6HS93hhAI&google_push=AXcoOmTe5kiuJl-hUp9oCJLQjhZUnd2Q05yrdpX7jjRLbjpwcXDyUWluXB...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFQlNeu-g22OWr6HS93hhAI&google_push=AXcoOmTe5kiuJl-hUp9oCJLQjhZUnd2Q05yrdpX7jjRLbjpwcXDyUWluXBqgsntZ2J6oSOCpNV9L4bpOxyjGBnPFSMwqj4jdMnkE7V_Nx6RAym8YUNhiBW56knkUrxa4EtC9Et4EPnZF3qiaZB5VkJsVbaxh4cA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052384650666721&output=html&h=280&adk=1958173566&adf=867136312&pi=t.aa~a.2964258233~rp.1&w=500&fwrn=4&fwrnh=100&lmt=1705504205&rafmt=1&to=qs&pwprc=8885713159&format=500x280&url=https%3A%2F%2F3seclab.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705504205281&bpp=1&bdt=1699&idt=0&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85f5c5c159c77a69%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_Mb93ZQYCJF9PNRrdD0nXxMvr4sL5w&gpic=UID%3D00000d43700928e7%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_MYzgamZlVuSn9boNcaAHLj5-qNlIw&prev_fmts=0x0%2C1200x280%2C500x280&nras=3&correlator=7814081595830&rume=1&frm=20&pv=1&ga_vid=440884274.1705504204&ga_sid=1705504204&ga_hid=1558612209&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=2001&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31080431%2C95320892%2C95321627%2C95322163%2C95322325%2C31061691%2C31061692&oid=2&psts=AOrYGsl95Ya7pY9kXAFmbNgL7fy4ghf-ulzrwF1d6HFUVvqvJwDESaqv5gDxcdYSHGP0kk2oC1kI7vRjWjmX9Q&pvsid=593978333931182&tmod=1091228091&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=5
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-fra-etou8220024-FRA
pragma
no-cache
date
Wed, 17 Jan 2024 15:10:06 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1705504206.494781,VS0,VE94
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEFQlNeu-g22OWr6HS93hhAI&google_push=AXcoOmTe5kiuJl-hUp9oCJLQjhZUnd2Q05yrdpX7jjRLbjpwcXDyUWluXBqgsntZ2J6oSOCpNV9L4bpOxyjGBnPFSMwqj4jdMnkE7V_Nx6RAym8YUNhiBW56knkUrxa4EtC9Et4EPnZF3qiaZB5VkJsVbaxh4cA
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame C74F
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESED2S9quWEFbEgOwBZMJWZog&google_cver=1&google_push=AXcoOmTdGNfFkJi2yJBOwSnF-8NqqAr5f0vthW0CBWyWNtO-2aQNwCmbiWI67lwmkOv0tqSR9wPYcLeRxJcbWs5bIpUKhiueYDVyh...
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmTdGNfFkJi2yJBOwSnF-8NqqAr5f0vthW0CBWyWNtO-2aQNwCmbiWI67lwmkOv0tqSR9wPYcLeRxJcbWs5bIpUKhiueYDVyhbywV7k5ey3LRAFqEaHZX33nl_Bv4T-J...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmTdGNfFkJi2yJBOwSnF-8NqqAr5f0vthW0CBWyWNtO-2aQNwCmbiWI67lwmkOv0tqSR9wPYcLeRxJcbWs5bIpUKhiueYDVyhbywV7k5ey3LRAFqEaHZX33nl_Bv4T-JWjtiPQWWN9ojBOZXKMG4-d2fQQ&google_hm=Q0FFU0VEMlM5cXVXRUZiRWdPd0JaTUpXWm9n
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052384650666721&output=html&h=280&adk=1958173566&adf=867136312&pi=t.aa~a.2964258233~rp.1&w=500&fwrn=4&fwrnh=100&lmt=1705504205&rafmt=1&to=qs&pwprc=8885713159&format=500x280&url=https%3A%2F%2F3seclab.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705504205281&bpp=1&bdt=1699&idt=0&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85f5c5c159c77a69%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_Mb93ZQYCJF9PNRrdD0nXxMvr4sL5w&gpic=UID%3D00000d43700928e7%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_MYzgamZlVuSn9boNcaAHLj5-qNlIw&prev_fmts=0x0%2C1200x280%2C500x280&nras=3&correlator=7814081595830&rume=1&frm=20&pv=1&ga_vid=440884274.1705504204&ga_sid=1705504204&ga_hid=1558612209&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=2001&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31080431%2C95320892%2C95321627%2C95322163%2C95322325%2C31061691%2C31061692&oid=2&psts=AOrYGsl95Ya7pY9kXAFmbNgL7fy4ghf-ulzrwF1d6HFUVvqvJwDESaqv5gDxcdYSHGP0kk2oC1kI7vRjWjmX9Q&pvsid=593978333931182&tmod=1091228091&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=5
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 17 Jan 2024 15:10:05 GMT
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmTdGNfFkJi2yJBOwSnF-8NqqAr5f0vthW0CBWyWNtO-2aQNwCmbiWI67lwmkOv0tqSR9wPYcLeRxJcbWs5bIpUKhiueYDVyhbywV7k5ey3LRAFqEaHZX33nl_Bv4T-JWjtiPQWWN9ojBOZXKMG4-d2fQQ&google_hm=Q0FFU0VEMlM5cXVXRUZiRWdPd0JaTUpXWm9n
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C74F
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEAee0AGkfAPk5Uj8bmkQdOw&google_cver=1&google_push=AXcoOmRKStOisA2UU7hdF8kbeZZT_nqbzEAtchmda5UxvrhByOYWaco27FUYjHZSl6kCjhpzz5E5j4I702Xiw3Hg1Kv83gN...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRKStOisA2UU7hdF8kbeZZT_nqbzEAtchmda5UxvrhByOYWaco27FUYjHZSl6kCjhpzz5E5j4I702Xiw3Hg1Kv83gNrFQQbPUPvVqmySSQIRjAv-1nnwL6ww0SqZVISB...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRKStOisA2UU7hdF8kbeZZT_nqbzEAtchmda5UxvrhByOYWaco27FUYjHZSl6kCjhpzz5E5j4I702Xiw3Hg1Kv83gNrFQQbPUPvVqmySSQIRjAv-1nnwL6ww0SqZVISBwLFi4YzDaRwpg1uGOIp5CIetfg&google_hm=eS01OXk3ekdCRTJwRkxmOFdTcHFtMWZKZEJORUpDS0JmTn5B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052384650666721&output=html&h=280&adk=1958173566&adf=867136312&pi=t.aa~a.2964258233~rp.1&w=500&fwrn=4&fwrnh=100&lmt=1705504205&rafmt=1&to=qs&pwprc=8885713159&format=500x280&url=https%3A%2F%2F3seclab.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705504205281&bpp=1&bdt=1699&idt=0&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85f5c5c159c77a69%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_Mb93ZQYCJF9PNRrdD0nXxMvr4sL5w&gpic=UID%3D00000d43700928e7%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_MYzgamZlVuSn9boNcaAHLj5-qNlIw&prev_fmts=0x0%2C1200x280%2C500x280&nras=3&correlator=7814081595830&rume=1&frm=20&pv=1&ga_vid=440884274.1705504204&ga_sid=1705504204&ga_hid=1558612209&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=2001&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31080431%2C95320892%2C95321627%2C95322163%2C95322325%2C31061691%2C31061692&oid=2&psts=AOrYGsl95Ya7pY9kXAFmbNgL7fy4ghf-ulzrwF1d6HFUVvqvJwDESaqv5gDxcdYSHGP0kk2oC1kI7vRjWjmX9Q&pvsid=593978333931182&tmod=1091228091&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=5
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 17 Jan 2024 15:10:06 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRKStOisA2UU7hdF8kbeZZT_nqbzEAtchmda5UxvrhByOYWaco27FUYjHZSl6kCjhpzz5E5j4I702Xiw3Hg1Kv83gNrFQQbPUPvVqmySSQIRjAv-1nnwL6ww0SqZVISBwLFi4YzDaRwpg1uGOIp5CIetfg&google_hm=eS01OXk3ekdCRTJwRkxmOFdTcHFtMWZKZEJORUpDS0JmTn5B
content-length
0
sync
odr.mookie1.com/t/v2/ Frame C74F 		42 B
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEHLQipn6xkAGXkIZl6kNO64&google_push=AXcoOmRIZ-XIsuVVm0ZeJbxpYdt-p1G6SpdsBd1R-fEJjQNYHXIX2EhubupvK6H2u26g3PlsUXeGJwznTIGQUTHI0YTF1zXuG3cxip82uuH-7npkKLe96HIcdToomQ-r2YDhZx8tqKYPWSHmPLSWCNkuOvYxzuw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052384650666721&output=html&h=280&adk=1958173566&adf=867136312&pi=t.aa~a.2964258233~rp.1&w=500&fwrn=4&fwrnh=100&lmt=1705504205&rafmt=1&to=qs&pwprc=8885713159&format=500x280&url=https%3A%2F%2F3seclab.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705504205281&bpp=1&bdt=1699&idt=0&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85f5c5c159c77a69%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_Mb93ZQYCJF9PNRrdD0nXxMvr4sL5w&gpic=UID%3D00000d43700928e7%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_MYzgamZlVuSn9boNcaAHLj5-qNlIw&prev_fmts=0x0%2C1200x280%2C500x280&nras=3&correlator=7814081595830&rume=1&frm=20&pv=1&ga_vid=440884274.1705504204&ga_sid=1705504204&ga_hid=1558612209&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=2001&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31080431%2C95320892%2C95321627%2C95322163%2C95322325%2C31061691%2C31061692&oid=2&psts=AOrYGsl95Ya7pY9kXAFmbNgL7fy4ghf-ulzrwF1d6HFUVvqvJwDESaqv5gDxcdYSHGP0kk2oC1kI7vRjWjmX9Q&pvsid=593978333931182&tmod=1091228091&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.236.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.236.160.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:10:06 GMT
via
1.1 google
last-modified
Thu, 19 Oct 2023 06:07:48 GMT
server
nginx
etag
"6530c7b4-2a"
content-type
image/gif
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
googleredir
googlecm.hit.gemius.pl/ Frame C74F 		0
0
attr
cm.g.doubleclick.net/pixel/ Frame C74F 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KL0ylJpjHQzpdJ6SDrcmlHL9zK-ptHcCLaXQzM9-VaRyVspysSIlj8ilTgzp9_yPJWKt2hcA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052384650666721&output=html&h=280&adk=1958173566&adf=867136312&pi=t.aa~a.2964258233~rp.1&w=500&fwrn=4&fwrnh=100&lmt=1705504205&rafmt=1&to=qs&pwprc=8885713159&format=500x280&url=https%3A%2F%2F3seclab.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705504205281&bpp=1&bdt=1699&idt=0&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85f5c5c159c77a69%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_Mb93ZQYCJF9PNRrdD0nXxMvr4sL5w&gpic=UID%3D00000d43700928e7%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_MYzgamZlVuSn9boNcaAHLj5-qNlIw&prev_fmts=0x0%2C1200x280%2C500x280&nras=3&correlator=7814081595830&rume=1&frm=20&pv=1&ga_vid=440884274.1705504204&ga_sid=1705504204&ga_hid=1558612209&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=2001&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31080431%2C95320892%2C95321627%2C95322163%2C95322325%2C31061691%2C31061692&oid=2&psts=AOrYGsl95Ya7pY9kXAFmbNgL7fy4ghf-ulzrwF1d6HFUVvqvJwDESaqv5gDxcdYSHGP0kk2oC1kI7vRjWjmX9Q&pvsid=593978333931182&tmod=1091228091&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:10:06 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
index.html
s0.2mdn.net/sadbundle/2697211176333753978/ Frame E229 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2697211176333753978/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
118c896ee0da998013a6507f7510f9e430736412ef38571c24af9f0545510c8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
46220
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2948
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 17 Jan 2024 02:19:46 GMT
expires
Thu, 16 Jan 2025 02:19:46 GMT
last-modified
Fri, 15 Dec 2023 05:04:16 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 08B7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu2EV2aSWc9MkAu7_rAowJSBg8JaT8U-9v4KN4Yw-weFpFIR9Pbhf_L5RFLWpulmf_YHFmgTdHcQqmAdWkuJhNXBcLtlXGL7aNXFYxrBmeyPfycYtpnVO3Hjk_CTuXgr0Jr5bfqaTha4BJyjrQyExVTJIbxeaHIBYTjY_oGLq_qzif6d6Tzpn3f_anB4yOPVfMXQtC3FaLvrUQIErWrYJsGwYKO9IesSxwMoP-82w734zVnSLwoRiaJcUB6RSeQ8x0DQPLWyqvTGY2SyFNgccouRI9APdGzd3K7k70g09sPYxpy7_o08G9WCRocLaSVqioDsXdCUtSM0HHQ3pZh6ZCRCoSsAkpPZRF89sgdQla9ZgLEh1HWZ07Dq0d6HAgpCzyWvZjwfAOPByx0MzQqS5X180IEhAmSmE451X5DKGtFM_EsJjdNIy0GsqwutXruGEoGuqsanv7goWh5_QT4oX1VeiMs5Cx9yip8LwazOBBkNu-E4rQ_CfFA4QEuKT21p2p8N6zvHEn0_kkN5akaD94NeJ9ROg2ca_od0XwiRSgLlqaSTVYTYh5CJDTfHKYNaD62-0uR3ATMYaf9ZwDdwO7McMMLxdvr4UlAH0w-PUAh_jsSW7USoOOeHGP4iylA7EbeIolRWVn7sCdSPS1xMD4Sgv0TYxKDRW9gz4QhpXGHd5wfACXJCRBWLUALrNHzuNoeUS2QohelLAhePZix6yn5PUyQCdUzh4MzPqBin5-IXmETloH5GrSlcHWxn0G3XaBPxj5HpaDZWFdfyzZ7purT_sQEOj7UFT08YK9cJE0uY7-k43J-QPGqK29EWHumQu3YsUyO_FcmbnSA8AveQenMFAwRLh-CHjaxa2rPV5x83_LVDYuCOlQ0XsYOCgyDkLg1UMMBdDTS1VDoJXf2O-A-jMTmJvE_j6zT_ZnajiYByh8qrt32frtPuhD7GfZZRiERUTfg05AOF9OHDNyza1r2OoQG-DvIeDTUDilTXMbHWf2LAZFQhHgRPiFo-kUzN_2Ps_OTq2Lvpc_iDTiHIdw2r1CzeyBXEMW3DuGQpXWodOjK-g26gO3O0rxGHgizYvWIe1XkogbxfIZGrzVPAQTaW7ajpVI2zSOxFzs-HLOnD2qvIwCZzwGa3s9I7L5Q2Lt9j8qwQYsZrvrr-SsArqM9Jd_G-1mu-ZKNPbacoWBmYArE1JCSu3fIOn8KNsc_fRAIeJR4dBbB5lO8HBH2OT0EWfQYHewolDRNXF3L4oL-AVATYfYpTZtkHbLmvZI1-_ZB6UmyKEFYavI7mfJdNCUd1m_5FHaMfswyzjkrDpoykVA4TbIcJmUxq09-J6pQEuTDeoUc1XJtiOk1ZPRAV56QKJml1S710jHh12HmfECh6g&sai=AMfl-YTsA6uGDE02gau8VG9YmeMaYO2GYaHb4jnvMTeWaiYciDNmDiaJV6Jfjt6PwyHXzBgf_RgKAWIAKO2nBQBH9ZqiMd9p9Yqvx8ryirMDO5DOg7XcOhgm_1d_60lAj4BtsaHIQRGeq-I_whUtfzooYQSGqa8ngzyjWeAXjhUP5U8kBNtF1fISIsvHINXaVsXflicONAKpKqcsmC_mlG28yStK7gD4NL575nc7StRXLcCUsnMlmrWjKqDQ5TA2KvoERr2jRhjGXJPHY9MS3hJu-eDUjM2PFqQkGQ&sig=Cg0ArKJSzOZB6gEm9qBrEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=88&cbvp=1&cstd=86&cisv=r20240116.84671&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 17 Jan 2024 15:10:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gsap_3.11.5_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame E229 		70 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.11.5_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2697211176333753978/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5118140a15e5dbb471f19c06816bcfa44170878bd8fe0ade80c24b7a988d8ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2697211176333753978/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:10:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27946
x-xss-protection
0
last-modified
Fri, 12 May 2023 16:06:19 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 17 Jan 2024 15:10:06 GMT
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame E229 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2697211176333753978/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2697211176333753978/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:10:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 17 Jan 2024 15:10:06 GMT
index.js
s0.2mdn.net/sadbundle/2697211176333753978/ Frame E229 		59 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2697211176333753978/index.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2697211176333753978/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d2f739ccd0f4015ddd8911da46f0e54d9e5873313e11382fef9d16d6e4fb1cdd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2697211176333753978/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 15 Jan 2025 19:21:36 GMT
date
Tue, 16 Jan 2024 19:21:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71310
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13427
x-xss-protection
0
last-modified
Fri, 15 Dec 2023 05:04:16 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
view
googleads4.g.doubleclick.net/pcs/ Frame C551 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvYPI0UDlDQ1jr99ScyZa44uWXrWaprpK65bXyQkbii_xcKAobTm_R0fIk9g4yk-agBLZRIu8nidQtxVNfwyLD1ZswWMlcq4HRIe9jO5lUtW1X4bp9BlIYCEhU4ky0o--9vu1WA1V2maYYShYpGFmlECMmI7IVb4IIX6I4nTRIavEt5O1Z9dR8UBbY-AJz0VPzgZohFePn3hpwrjOqRFBPSDIjx5z2L-JP39kzAA114ktsnafHhABEcF5n47SZQobvy08pImciEJFaduWFLrmHfluLHd90bD4y8JaWorO5rp_rryqyzmZcCVPPobjGIR6CwusJADyenoohipwpbjZO9pjjZe275UiRB1rTfy48QN2N-qtUUYavvBlrtnHUB4O7MPDOQGPeARuiQbW4YXKDb8ukmhQTMz2OLdi-JvaoLlrsOGpdgYUcNprJqHwYrrCVZu8zBmA44zT7eesaaojNBOa21bglt0-VqiY91u1Lh_B35cmaT8U32pOmj0Ns0SWvgUl0qsGW3a9RJ6pDqHFHx9YiCSFareN1s8nZV-jD_6X_JlPDsTB-IcVwklLZPjVEKexxS0d6yrKSryzB5LR4u3QnCPTUUJbFCTyVZhnvw0TLviYtnxz84QhLEQkoaFwlfpP6d3RyLyqQvKQ0JvoHXaw-tg559mpE7drL_T3LiYi4lCfxf_Zllhi02P-6QmugZR2tLRdX9SEOTAl7xTwoF0irGnBvwPVwy69y3y54Q2pCTFSLAduFmIFnB8HxuFsRekC7lykZK2t4q752VskFpFP0kN8vja2Yn5DR04jTE0RfFR7G_ZFwi8IyY-l_htoYAXDo9YSOIJEQrZ8QpsB-KqCTtL8rN93Zx8Azd_qDkbL1IVH1CQRA1l9PitjXfw6wTeToGfhfTOrnlx7-nu6JRL6uAouQ2lJnlPGzUigVARNlGnyr0J-qcHLaB5iMQxjo5a3QXkiSJkZougec4kB348tOulFM0dTsCGzzEJT3lFsKRrRBwNkQXK8Lm95swTinXCb3SXRdt2L5FnYM4Vr0QrJSIxqZUVSbfrXAEprNLMF0w7PYBB9U2dSzyiNgLDEjRO7nLHzPSNfrBULZLXXSH3Vwkm9dCvgFxORGPFJToUElh3cQ2zzGN6YROBM84P8Ct2u7VSo4O_Fhllz9LPlu-Z_XxThnhB6tDZXT-u6LlOxOFqOzNphZfI0RShgXgSQdppuzfzJGBm76jpWvS0fGYaTIKqM8ajjHgVrJZYbdFi-upJPdwcLCtOPlLTS07y-ZCsGahNLg0QXdcDmvx2bzVw7WH7C1IC0yj5mAAbt2nBQ5uoSwO_lG74ODjRskF9Zpof6T69gc&sai=AMfl-YSobcftFoVH39cg_R_mSlasSEyg3q89Nv-CmV1wMR1ebCEgVh_z2phMYdpqeZ-XbB6wVfVUldV93nNAkb9Tk6aODZZ-BfGIPxOLsoG6E_wPMy2bxbyu1ssXA0-CiCe7USNIdlIQgA9iQ_cRjbZjPBHTmLEjzKELauu4E_tjUhyQLRmexxy9JPymI8ruDRObKeliZTEme7_eSaSPaAHVw4-i9u-s5SShxxQDo1SixRqCLRLdwI5VSJHo1OA1znRY77MlfOxZonRoD6sTT0qsB6mEQj9fYvDrZyNLwQ43iw&sig=Cg0ArKJSzAGxBittWj55EAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=606&vt=11&dtpt=339&dett=3&cstd=263&cisv=r20240116.67952&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:10:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
dpixel
cms.quantserve.com/ Frame F5C6 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDiV1G2cDQcQRkf5HsHtcis&google_cver=1&google_push=AXcoOmT1JSLZTM2IeXZ87w43ycnvtrzCK0ydQ-bn4R0Uga305DWbYOAhrIsO1Hfv1iiOMAPAzZKELLT2S66ddHxBnI9dXtOOpwMzI4ov9Hq4IcejLilSXtUmbgjjyIZL7LPLkPUReJq5nAlGMRUn-mt3t5a1heo
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052384650666721&output=html&h=280&adk=3232636341&adf=3254513062&pi=t.aa~a.4122652283~rp.1&w=500&fwrn=4&fwrnh=100&lmt=1705504205&rafmt=1&to=qs&pwprc=8885713159&format=500x280&url=https%3A%2F%2F3seclab.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705504205281&bpp=1&bdt=1699&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85f5c5c159c77a69%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_Mb93ZQYCJF9PNRrdD0nXxMvr4sL5w&gpic=UID%3D00000d43700928e7%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_MYzgamZlVuSn9boNcaAHLj5-qNlIw&prev_fmts=0x0%2C1200x280&nras=2&correlator=7814081595830&rume=1&frm=20&pv=1&ga_vid=440884274.1705504204&ga_sid=1705504204&ga_hid=1558612209&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31080431%2C95320892%2C95321627%2C95322163%2C95322325%2C31061691%2C31061692&oid=2&psts=AOrYGsl95Ya7pY9kXAFmbNgL7fy4ghf-ulzrwF1d6HFUVvqvJwDESaqv5gDxcdYSHGP0kk2oC1kI7vRjWjmX9Q&pvsid=593978333931182&tmod=1091228091&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:06 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F5C6
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEG-6gj7fqTi59cBRQFZBU-g&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEG-6gj7fqTi59cBRQFZBU-g&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bUhOSmZtdFMxUnE3eW01&google_gid=CAESEG-6gj7fqTi59cBRQFZBU-g&google_cver=1&google_push=AXcoOmSo9neS5kVf1FZgOcHKRffVxGWB1SpndhIGlU3J2K_...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bUhOSmZtdFMxUnE3eW01&google_gid=CAESEG-6gj7fqTi59cBRQFZBU-g&google_cver=1&google_push=AXcoOmSo9neS5kVf1FZgOcHKRffVxGWB1SpndhIGlU3J2K_zqQpRW5B_cdnkPr16J1GEEDvSCNFlCB848FSj8rq8G1__7-YTQbvMmeDWHKMSa6JFW9iJYRekgU3-SO8itgmNoTzrqLokXyglQEn3nhuasdsmWg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052384650666721&output=html&h=280&adk=3232636341&adf=3254513062&pi=t.aa~a.4122652283~rp.1&w=500&fwrn=4&fwrnh=100&lmt=1705504205&rafmt=1&to=qs&pwprc=8885713159&format=500x280&url=https%3A%2F%2F3seclab.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705504205281&bpp=1&bdt=1699&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85f5c5c159c77a69%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_Mb93ZQYCJF9PNRrdD0nXxMvr4sL5w&gpic=UID%3D00000d43700928e7%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_MYzgamZlVuSn9boNcaAHLj5-qNlIw&prev_fmts=0x0%2C1200x280&nras=2&correlator=7814081595830&rume=1&frm=20&pv=1&ga_vid=440884274.1705504204&ga_sid=1705504204&ga_hid=1558612209&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31080431%2C95320892%2C95321627%2C95322163%2C95322325%2C31061691%2C31061692&oid=2&psts=AOrYGsl95Ya7pY9kXAFmbNgL7fy4ghf-ulzrwF1d6HFUVvqvJwDESaqv5gDxcdYSHGP0kk2oC1kI7vRjWjmX9Q&pvsid=593978333931182&tmod=1091228091&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=3
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 17 Jan 2024 15:10:05 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-0f7f5cc7c951f6e61@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bUhOSmZtdFMxUnE3eW01&google_gid=CAESEG-6gj7fqTi59cBRQFZBU-g&google_cver=1&google_push=AXcoOmSo9neS5kVf1FZgOcHKRffVxGWB1SpndhIGlU3J2K_zqQpRW5B_cdnkPr16J1GEEDvSCNFlCB848FSj8rq8G1__7-YTQbvMmeDWHKMSa6JFW9iJYRekgU3-SO8itgmNoTzrqLokXyglQEn3nhuasdsmWg
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame F5C6
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEL3qpKQlhd0IqFl13QmKyFw&google_cver=1&google_push=AXcoOmRHn10d54y2woZJcxeVH80kG2_3rtKwLE2rf-kuGi5ip3rJQeTuT3O1R67m8JvcNLdDHzaYpoaUhlegAByGFSuzah05r_FnE...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEL3qpKQlhd0IqFl13QmKyFw&google_cver=1&google_push=AXcoOmRHn10d54y2woZJcxeVH80kG2_3rtKwLE2rf-kuGi5ip3rJQeTuT3O1R67m8JvcNLdDHzaYpoaUhlegAByGFSuzah05r_F...
43 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEL3qpKQlhd0IqFl13QmKyFw&google_cver=1&google_push=AXcoOmRHn10d54y2woZJcxeVH80kG2_3rtKwLE2rf-kuGi5ip3rJQeTuT3O1R67m8JvcNLdDHzaYpoaUhlegAByGFSuzah05r_FnE17ROfUCqNtqazsUxPLqpveJ3zlYRhvPHexINe9l1jxhZNSReuFGb20Xuw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRHn10d54y2woZJcxeVH80kG2_3rtKwLE2rf-kuGi5ip3rJQeTuT3O1R67m8JvcNLdDHzaYpoaUhlegAByGFSuzah05r_FnE17ROfUCqNtqazsUxPLqpveJ3zlYRhvPHexINe9l1jxhZNSReuFGb20Xuw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H2
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:07 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
846f85eccbc7bb43-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:06 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
107
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEL3qpKQlhd0IqFl13QmKyFw&google_cver=1&google_push=AXcoOmRHn10d54y2woZJcxeVH80kG2_3rtKwLE2rf-kuGi5ip3rJQeTuT3O1R67m8JvcNLdDHzaYpoaUhlegAByGFSuzah05r_FnE17ROfUCqNtqazsUxPLqpveJ3zlYRhvPHexINe9l1jxhZNSReuFGb20Xuw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRHn10d54y2woZJcxeVH80kG2_3rtKwLE2rf-kuGi5ip3rJQeTuT3O1R67m8JvcNLdDHzaYpoaUhlegAByGFSuzah05r_FnE17ROfUCqNtqazsUxPLqpveJ3zlYRhvPHexINe9l1jxhZNSReuFGb20Xuw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
846f85eb09c0bb43-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F5C6
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMCWMqke2zEB9O38YerNb5A&google_push=AXcoOmQEtELnVZHKykuaWO1vGTK3Mhx3slIp_4NX1Vo7U1OCXHKT6DS2bl...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMCWMqke2zEB9O38YerNb5A&google_push=AXcoOmQEtELnVZHKykuaWO1vGTK3Mhx3slIp_4NX1Vo7U1OCXHKT6DS2blIHOKnob_0xOK78J3nGxLkoeuSKs5bDk6C1mZqfzde_dl6IEK3HQIWNKCkqpSnW-FoW4tmfwQWJzpHx6kwl786dx0F0t8KUWeLt8g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052384650666721&output=html&h=280&adk=3232636341&adf=3254513062&pi=t.aa~a.4122652283~rp.1&w=500&fwrn=4&fwrnh=100&lmt=1705504205&rafmt=1&to=qs&pwprc=8885713159&format=500x280&url=https%3A%2F%2F3seclab.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705504205281&bpp=1&bdt=1699&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85f5c5c159c77a69%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_Mb93ZQYCJF9PNRrdD0nXxMvr4sL5w&gpic=UID%3D00000d43700928e7%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_MYzgamZlVuSn9boNcaAHLj5-qNlIw&prev_fmts=0x0%2C1200x280&nras=2&correlator=7814081595830&rume=1&frm=20&pv=1&ga_vid=440884274.1705504204&ga_sid=1705504204&ga_hid=1558612209&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31080431%2C95320892%2C95321627%2C95322163%2C95322325%2C31061691%2C31061692&oid=2&psts=AOrYGsl95Ya7pY9kXAFmbNgL7fy4ghf-ulzrwF1d6HFUVvqvJwDESaqv5gDxcdYSHGP0kk2oC1kI7vRjWjmX9Q&pvsid=593978333931182&tmod=1091228091&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=3
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-fra-etou8220024-FRA
pragma
no-cache
date
Wed, 17 Jan 2024 15:10:06 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1705504206.494334,VS0,VE98
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMCWMqke2zEB9O38YerNb5A&google_push=AXcoOmQEtELnVZHKykuaWO1vGTK3Mhx3slIp_4NX1Vo7U1OCXHKT6DS2blIHOKnob_0xOK78J3nGxLkoeuSKs5bDk6C1mZqfzde_dl6IEK3HQIWNKCkqpSnW-FoW4tmfwQWJzpHx6kwl786dx0F0t8KUWeLt8g
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame F5C6
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEBX07g9_Bv_dm1e6AWZZOmE&google_cver=1&google_push=AXcoOmSwUBqUPaJa6uMxHxX8cE4CfVMBGOJWVj-Sll4uj_ifVnQqldn7_gd-U5v5ywUcKyF7XcWeOu2xdIM5m2b4ortsulfupLHDxk...
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=022B358611524395B72E3CFC9921E9EF&google_push=AXcoOmSwUBqUPaJa6uMxHxX8cE4CfVMBGOJWVj-Sll4uj_ifVnQqldn7_gd-U5v5ywUcKyF7XcWeOu2xdIM5m2b...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=022B358611524395B72E3CFC9921E9EF&google_push=AXcoOmSwUBqUPaJa6uMxHxX8cE4CfVMBGOJWVj-Sll4uj_ifVnQqldn7_gd-U5v5ywUcKyF7XcWeOu2xdIM5m2b4ortsulfupLHDxkSfhg4T3DEo5dsLws7DXO2nw491Qqh3M4xv1PiDXrdAuoG01Az7MTf3JC0
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 17 Jan 2024 15:10:06 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=022B358611524395B72E3CFC9921E9EF&google_push=AXcoOmSwUBqUPaJa6uMxHxX8cE4CfVMBGOJWVj-Sll4uj_ifVnQqldn7_gd-U5v5ywUcKyF7XcWeOu2xdIM5m2b4ortsulfupLHDxkSfhg4T3DEo5dsLws7DXO2nw491Qqh3M4xv1PiDXrdAuoG01Az7MTf3JC0
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 16 Jan 2024 15:10:06 GMT
sync
x.bidswitch.net/ Frame F5C6 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEKAt3MAQ2NI9bey74p0edCM&google_cver=1&google_push=AXcoOmSpWbXvodRZMpGmAEq4-UYfx2RWvOtFM1yd81YgSx8Bp1-viXHza_RlsECbboA4IIBIKBtga5ca_VjicUb0726ee8PJ9XJ1F6nvv1Jc4LhjiG1Pl_-JC-dkxNIZMTMhY4v524OHP9XrCubRkx4L5LfC2g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052384650666721&output=html&h=280&adk=3232636341&adf=3254513062&pi=t.aa~a.4122652283~rp.1&w=500&fwrn=4&fwrnh=100&lmt=1705504205&rafmt=1&to=qs&pwprc=8885713159&format=500x280&url=https%3A%2F%2F3seclab.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705504205281&bpp=1&bdt=1699&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85f5c5c159c77a69%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_Mb93ZQYCJF9PNRrdD0nXxMvr4sL5w&gpic=UID%3D00000d43700928e7%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_MYzgamZlVuSn9boNcaAHLj5-qNlIw&prev_fmts=0x0%2C1200x280&nras=2&correlator=7814081595830&rume=1&frm=20&pv=1&ga_vid=440884274.1705504204&ga_sid=1705504204&ga_hid=1558612209&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31080431%2C95320892%2C95321627%2C95322163%2C95322325%2C31061691%2C31061692&oid=2&psts=AOrYGsl95Ya7pY9kXAFmbNgL7fy4ghf-ulzrwF1d6HFUVvqvJwDESaqv5gDxcdYSHGP0kk2oC1kI7vRjWjmX9Q&pvsid=593978333931182&tmod=1091228091&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.244.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-244-187.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:10:06 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame F5C6
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEM9WoWaN4sjT92AjYyMlWeo&google_cver=1&google_push=AXcoOmQ6EoqQ95wl_JQjabonGjHLDj-CUUPmQzd6iBc0bBx3u58SZIBbF4EJkxapYR_AvbTxJFVHm0wyyEpgyc8ZataQKej...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQ6EoqQ95wl_JQjabonGjHLDj-CUUPmQzd6iBc0bBx3u58SZIBbF4EJkxapYR_AvbTxJFVHm0wyyEpgyc8ZataQKejFbjFahH-9-BaAKtIQgT6oA8uyMtnav8vvObvWG...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQ6EoqQ95wl_JQjabonGjHLDj-CUUPmQzd6iBc0bBx3u58SZIBbF4EJkxapYR_AvbTxJFVHm0wyyEpgyc8ZataQKejFbjFahH-9-BaAKtIQgT6oA8uyMtnav8vvObvWGCAFONt3AhiuT7RoHOUVP3XQ2RI&google_hm=eS1rem5mNmd0RTJwRlNPVllvU2p6aVNXNHBzRERkNlcuZH5B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052384650666721&output=html&h=280&adk=3232636341&adf=3254513062&pi=t.aa~a.4122652283~rp.1&w=500&fwrn=4&fwrnh=100&lmt=1705504205&rafmt=1&to=qs&pwprc=8885713159&format=500x280&url=https%3A%2F%2F3seclab.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705504205281&bpp=1&bdt=1699&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85f5c5c159c77a69%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_Mb93ZQYCJF9PNRrdD0nXxMvr4sL5w&gpic=UID%3D00000d43700928e7%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_MYzgamZlVuSn9boNcaAHLj5-qNlIw&prev_fmts=0x0%2C1200x280&nras=2&correlator=7814081595830&rume=1&frm=20&pv=1&ga_vid=440884274.1705504204&ga_sid=1705504204&ga_hid=1558612209&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31080431%2C95320892%2C95321627%2C95322163%2C95322325%2C31061691%2C31061692&oid=2&psts=AOrYGsl95Ya7pY9kXAFmbNgL7fy4ghf-ulzrwF1d6HFUVvqvJwDESaqv5gDxcdYSHGP0kk2oC1kI7vRjWjmX9Q&pvsid=593978333931182&tmod=1091228091&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=3
Protocol
H3
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 17 Jan 2024 15:10:06 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQ6EoqQ95wl_JQjabonGjHLDj-CUUPmQzd6iBc0bBx3u58SZIBbF4EJkxapYR_AvbTxJFVHm0wyyEpgyc8ZataQKejFbjFahH-9-BaAKtIQgT6oA8uyMtnav8vvObvWGCAFONt3AhiuT7RoHOUVP3XQ2RI&google_hm=eS1rem5mNmd0RTJwRlNPVllvU2p6aVNXNHBzRERkNlcuZH5B
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame F5C6 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LfwdnE9C0O4LGSGhnAGUwspFru3f3Xh0bfrtERPKNetq7FFxik2xiLgR8P0XVGQwaCcpVv
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052384650666721&output=html&h=280&adk=3232636341&adf=3254513062&pi=t.aa~a.4122652283~rp.1&w=500&fwrn=4&fwrnh=100&lmt=1705504205&rafmt=1&to=qs&pwprc=8885713159&format=500x280&url=https%3A%2F%2F3seclab.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705504205281&bpp=1&bdt=1699&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85f5c5c159c77a69%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_Mb93ZQYCJF9PNRrdD0nXxMvr4sL5w&gpic=UID%3D00000d43700928e7%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_MYzgamZlVuSn9boNcaAHLj5-qNlIw&prev_fmts=0x0%2C1200x280&nras=2&correlator=7814081595830&rume=1&frm=20&pv=1&ga_vid=440884274.1705504204&ga_sid=1705504204&ga_hid=1558612209&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31080431%2C95320892%2C95321627%2C95322163%2C95322325%2C31061691%2C31061692&oid=2&psts=AOrYGsl95Ya7pY9kXAFmbNgL7fy4ghf-ulzrwF1d6HFUVvqvJwDESaqv5gDxcdYSHGP0kk2oC1kI7vRjWjmX9Q&pvsid=593978333931182&tmod=1091228091&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:10:06 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 561F 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3fd13aa5309882955edefa1157aab289e1542b6cac5b258f7a486ef88ed1d876
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 12:25:43 GMT
x-content-type-options
nosniff
age
9863
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21360
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Jan 2025 12:25:43 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame F18A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvKpabPM_TS526cY2Ax0H3Ow6xMg6jLXe3Gq8JIuj_HkpE2n9-2MVJHp8slQjj2DZrEWBsx3p9PywEMEvMPBO8Cbr8KhkDum8pusld8ZnFFb1agZ7GXyxV_QVz3C0SGpf9Bm-pVZYWS7qlibE3vvX_-thJA1oUJzkbbvQA_6sTfQkbGFgcqdkPcvnNl18reARWQFImVpA4rwwGbFlaZ8KEDuI6GfL0paomChhEaLnbUYy3VBqnJ-AcsQeIu5o_6brsrOfmdX8d6-scZWhSSRY0tePGKWdJfdS2Phn7L1PapK8eZ2R84PV_4g2OExHI2-9Kzo98z1JBD6N3KKa-SPlrBESzijMl09TwYSiS25v_T50zDEr3W9c5NWffp80DMcyiYbheuIgsnKDBnVB4AFaGEI1qArlFqMTV-dF6Sov3pKYPV-xDLkaCdqqNDekArpkhTlgTbICeZB7DvvHTYh53jkTYyjKz6qEiO-HdsRvK8Vcs5BDOT-tPGUUzyq_czpnIXbCLnhhYIbKkx8NcyhR-FZ3UNQvCofVX9XaV7trVzapYpK-hJUlnxpgzLEWZDjQFaE3mBojihwcMDSzBv5Zadbzw5Zl3GKu8S0aqQPN7GN7icWB2elaetYMVV6o8amkJL11qwMqlVdciqPJrBe48e5WznlRuSkZLMBl4hE8O2u6B4CL-_upssPN4Qnxxgep-iQrPv5cbP6XSeqOpRr-0LSagln4pJqJyFZWZ8aAbtiy8fgpQZQgBxaQ8Ovu4aVq9f_56nnzqGOJMwuNI1MatrFERd_l57qO68cmJqPm_RIO3IA1ZozB6O1voTy_hR0Kioi8ZxIDH4ZyQD0wAyoReaU6cT2jkUymQ5sLibzDoJMMHxMtaW9MwPoqlX5hWAd-0NEJB2WAMUgoQUAZih-uYDgZ_4DjBfsermsCInDVRWZGutkrCM7fw2u2HpS-Q3mIMvqXyHI350SPbvE5QAHy744k03VkQYIjrbDHFHJiPh0xLqBs7xV8reve72r-MuFauv3BePqLFN7qHPkhfayfcqivvD0rCj2ThlFoUwspa03vwfLtwseoSdlJeV8E260mA_8ua2oiQEZoLWcdEb6Apff-MIsYjK5x9N8YT9VXGFCpNpVyXEa9MJk1-XasnDw1v0cS5U01_OwtPRrg5uIEbvTexGocbZiuOspiuaFCgO-LvxgXhKM8_WiBzvpy8ZtcJGMeOjY0ycKO2maaVzkxZr4JjlKUkg3BkBzYjaahvL25TxnZgEGZRRL9lw7J9nixSyBM3IZRFGKntMVDQlMzvy_sTwhO0DLKC7i-LghwZPBaK3KilJ_KfZEY8XI9VAeDppOlUZ&sai=AMfl-YRudhAfa79WGPTgNKgOZsfxY3z6PNF3h4u3U1UsI4kjZpPYAHOOjUznvdH44ueVJgAjJoKHVLp5HSSj4j95vaha5w5MG-tEWQzk2IKxdYMlxZ2RCpsCP323O9IDRSpcgnJADIg7jTZmSnNCG0rdHnc94aQztEKAlMQC5wbVA8GRSCtZUy0SlvsvY04DzIL7OkGFOFSlc8d3IqR5I2MpmcWz7eKZm9fKpK7XjMgaM5mPUSJ7UU1tp0E5GR7ZWUjR5mhjx2livggvJsB4KydwL4f2NapqtGihWadLzOIaug&sig=Cg0ArKJSzN6yvbtiWa2_EAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=685&vt=11&dtpt=364&dett=3&cstd=315&cisv=r20240116.55742&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:10:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 4145 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuZkBeMAi66GGRT0StIbjYSBku2L6w5U5xoewgiHyi1I382txAsec2wn6QnK01bW4DZweBKis8bsYPewYWI6HSoSCs4B5hTuTbL_Qq__F00GocrDQoTWrtGeG4YVl51cVBRWGFKBt69UPkzKiHMImdw-jOV2tM7YRrWta9zcmW7PAJp34Bw7uoU3SlCnRN_IqjobWi0AtpyjdrBFacawJmDS0WB7zsy7aN1ffByBVosVZlRIbZI0Q1CgjNECIveBgMfT7BqxDGTc3E2L0uB7Wdgmz1SvIX7z66wtDJk2PzLHHAc_v7T_9retTx0EqCN6VoWN5F8GUeFRbk1vo-TfOwq6hdlCGuVNrOsuoaez_H6pn-0iKaqm1d0EmtiJbEwepQCaVntAx4ldxFd4B1wpNGtpukiCHiBuVytmj0GsZBZQKvA9uYFcv4tIhjYTOx-lE-bhF4oamWJ3mE_lw_OZ7zXbIvdEGhHMyybAA8itnuXbYKgzXwh6T4dAgqJnYwIIDiciprZiD8unTHbfahQIETBJHmDAhykZhiDHdia3KO1we7j1yOfqHNuf0BOZMrs-PkL-RGicAu66L28oGg0v4Y01PULZIbnoxSCR4HFdp1JpzZ6y3mv1DPytg2H4W7lgSC1pJilnNLKBYLfbA1acuAYfIs6ZoMvi3u9Nw6ijvQCpA0-GoLmgHQyQGF4i8KUDQgTANGN5L7zJGMpAO0qcRgfDjOorOAD0z_pIpa81MKaGKQzSf1zk89_fbZCoN8qp_d_YQPuiLd0eMBKDfQ-nXeE1wemMTDeTLMMKc3YQ8zSMyptL9q-iATKVGFu4fX68d4QcZzh62577CBoqVv0WTgrm8b4E2x-lS49JE42HU0hDEG8jvFYIcBf8oWrpzy3hNkFE5aQFNYN_wrIEioXH7al44f8YhYOBqYhFuNz79SyC0IGQAzcF09Z-yEOIW2I1DzFi_Y3Y_wguZUPDYMv-ZOpZJTUPU2Eqbi1PpOudpPiXTknwOXIY5fYwF_gR8A-BRWK8js1wC1BB7Uq-SwsJ4WOFzP9n2QrP_Qep3offEaHxe3JO-Re2nfQd30qE7O7P38wq42Gq5D0b4nL7BvZdb-cUCcodCdgwYVtr6R9pZHSqa0FYnN_UkylCqE3bifJNIrSi0g4caPyFS-cad9SEp0IPmYvTYlKxmCpDj4zJPLdbLQXcq0Xp9_NSG87aCddl-ZiieAuPnR9f5H21emj3XJUOHtegjk_kWCEJ1kFDOGEGEO8KYW1iWjADNrhTWV42kSyXO1T-qmvNhNTm6wer7Fcz23Nocu0yR8GsiJDqDCxv06Wm4seUaJrX6qy&sai=AMfl-YRQVYD8R43aBs8maT7JPd67v1RixniNra-wOV6okTfIamm349qRjYOFLlGqNJw9jFoa2-iFNZM7taQRsL48XMwTryPa2NIwDzM5vkaYEvf3oOa2Zlei6wVO-9tT665m2ZYAREm3pG8bFALn_IP7tWwkZ7ibw94EiTIzmY2_F5D0-wG6pxq_SbkCpDmzm2p0zH4JkzdyTIAIhBCyd6y-brMbEKyuz8VhMVlHKqadRRJeByeWkaxhrJq_TtXFeTaT5MxMKaWVCCC7UdI5oNCLzAlDrT42u4LhN5mi2pqNiw&sig=Cg0ArKJSzLNVHPdpCIkwEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=642&vt=11&dtpt=356&dett=3&cstd=283&cisv=r20240116.42857&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:10:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
truncated
/ Frame F18A 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8de4807f45fda8584ee495db10f1cd0bf31e1921d44db07219413aefac97a599

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 4145 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e9a94e6a13c292358a9913fc16737eaaea42b230be6ac212e6bf99b41408ef33

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame C551 		65 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240116/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2f6bea46c546f8965429c8793da815b8aa488ea358656607513811e6220f4583
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:33:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
2175
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24615
x-xss-protection
0
server
cafe
etag
10902498161188913397
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 15:33:51 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 8524
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052384650666721&output=html&h=280&adk=3232636341&adf=3254513062&pi=t.aa~a.4122652283~rp.1&w=500&fwrn=4&fwrnh=100&lmt=1705504205&rafmt=1&to=qs&pwprc=8885713159&format=500x280&url=https%3A%2F%2F3seclab.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705504205281&bpp=1&bdt=1699&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85f5c5c159c77a69%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_Mb93ZQYCJF9PNRrdD0nXxMvr4sL5w&gpic=UID%3D00000d43700928e7%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_MYzgamZlVuSn9boNcaAHLj5-qNlIw&prev_fmts=0x0%2C1200x280&nras=2&correlator=7814081595830&rume=1&frm=20&pv=1&ga_vid=440884274.1705504204&ga_sid=1705504204&ga_hid=1558612209&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31080431%2C95320892%2C95321627%2C95322163%2C95322325%2C31061691%2C31061692&oid=2&psts=AOrYGsl95Ya7pY9kXAFmbNgL7fy4ghf-ulzrwF1d6HFUVvqvJwDESaqv5gDxcdYSHGP0kk2oC1kI7vRjWjmX9Q&pvsid=593978333931182&tmod=1091228091&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 17 Jan 2024 15:10:06 GMT
expires
Wed, 17 Jan 2024 15:10:06 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 17 Jan 2024 15:10:06 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame F18A 		65 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240116/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2f6bea46c546f8965429c8793da815b8aa488ea358656607513811e6220f4583
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:33:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
2175
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24615
x-xss-protection
0
server
cafe
etag
10902498161188913397
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 15:33:51 GMT
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame 4145 		65 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240116/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2f6bea46c546f8965429c8793da815b8aa488ea358656607513811e6220f4583
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:33:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
2175
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24615
x-xss-protection
0
server
cafe
etag
10902498161188913397
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 15:33:51 GMT
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 77B6 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:31:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
2335
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 16 Jan 2025 14:31:11 GMT
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame 48B1 		65 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2f6bea46c546f8965429c8793da815b8aa488ea358656607513811e6220f4583
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:33:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
2175
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24615
x-xss-protection
0
server
cafe
etag
10902498161188913397
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 15:33:51 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 48B1 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d4cf1fe6c222ce1c7d4e211a77e04119655e2b630d8fd74cd9ec88e9e205d8b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:10:06 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5716
x-xss-protection
0
logo.svg
s0.2mdn.net/4528404/1687521602712/ Frame 48B1 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1687521602712/logo.svg
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0d80991c6e4b62d5c77985c1e293aad44cc120e03aee7ae6936c79d25a0e467
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/12977775661556909822/index.html?e=69&leftOffset=0&topOffset=0&c=2MW6RW6pHX&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 17:08:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
79295
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1913
x-xss-protection
0
last-modified
Fri, 23 Jun 2023 12:00:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 17 Jan 2024 17:08:31 GMT
apple_iphone15_blau.png
s0.2mdn.net/4528404/ Frame 48B1 		4 MB
4 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/apple_iphone15_blau.png
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2c8d4c4f851bc762ff462329786060fc683b9ac19e857cc9426e95771b648a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/12977775661556909822/index.html?e=69&leftOffset=0&topOffset=0&c=2MW6RW6pHX&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 21:11:37 GMT
x-content-type-options
nosniff
age
64709
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3833315
x-xss-protection
0
last-modified
Fri, 15 Dec 2023 09:30:05 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 17 Jan 2024 21:11:37 GMT
cta_mit-pfeil_01.svg
s0.2mdn.net/4528404/1687937402098/ Frame 48B1 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1687937402098/cta_mit-pfeil_01.svg
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a9cba16c5a30dc7cc3bdcbba2a45e9e2e28ec4437894302c6676369ed0ec732
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/12977775661556909822/index.html?e=69&leftOffset=0&topOffset=0&c=2MW6RW6pHX&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 15:56:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
83630
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1134
x-xss-protection
0
last-modified
Wed, 28 Jun 2023 07:30:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 17 Jan 2024 15:56:16 GMT
stoerer-120sparen-links.svg
s0.2mdn.net/4528404/1702634402667/ Frame 48B1 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1702634402667/stoerer-120sparen-links.svg
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a746b54d9607284603c4b6d8ffdb8ee004ce3d3cd7d431801c42436ee9d3572
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/12977775661556909822/index.html?e=69&leftOffset=0&topOffset=0&c=2MW6RW6pHX&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 21:28:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63696
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1945
x-xss-protection
0
last-modified
Fri, 15 Dec 2023 10:00:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 17 Jan 2024 21:28:30 GMT
logo-d0d80991.svg
s0.2mdn.net/sadbundle/12977775661556909822/ Frame 48B1 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12977775661556909822/logo-d0d80991.svg
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0d80991c6e4b62d5c77985c1e293aad44cc120e03aee7ae6936c79d25a0e467
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12977775661556909822/index.html?e=69&leftOffset=0&topOffset=0&c=2MW6RW6pHX&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 16 Jan 2025 02:23:22 GMT
date
Wed, 17 Jan 2024 02:23:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46004
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1913
x-xss-protection
0
last-modified
Tue, 16 Jan 2024 15:33:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame AFEE 		65 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2f6bea46c546f8965429c8793da815b8aa488ea358656607513811e6220f4583
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:33:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
2175
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24615
x-xss-protection
0
server
cafe
etag
10902498161188913397
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 15:33:51 GMT
apple_iphone15_blau.png
s0.2mdn.net/4528404/ Frame AFEE 		4 MB
4 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/apple_iphone15_blau.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16194089670991452542/template-2d058155.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2c8d4c4f851bc762ff462329786060fc683b9ac19e857cc9426e95771b648a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/16194089670991452542/index.html?e=69&leftOffset=0&topOffset=0&c=Hv1rQvFnSe&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 21:11:37 GMT
x-content-type-options
nosniff
age
64709
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3833315
x-xss-protection
0
last-modified
Fri, 15 Dec 2023 09:30:05 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 17 Jan 2024 21:11:37 GMT
cta_mit-pfeil_01.svg
s0.2mdn.net/4528404/1687937402098/ Frame AFEE 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1687937402098/cta_mit-pfeil_01.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16194089670991452542/template-2d058155.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a9cba16c5a30dc7cc3bdcbba2a45e9e2e28ec4437894302c6676369ed0ec732
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/16194089670991452542/index.html?e=69&leftOffset=0&topOffset=0&c=Hv1rQvFnSe&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 15:56:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
83630
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1134
x-xss-protection
0
last-modified
Wed, 28 Jun 2023 07:30:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 17 Jan 2024 15:56:16 GMT
stoerer-120sparen-links.svg
s0.2mdn.net/4528404/1702634402667/ Frame AFEE 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1702634402667/stoerer-120sparen-links.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16194089670991452542/template-2d058155.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a746b54d9607284603c4b6d8ffdb8ee004ce3d3cd7d431801c42436ee9d3572
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/16194089670991452542/index.html?e=69&leftOffset=0&topOffset=0&c=Hv1rQvFnSe&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 21:28:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63696
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1945
x-xss-protection
0
last-modified
Fri, 15 Dec 2023 10:00:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 17 Jan 2024 21:28:30 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame AFEE 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d960d962ad82e978743dd80842b508aa661a3c6a982ce9797a28904d79d2495
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:10:06 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5857
x-xss-protection
0
logo-v2.svg
s0.2mdn.net/4528404/1687769488937/ Frame AFEE 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1687769488937/logo-v2.svg
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
59196f295fdadd3391cfbb187fef654f77ae385d6f8555c588963b521b1a98a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/16194089670991452542/index.html?e=69&leftOffset=0&topOffset=0&c=Hv1rQvFnSe&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 09:56:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18805
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1838
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 08:51:29 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 18 Jan 2024 09:56:41 GMT
logo-d0d80991.svg
s0.2mdn.net/sadbundle/16194089670991452542/ Frame AFEE 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16194089670991452542/logo-d0d80991.svg
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0d80991c6e4b62d5c77985c1e293aad44cc120e03aee7ae6936c79d25a0e467
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16194089670991452542/index.html?e=69&leftOffset=0&topOffset=0&c=Hv1rQvFnSe&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 16 Jan 2025 02:19:03 GMT
date
Wed, 17 Jan 2024 02:19:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46263
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1913
x-xss-protection
0
last-modified
Tue, 16 Jan 2024 15:24:49 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame CDFE 		65 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2f6bea46c546f8965429c8793da815b8aa488ea358656607513811e6220f4583
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:33:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
2175
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24615
x-xss-protection
0
server
cafe
etag
10902498161188913397
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 15:33:51 GMT
logo.svg
s0.2mdn.net/4528404/1687521602712/ Frame CDFE 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1687521602712/logo.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16194089670991452542/template-2d058155.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0d80991c6e4b62d5c77985c1e293aad44cc120e03aee7ae6936c79d25a0e467
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/16194089670991452542/index.html?e=69&leftOffset=0&topOffset=0&c=CSTZhzLPkK&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 17:08:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
79295
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1913
x-xss-protection
0
last-modified
Fri, 23 Jun 2023 12:00:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 17 Jan 2024 17:08:31 GMT
cta_mit-pfeil_01.svg
s0.2mdn.net/4528404/1687937402098/ Frame CDFE 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1687937402098/cta_mit-pfeil_01.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16194089670991452542/template-2d058155.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a9cba16c5a30dc7cc3bdcbba2a45e9e2e28ec4437894302c6676369ed0ec732
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/16194089670991452542/index.html?e=69&leftOffset=0&topOffset=0&c=CSTZhzLPkK&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 15:56:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
83630
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1134
x-xss-protection
0
last-modified
Wed, 28 Jun 2023 07:30:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 17 Jan 2024 15:56:16 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame CDFE 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2a891dd66730225e7e9f4c9d6c4ec564a787e43d5e34c113a22566f78d0973d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:10:06 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5849
x-xss-protection
0
logo-d0d80991.svg
s0.2mdn.net/sadbundle/16194089670991452542/ Frame CDFE 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16194089670991452542/logo-d0d80991.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16194089670991452542/template-2d058155.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0d80991c6e4b62d5c77985c1e293aad44cc120e03aee7ae6936c79d25a0e467
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16194089670991452542/index.html?e=69&leftOffset=0&topOffset=0&c=CSTZhzLPkK&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 16 Jan 2025 02:19:03 GMT
date
Wed, 17 Jan 2024 02:19:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46263
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1913
x-xss-protection
0
last-modified
Tue, 16 Jan 2024 15:24:49 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
kacheln.svg
s0.2mdn.net/4528404/1693566003742/ Frame CDFE 		1 KB
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1693566003742/kacheln.svg
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f53e834474e33540f149e24fb765f3ccbb808b07c2e650ae1aafdb165611c15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/16194089670991452542/index.html?e=69&leftOffset=0&topOffset=0&c=CSTZhzLPkK&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 09:00:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22167
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
482
x-xss-protection
0
last-modified
Fri, 01 Sep 2023 11:00:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 18 Jan 2024 09:00:39 GMT
agata.png
s0.2mdn.net/4528404/ Frame CDFE 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/agata.png
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96ba8dcd11d2e05a343a7dfe34dbae7c1fb48cda32eec0532d006b0ef2e20e37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/16194089670991452542/index.html?e=69&leftOffset=0&topOffset=0&c=CSTZhzLPkK&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 09:05:54 GMT
x-content-type-options
nosniff
age
21852
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2436365
x-xss-protection
0
last-modified
Fri, 01 Sep 2023 10:30:05 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 18 Jan 2024 09:05:54 GMT
stoerer-links-oben-pink.svg
s0.2mdn.net/4528404/1698156002479/ Frame CDFE 		566 B
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1698156002479/stoerer-links-oben-pink.svg
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
62d8e57ac9942eeefb1d01232cc721f5a059607dfb5272c0bd259397beb1550c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/16194089670991452542/index.html?e=69&leftOffset=0&topOffset=0&c=CSTZhzLPkK&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 08:14:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24956
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
377
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 14:00:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 18 Jan 2024 08:14:10 GMT
congstar-Stoerer_Bestes_Netz_horizontal-01.svg
s0.2mdn.net/4528404/1693580403764/ Frame CDFE 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1693580403764/congstar-Stoerer_Bestes_Netz_horizontal-01.svg
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db2a0a3f32617aa69bf04a9c1ac37a7e2c6e9801af79bb11f25c1f4f5ec45bb7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/16194089670991452542/index.html?e=69&leftOffset=0&topOffset=0&c=CSTZhzLPkK&t=1&renderingType=2&ev=01_250
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:00:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
605
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2160
x-xss-protection
0
last-modified
Fri, 01 Sep 2023 15:00:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 18 Jan 2024 15:00:01 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 48B1 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:10:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 17 Jan 2024 15:10:06 GMT
bg.jpg
s0.2mdn.net/sadbundle/2697211176333753978/ Frame E229 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2697211176333753978/bg.jpg?1701868084302
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052384650666721&output=html&h=280&adk=1958173566&adf=867136312&pi=t.aa~a.2964258233~rp.1&w=500&fwrn=4&fwrnh=100&lmt=1705504205&rafmt=1&to=qs&pwprc=8885713159&format=500x280&url=https%3A%2F%2F3seclab.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705504205281&bpp=1&bdt=1699&idt=0&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85f5c5c159c77a69%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_Mb93ZQYCJF9PNRrdD0nXxMvr4sL5w&gpic=UID%3D00000d43700928e7%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_MYzgamZlVuSn9boNcaAHLj5-qNlIw&prev_fmts=0x0%2C1200x280%2C500x280&nras=3&correlator=7814081595830&rume=1&frm=20&pv=1&ga_vid=440884274.1705504204&ga_sid=1705504204&ga_hid=1558612209&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=2001&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31080431%2C95320892%2C95321627%2C95322163%2C95322325%2C31061691%2C31061692&oid=2&psts=AOrYGsl95Ya7pY9kXAFmbNgL7fy4ghf-ulzrwF1d6HFUVvqvJwDESaqv5gDxcdYSHGP0kk2oC1kI7vRjWjmX9Q&pvsid=593978333931182&tmod=1091228091&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99589eed955e57d3afcd0579de31b576b7b6aa69e9dcf68b89be8758333c73a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2697211176333753978/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 16 Jan 2025 02:17:47 GMT
date
Wed, 17 Jan 2024 02:17:47 GMT
x-content-type-options
nosniff
age
46339
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32579
x-xss-protection
0
last-modified
Fri, 15 Dec 2023 05:04:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
view
googleads4.g.doubleclick.net/pcs/ Frame 08B7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu2EV2aSWc9MkAu7_rAowJSBg8JaT8U-9v4KN4Yw-weFpFIR9Pbhf_L5RFLWpulmf_YHFmgTdHcQqmAdWkuJhNXBcLtlXGL7aNXFYxrBmeyPfycYtpnVO3Hjk_CTuXgr0Jr5bfqaTha4BJyjrQyExVTJIbxeaHIBYTjY_oGLq_qzif6d6Tzpn3f_anB4yOPVfMXQtC3FaLvrUQIErWrYJsGwYKO9IesSxwMoP-82w734zVnSLwoRiaJcUB6RSeQ8x0DQPLWyqvTGY2SyFNgccouRI9APdGzd3K7k70g09sPYxpy7_o08G9WCRocLaSVqioDsXdCUtSM0HHQ3pZh6ZCRCoSsAkpPZRF89sgdQla9ZgLEh1HWZ07Dq0d6HAgpCzyWvZjwfAOPByx0MzQqS5X180IEhAmSmE451X5DKGtFM_EsJjdNIy0GsqwutXruGEoGuqsanv7goWh5_QT4oX1VeiMs5Cx9yip8LwazOBBkNu-E4rQ_CfFA4QEuKT21p2p8N6zvHEn0_kkN5akaD94NeJ9ROg2ca_od0XwiRSgLlqaSTVYTYh5CJDTfHKYNaD62-0uR3ATMYaf9ZwDdwO7McMMLxdvr4UlAH0w-PUAh_jsSW7USoOOeHGP4iylA7EbeIolRWVn7sCdSPS1xMD4Sgv0TYxKDRW9gz4QhpXGHd5wfACXJCRBWLUALrNHzuNoeUS2QohelLAhePZix6yn5PUyQCdUzh4MzPqBin5-IXmETloH5GrSlcHWxn0G3XaBPxj5HpaDZWFdfyzZ7purT_sQEOj7UFT08YK9cJE0uY7-k43J-QPGqK29EWHumQu3YsUyO_FcmbnSA8AveQenMFAwRLh-CHjaxa2rPV5x83_LVDYuCOlQ0XsYOCgyDkLg1UMMBdDTS1VDoJXf2O-A-jMTmJvE_j6zT_ZnajiYByh8qrt32frtPuhD7GfZZRiERUTfg05AOF9OHDNyza1r2OoQG-DvIeDTUDilTXMbHWf2LAZFQhHgRPiFo-kUzN_2Ps_OTq2Lvpc_iDTiHIdw2r1CzeyBXEMW3DuGQpXWodOjK-g26gO3O0rxGHgizYvWIe1XkogbxfIZGrzVPAQTaW7ajpVI2zSOxFzs-HLOnD2qvIwCZzwGa3s9I7L5Q2Lt9j8qwQYsZrvrr-SsArqM9Jd_G-1mu-ZKNPbacoWBmYArE1JCSu3fIOn8KNsc_fRAIeJR4dBbB5lO8HBH2OT0EWfQYHewolDRNXF3L4oL-AVATYfYpTZtkHbLmvZI1-_ZB6UmyKEFYavI7mfJdNCUd1m_5FHaMfswyzjkrDpoykVA4TbIcJmUxq09-J6pQEuTDeoUc1XJtiOk1ZPRAV56QKJml1S710jHh12HmfECh6g&sai=AMfl-YTsA6uGDE02gau8VG9YmeMaYO2GYaHb4jnvMTeWaiYciDNmDiaJV6Jfjt6PwyHXzBgf_RgKAWIAKO2nBQBH9ZqiMd9p9Yqvx8ryirMDO5DOg7XcOhgm_1d_60lAj4BtsaHIQRGeq-I_whUtfzooYQSGqa8ngzyjWeAXjhUP5U8kBNtF1fISIsvHINXaVsXflicONAKpKqcsmC_mlG28yStK7gD4NL575nc7StRXLcCUsnMlmrWjKqDQ5TA2KvoERr2jRhjGXJPHY9MS3hJu-eDUjM2PFqQkGQ&sig=Cg0ArKJSzOZB6gEm9qBrEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=289&vt=11&dtpt=201&dett=3&cstd=86&cisv=r20240116.84671&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:10:06 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame AFEE 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:10:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 17 Jan 2024 15:10:06 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame CDFE 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:10:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 17 Jan 2024 15:10:06 GMT
csi
csi.gstatic.com/ Frame C551 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lrhx6412&chm=1&ctx=2&gqid=zO2nZd_7F8C89u8P5MOgwA4&qqid=CILglaLa5IMDFReHjggdaCUHjw&met.4=fb.4~lb.8v~ol.pn~bdt.-1h7~bpp.-14i~idt.-vw~dtd.-vf~dt.-1ag&met.3=374.b7~113.tp_2~113.tr~112.tp_2&met.1=1.lrhx637d~14.0~15.0~16.0~17.0~18.0~19.0~20.0~21.0~22.9s~23.9s~1.lrhx6356~6.0~7.0~8.0~9.0~10.0~12.0~13.16~14.1b~15.1e~16.2g~17.2g~18.2g~19.rv~20.rv~21.rv&met.7=CCgQCBgB~CCgQBRgBIAQoBDDaATjWAWgIcNkBeIoEgAHeAYgB8ASwAQG4AQM~CBwQChgBIAUoBTCRATiMAWgIcIoBeKn4AYAB_fUBiAGFxwWwAQG4AQM~CB4QChgBIAUoBTA4ODNoCHA1eIAMgAHUCYgBgRWwAQG4AQM~CBwQChgBIAUoBTA1ODBoCHAveNhEgAGsQogB1KEBsAEBuAED~CCoQChgBIAUoBTDVATjQAWgIcKgBeN-HBIABs4UEiAGS5wywAQG4AQM~CBwQBhgBIAUoBTCgATibAWgIcJ0BeNYCgAEqiAEqsAEBuAED~CBwQARgBIJIBKJIBMKwCOJoBaJMBcKoCeKwCsAEBuAED~CBwQARgBIJMBKJMBMKsCOJgBaJMBcKkCeKwCsAEBuAED~CCgQChgBIJQBKJQBMJMCOH9olQFw_QF4pr4CgAH6uwKIAdSoBrABAbgBAw~CCkQChgBILoCKLoCMJkEON8BaNACcOMDeNniA4ABreADiAG14wqwAQG4AQM~CBwQChgBILsCKLsCMOQCOClouwJw4wJ4yySAAZ8iiAGwXLABAbgBAw~CAkQChgBIL4CKL4CMOkCOCtovgJw5gJ4mV-AAe1ciAGA-QGwAQG4AQM~CCcQChgBIL4CKL4CMPICODRovgJw5wJ4nW-AAfFsiAHpyQKwAQG4AQM~CCcQBRgBIJADKJADMMgDODhokwNwwAN4oWiAAfVliAH-sAKwAQG4AQM~CB8QBRgBIMQEKMQEMNMFOI8BUMUEWIcFYMUEaIoFcNIFeMYFgAGaA4gBnwWwAQG4AQM~CCIQBBgBIMkEKMkEMJ4GONYBaKEFcJ0GeKwCsAEBuAED~CCIQBBgBIJsHKJsHMOkHOE5omwdw5wd4rAKwAQG4AQM~CCgQChgBIKwHKKwHMI4IOGJorQdw1Ad408IBgAGnwAGIAcyEBLABAbgBAw~CCgQCBgBMC846wdoAXAqePkigAHNIIgBwEegAbH__________wGwAQG4AQM
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400e:c03::78 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:06 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame F18A 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lrhx641b&chm=1&ctx=2&gqid=zO2nZd_7F8C89u8P5MOgwA4&qqid=CIDglaLa5IMDFReHjggdaCUHjw&met.4=fb.4~lb.7k~ol.qh~bdt.-1gm~bpp.-13x~idt.-vb~dtd.-uu~dt.-19v&met.3=374.ah~113.uj_1~113.uk~112.uj_1&met.1=1.lrhx636s~14.0~15.0~16.0~17.0~18.0~19.0~20.0~21.0~1.lrhx6353~6.1~7.1~8.1~9.1~10.1~12.1~13.14~14.15~15.1b~16.2j~17.2j~18.2j~19.s6~20.s6~21.s6&met.7=CCgQCBgBMAE4AQ~CCgQBRgBIAUoBTBWOFJoB3BUeIoEgAHeAYgB8ASwAQG4AQM~CBwQChgBIAUoBTBcOFdoBnBXeKn4AYAB_fUBiAGFxwWwAQG4AQM~CB4QChgBIAUoBTA2ODFoB3A0eIAMgAHUCYgBgRWwAQG4AQM~CBwQChgBIAUoBTA0OC9oB3AueNhEgAGsQogB1KEBsAEBuAED~CCoQChgBIAUoBTC9ATi4AWgHcJYBeN-HBIABs4UEiAGS5wywAQG4AQM~CBwQBhgBIAUoBTCfATiZAWgHcJwBeNYCgAEqiAEqsAEBuAED~CBwQARgBIHAocDCJAjiZAWhwcIgCeKwCsAEBuAED~CBwQARgBIHIocjCLAjiYAWhycIgCeKwCsAEBuAED~CCgQChgBIHcodzDzATh8aHdw1wF4-roCgAHOuAKIAZ2kBrABAbgBAw~CCkQChgBIIoCKIoCMKgEOJ4CUIoCWOUCYLICaOUCcI4DeNniA4ABreADiAG14wqwAQG4AQM~CBwQChgBIIsCKIsCMLQCOCloiwJwswJ4yySAAZ8iiAGwXLABAbgBAw~CAkQChgBII0CKI0CMLgCOCtojQJwtAJ4mV-AAe1ciAGA-QGwAQG4AQM~CCcQChgBII4CKI4CMLkCOCtojgJwtgJ4nW-AAfFsiAHpyQKwAQG4AQM~CCcQBRgBIPUCKPUCMKwDODdo9gJwpQN4oWiAAfVliAH-sAKwAQG4AQM~CB8QBRgBIMgEKMgEMOwFOKQBaJ8FcOkFeMUFgAGZA4gBoQWwAQG4AQM~CCIQBBgBIM4EKM4EMLQGOOYBUN4EWLYFYIYFaLYFcLMGeKwCsAEBuAED~CCIQBBgBILkHKLkHMIcIOE5ouQdwhgh4rAKwAQG4AQM~CCgQChgBIMoHKMoHMLsIOHFoygdw9Ad408IBgAGnwAGIAcyEBLABAbgBAw~CCgQCBgBMCk49gdoAXAoePkigAHNIIgBwEegAcP__________wGwAQG4AQM
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400e:c03::78 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:06 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 4145 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lrhx641i&chm=1&ctx=2&gqid=zO2nZd_7F8C89u8P5MOgwA4&qqid=CIHglaLa5IMDFReHjggdaCUHjw&met.4=fb.4~lb.8h~ol.q8~bdt.-1gx~bpp.-148~idt.-vm~dtd.-v5~dt.-1a6&met.3=374.a7~113.ug_1~113.ug~112.uf_1&met.1=1.lrhx6373~14.0~15.0~16.0~17.0~18.0~19.0~20.0~21.0~1.lrhx6355~6.0~7.0~8.0~9.0~10.0~12.1~13.14~14.16~15.1c~16.2h~17.2h~18.2h~19.s6~20.s6~21.s6&met.7=CCgQCBgBOAE~CCgQBRgBIAUoBTBhOFxoBnBfeIoEgAHeAYgB8ASwAQG4AQM~CBwQChgBIAUoBTB8OHdoBnB0eKn4AYAB_fUBiAGFxwWwAQG4AQM~CB4QChgBIAUoBTA4ODNoBnA3eIAMgAHUCYgBgRWwAQG4AQM~CBwQChgBIAUoBTA3ODJoBnAueNhEgAGsQogB1KEBsAEBuAED~CCoQChgBIAUoBTDjATjdAWgGcMcBeN-HBIABs4UEiAGS5wywAQG4AQM~CBwQBhgBIAYoBjCfATiaAWgHcJ0BeNYCgAEqiAEqsAEBuAED~CBwQARgBIH0ofTCVAjiYAWh-cJICeKwCsAEBuAED~CBwQARgBIH4ofjCXAjiZAWh-cJMCeKwCsAEBuAED~CCgQChgBIH8ofzCXAjiYAWiAAXDoAXjbuwKAAa-5AogBl8cGsAEBuAED~CCkQChgBIKsCKKsCMKIEOPcBaNoCcOwDeNniA4ABreADiAG14wqwAQG4AQM~CBwQChgBIKwCKKwCMNUCOClorQJw1AJ4yySAAZ8iiAGwXLABAbgBAw~CAkQChgBIK8CKK8CMNoCOCxorwJw1gJ4mV-AAe1ciAGA-QGwAQG4AQM~CCcQChgBIK8CKK8CMNoCOCtorwJw2AJ4nW-AAfFsiAHpyQKwAQG4AQM~CCcQBRgBIO8CKO8CMKwDOD1o8QJwoQN4oWiAAfVliAH-sAKwAQG4AQM~CB8QBRgBIMkEKMkEMOEFOJkBaJQFcN8FeMUFgAGZA4gBoQWwAQG4AQM~CCIQBBgBIMwEKMwEMKgGONwBaKsFcKcGeKwCsAEBuAED~CCIQBBgBILAHKLAHMPsHOEtosAdw-gd4rAKwAQG4AQM~CCgQChgBIMAHKMAHMLIIOHJowAdwhAh408IBgAGnwAGIAcyEBLABAbgBAw~CCgQCBgBMCo49gdoAXAoePkigAHNIIgBwEegAbr__________wGwAQG4AQM
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400e:c03::78 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:06 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 48B1 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lrhx641k&ctx=3&gqid=zO2nZd_7F8C89u8P5MOgwA4&qqid=CILglaLa5IMDFReHjggdaCUHjw&met.3=113.e3~112.e3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400e:c03::78 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:06 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame AFEE 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lrhx641l&ctx=3&gqid=zO2nZd_7F8C89u8P5MOgwA4&qqid=CIDglaLa5IMDFReHjggdaCUHjw&met.3=113.el~112.el
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400e:c03::78 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:06 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame CDFE 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lrhx641m&ctx=3&gqid=zO2nZd_7F8C89u8P5MOgwA4&qqid=CIHglaLa5IMDFReHjggdaCUHjw&met.3=113.ea~112.ea
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400e:c03::78 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:06 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
4a.js
static.adsafeprotected.com/ Frame 08B7
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/1875473/77671614/4.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1015657930&ias_pubId=pub-7052384650666721&ias_chanId=1&ias_placementId=20907174852&bidurl=ht...
  • https://static.adsafeprotected.com/4a.js
2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4a.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052384650666721&output=html&h=280&adk=1958173566&adf=867136312&pi=t.aa~a.2964258233~rp.1&w=500&fwrn=4&fwrnh=100&lmt=1705504205&rafmt=1&to=qs&pwprc=8885713159&format=500x280&url=https%3A%2F%2F3seclab.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705504205281&bpp=1&bdt=1699&idt=0&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85f5c5c159c77a69%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_Mb93ZQYCJF9PNRrdD0nXxMvr4sL5w&gpic=UID%3D00000d43700928e7%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_MYzgamZlVuSn9boNcaAHLj5-qNlIw&prev_fmts=0x0%2C1200x280%2C500x280&nras=3&correlator=7814081595830&rume=1&frm=20&pv=1&ga_vid=440884274.1705504204&ga_sid=1705504204&ga_hid=1558612209&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=2001&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31080431%2C95320892%2C95321627%2C95322163%2C95322325%2C31061691%2C31061692&oid=2&psts=AOrYGsl95Ya7pY9kXAFmbNgL7fy4ghf-ulzrwF1d6HFUVvqvJwDESaqv5gDxcdYSHGP0kk2oC1kI7vRjWjmX9Q&pvsid=593978333931182&tmod=1091228091&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=5
Protocol
H2
Server
2600:9000:223f:ba00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f10d5bdd8d60943848d514b3aa6e7d4d663e669069c8ed946ff4ed262a288a07

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 21:47:27 GMT
x-amz-version-id
B2DECWousx5u_bYFIOwt8kPa0gFIEK1b
content-encoding
gzip
via
1.1 eb6e5773d654b9aeadbed8169564506c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
494560
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Thu, 11 Jan 2024 21:47:24 GMT
server
AmazonS3
etag
W/"2105f244154aad4862ff53a961b1f1a4"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
GEsKlgo87yVhjXfh0Yg2iiXTtKxUmgY0WI049UsMndV84auUprf8dg==

Redirect headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:06 GMT
server
nginx
x-server-name
app15.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4a.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame C46A 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052384650666721&output=html&h=280&adk=1958173566&adf=867136312&pi=t.aa~a.2964258233~rp.1&w=500&fwrn=4&fwrnh=100&lmt=1705504205&rafmt=1&to=qs&pwprc=8885713159&format=500x280&url=https%3A%2F%2F3seclab.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705504205281&bpp=1&bdt=1699&idt=0&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85f5c5c159c77a69%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_Mb93ZQYCJF9PNRrdD0nXxMvr4sL5w&gpic=UID%3D00000d43700928e7%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_MYzgamZlVuSn9boNcaAHLj5-qNlIw&prev_fmts=0x0%2C1200x280%2C500x280&nras=3&correlator=7814081595830&rume=1&frm=20&pv=1&ga_vid=440884274.1705504204&ga_sid=1705504204&ga_hid=1558612209&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=2001&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31080431%2C95320892%2C95321627%2C95322163%2C95322325%2C31061691%2C31061692&oid=2&psts=AOrYGsl95Ya7pY9kXAFmbNgL7fy4ghf-ulzrwF1d6HFUVvqvJwDESaqv5gDxcdYSHGP0kk2oC1kI7vRjWjmX9Q&pvsid=593978333931182&tmod=1091228091&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:ba00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 eb6e5773d654b9aeadbed8169564506c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
10249256
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
hBfn6KBj-1JpjCbOhBZgNv2bkOBb_yP0d-tv8pIb43pNMmtbJctrbw==
/
www.googleadservices.com/pagead/ar-adview/ Frame 561F
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CzdB3ze2nZazoF63NuvQP9fW88AeWkeLvdPWh8o78EcCNtwEQASCzgr2AAWCVgoCAsAegAdbErqIDyAEBqQL3ypkzvo0JPqgDAcgDwwSqBOIBT9DcCHEpZM2gfG5U35q_q4YnSH29QQ3-2lD...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229222587609903619200%22,%22debug_reporting%22:true,%22destination%22:%22https://misou.co.kr%22,%22event_report_window%22:%2...
0
22 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229222587609903619200%22,%22debug_reporting%22:true,%22destination%22:%22https://misou.co.kr%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22877371990%22],%2222%22:[%22true%22],%224%22:[%2201-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224966427951081888689%22}&andc=true
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:10:07 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"9222587609903619200","debug_reporting":true,"destination":"https://misou.co.kr","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["877371990"],"22":["true"],"4":["01-17"],"6":["true"]},"priority":"500","source_event_id":"4966427951081888689"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 17 Jan 2024 15:10:07 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 17 Jan 2024 15:10:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"9222587609903619200","debug_reporting":true,"destination":"https://misou.co.kr","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["877371990"],"22":["true"],"4":["01-17"],"6":["true"]},"priority":"500","source_event_id":"4966427951081888689"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
dt
dt.adsafeprotected.com/ Frame 08B7 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1875473&asId=972324fa-d288-260c-671b-b32e16643e57&tv=%7Bc:1zuDB2,pingTime:-3,time:49,type:v,im:%7BpBlk:32%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:16%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:50,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B44~0%5D,as:%5B44~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u1DjQgr+11%7C12%7C131%7C141%7C142%7C151*.1875473-77671614%7C1511%7C1512%7C15131%7C1514%7C1611%7C1711%7C1712%7C1713%7C1811%7C1812%7C1813%7C1911%7C1912%7C1913,idMap:151*,rmeas:1,rend:0,renddet:na,siq:17%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052384650666721&output=html&h=280&adk=1958173566&adf=867136312&pi=t.aa~a.2964258233~rp.1&w=500&fwrn=4&fwrnh=100&lmt=1705504205&rafmt=1&to=qs&pwprc=8885713159&format=500x280&url=https%3A%2F%2F3seclab.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705504205281&bpp=1&bdt=1699&idt=0&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85f5c5c159c77a69%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_Mb93ZQYCJF9PNRrdD0nXxMvr4sL5w&gpic=UID%3D00000d43700928e7%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_MYzgamZlVuSn9boNcaAHLj5-qNlIw&prev_fmts=0x0%2C1200x280%2C500x280&nras=3&correlator=7814081595830&rume=1&frm=20&pv=1&ga_vid=440884274.1705504204&ga_sid=1705504204&ga_hid=1558612209&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=2001&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31080431%2C95320892%2C95321627%2C95322163%2C95322325%2C31061691%2C31061692&oid=2&psts=AOrYGsl95Ya7pY9kXAFmbNgL7fy4ghf-ulzrwF1d6HFUVvqvJwDESaqv5gDxcdYSHGP0kk2oC1kI7vRjWjmX9Q&pvsid=593978333931182&tmod=1091228091&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:d34e:2c1b:3408:57ec Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:06 GMT
server
nginx
x-server-name
dt12.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 08B7 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1875473&asId=972324fa-d288-260c-671b-b32e16643e57&tv=%7Bc:1zuDB3,pingTime:-6,time:50,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:50,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B44~0%5D,as:%5B44~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u1DjQgr+11%7C12%7C131%7C141%7C142%7C151*.1875473-77671614%7C1511%7C1512%7C15131%7C1514%7C1611%7C1711%7C1712%7C1713%7C1811%7C1812%7C1813%7C1911%7C1912%7C1913,idMap:151*,rmeas:1,rend:0,renddet:na,siq:17%7D&tpiLookup=ao:3seclab.com*%2Cgoogleads.g.doubleclick.net*&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052384650666721&output=html&h=280&adk=1958173566&adf=867136312&pi=t.aa~a.2964258233~rp.1&w=500&fwrn=4&fwrnh=100&lmt=1705504205&rafmt=1&to=qs&pwprc=8885713159&format=500x280&url=https%3A%2F%2F3seclab.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705504205281&bpp=1&bdt=1699&idt=0&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85f5c5c159c77a69%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_Mb93ZQYCJF9PNRrdD0nXxMvr4sL5w&gpic=UID%3D00000d43700928e7%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_MYzgamZlVuSn9boNcaAHLj5-qNlIw&prev_fmts=0x0%2C1200x280%2C500x280&nras=3&correlator=7814081595830&rume=1&frm=20&pv=1&ga_vid=440884274.1705504204&ga_sid=1705504204&ga_hid=1558612209&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=2001&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31080431%2C95320892%2C95321627%2C95322163%2C95322325%2C31061691%2C31061692&oid=2&psts=AOrYGsl95Ya7pY9kXAFmbNgL7fy4ghf-ulzrwF1d6HFUVvqvJwDESaqv5gDxcdYSHGP0kk2oC1kI7vRjWjmX9Q&pvsid=593978333931182&tmod=1091228091&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:d34e:2c1b:3408:57ec Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:06 GMT
server
nginx
x-server-name
dt10.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
cars.png
s0.2mdn.net/sadbundle/2697211176333753978/ Frame E229 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2697211176333753978/cars.png?1701868084302
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052384650666721&output=html&h=280&adk=1958173566&adf=867136312&pi=t.aa~a.2964258233~rp.1&w=500&fwrn=4&fwrnh=100&lmt=1705504205&rafmt=1&to=qs&pwprc=8885713159&format=500x280&url=https%3A%2F%2F3seclab.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705504205281&bpp=1&bdt=1699&idt=0&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85f5c5c159c77a69%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_Mb93ZQYCJF9PNRrdD0nXxMvr4sL5w&gpic=UID%3D00000d43700928e7%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_MYzgamZlVuSn9boNcaAHLj5-qNlIw&prev_fmts=0x0%2C1200x280%2C500x280&nras=3&correlator=7814081595830&rume=1&frm=20&pv=1&ga_vid=440884274.1705504204&ga_sid=1705504204&ga_hid=1558612209&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=2001&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31080431%2C95320892%2C95321627%2C95322163%2C95322325%2C31061691%2C31061692&oid=2&psts=AOrYGsl95Ya7pY9kXAFmbNgL7fy4ghf-ulzrwF1d6HFUVvqvJwDESaqv5gDxcdYSHGP0kk2oC1kI7vRjWjmX9Q&pvsid=593978333931182&tmod=1091228091&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d4b70074eb7d712dfe4dcb2c20473bc5bb8d9de71e7cddf63345963d3008f0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2697211176333753978/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Thu, 16 Jan 2025 02:09:44 GMT
date
Wed, 17 Jan 2024 02:09:44 GMT
x-content-type-options
nosniff
age
46822
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41188
x-xss-protection
0
last-modified
Fri, 15 Dec 2023 05:04:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js
pagead2.googlesyndication.com/bg/ Frame 6BA6 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/WCj_J8NcEslNDYs839d7KGBgNEN8AJkC0oz39by2qQc.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052384650666721&output=html&h=280&adk=3232636341&adf=3254513062&pi=t.aa~a.4122652283~rp.1&w=500&fwrn=4&fwrnh=100&lmt=1705504205&rafmt=1&to=qs&pwprc=8885713159&format=500x280&url=https%3A%2F%2F3seclab.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705504205281&bpp=1&bdt=1699&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85f5c5c159c77a69%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_Mb93ZQYCJF9PNRrdD0nXxMvr4sL5w&gpic=UID%3D00000d43700928e7%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_MYzgamZlVuSn9boNcaAHLj5-qNlIw&prev_fmts=0x0%2C1200x280&nras=2&correlator=7814081595830&rume=1&frm=20&pv=1&ga_vid=440884274.1705504204&ga_sid=1705504204&ga_hid=1558612209&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31080431%2C95320892%2C95321627%2C95322163%2C95322325%2C31061691%2C31061692&oid=2&psts=AOrYGsl95Ya7pY9kXAFmbNgL7fy4ghf-ulzrwF1d6HFUVvqvJwDESaqv5gDxcdYSHGP0kk2oC1kI7vRjWjmX9Q&pvsid=593978333931182&tmod=1091228091&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5828ff27c35c12c94d0d8b3cdfd77b28606034437c009902d28cf7f5bcb6a907
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 15:08:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
86478
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19599
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 15 Jan 2025 15:08:48 GMT
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame 561F 		65 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052384650666721&output=html&h=280&adk=3232636341&adf=3254513062&pi=t.aa~a.4122652283~rp.1&w=500&fwrn=4&fwrnh=100&lmt=1705504205&rafmt=1&to=qs&pwprc=8885713159&format=500x280&url=https%3A%2F%2F3seclab.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705504205281&bpp=1&bdt=1699&idt=-M&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85f5c5c159c77a69%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_Mb93ZQYCJF9PNRrdD0nXxMvr4sL5w&gpic=UID%3D00000d43700928e7%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_MYzgamZlVuSn9boNcaAHLj5-qNlIw&prev_fmts=0x0%2C1200x280&nras=2&correlator=7814081595830&rume=1&frm=20&pv=1&ga_vid=440884274.1705504204&ga_sid=1705504204&ga_hid=1558612209&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=1367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31080431%2C95320892%2C95321627%2C95322163%2C95322325%2C31061691%2C31061692&oid=2&psts=AOrYGsl95Ya7pY9kXAFmbNgL7fy4ghf-ulzrwF1d6HFUVvqvJwDESaqv5gDxcdYSHGP0kk2oC1kI7vRjWjmX9Q&pvsid=593978333931182&tmod=1091228091&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2f6bea46c546f8965429c8793da815b8aa488ea358656607513811e6220f4583
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:33:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
2175
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24615
x-xss-protection
0
server
cafe
etag
10902498161188913397
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 15:33:51 GMT
dt
dt.adsafeprotected.com/ Frame 08B7 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1875473&asId=972324fa-d288-260c-671b-b32e16643e57&tv=%7Bc:1zuDBd,pingTime:-2,time:60,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:659,beZ:660,mfA:663,cmA:664,inA:664,inZ:667,prA:667,prZ:672,si:675,poA:676,bl:692,poZ:692,cmZ:692,mfZ:692,loA:709,loZ:710,ltA:719,ltZ:719%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:16%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:60,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B54~0%5D,as:%5B54~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:u1DjQgr+11%7C12%7C131%7C141%7C142%7C151*.1875473-77671614%7C1511%7C1512%7C15131%7C1514%7C1611%7C1711%7C1712%7C1713%7C1811%7C1812%7C1813%7C1911%7C1912%7C1913,idMap:151*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:na,siq:17,sinceFw:43,readyFired:true%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052384650666721&output=html&h=280&adk=1958173566&adf=867136312&pi=t.aa~a.2964258233~rp.1&w=500&fwrn=4&fwrnh=100&lmt=1705504205&rafmt=1&to=qs&pwprc=8885713159&format=500x280&url=https%3A%2F%2F3seclab.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705504205281&bpp=1&bdt=1699&idt=0&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85f5c5c159c77a69%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_Mb93ZQYCJF9PNRrdD0nXxMvr4sL5w&gpic=UID%3D00000d43700928e7%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_MYzgamZlVuSn9boNcaAHLj5-qNlIw&prev_fmts=0x0%2C1200x280%2C500x280&nras=3&correlator=7814081595830&rume=1&frm=20&pv=1&ga_vid=440884274.1705504204&ga_sid=1705504204&ga_hid=1558612209&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=2001&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31080431%2C95320892%2C95321627%2C95322163%2C95322325%2C31061691%2C31061692&oid=2&psts=AOrYGsl95Ya7pY9kXAFmbNgL7fy4ghf-ulzrwF1d6HFUVvqvJwDESaqv5gDxcdYSHGP0kk2oC1kI7vRjWjmX9Q&pvsid=593978333931182&tmod=1091228091&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:d34e:2c1b:3408:57ec Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:06 GMT
server
nginx
x-server-name
dt13.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame E031 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:31:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
2335
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 16 Jan 2025 14:31:11 GMT
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 91AE 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:31:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
2335
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 16 Jan 2025 14:31:11 GMT
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame FCBF 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:31:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
2335
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 16 Jan 2025 14:31:11 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 77B6 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BqiFTzu2nZcPxCrnT9u8P0KKg-AYAAAAAOAHgBAI&bg=!9vWl9brNAAa8BdJLnAU7ADQBe5WfOOa89tdYNLiWtt7_cyxqu3v5Kid3uIgoMdReKcCKgEnblddhNPnY3mT7xl17m9yRAgAAAKVSAAAAAWgBBwoAMyRK6UQLAWMudJ7pf71M3Q7dqeffEjNh7oiMi1y9_jQnsy1q4uS8YzHC3cjOj6cSZgnq9ZkDCUefbuvyLZZX4qYHrnGnyqXx0erQfoHrm-FwWJ1ohR1_TTTBe9jmjtWimHXduZJTezzx2lzvRQhpyp7e3i0WJHJHkwyU-kIWew3elUD7OYBQdfvq7BUJPgI4t2F4frbyoDel1wPwkbRL79fovEjmBnf_rhxKS_yiwocWZ9Rj0HUAPhPpwjTK6Wag3rdoY0i_KVp0y2Ijxtc_JlN8n20gGQRirkG8ZEhEKuICImbVgzZBxv-1nnAncaBKvnoSrBwsihbNWFrWMwdpTGtQzGaH6kgeQbM0SwyxVJNAkygxk-oyjWICc4X9vh7vVjYSRuHF1QTqTwsZV6WBjh8CNDjvk6dwiY7Xx6NPk9urxw0RXmWk66HgupSxRRr66vZbg1CwDANnlk_OD6riQn8UWcyqr-dgmsnmPopQY8y3EWLCpI-cp6gSG7d3SivxAub6j8V5S7HuvEi6HnUTsPzKhlszqQRUyG2HUfs1Jthe58C86e6OYbHF37tG12kauBZ_XwSTG7VulaOUMqYd6j7PbHPcCq5lKmIVKey9D9GzSo5Qy7vvC2vgYHVK8fxBaz2MhQ2b1SQy1S-nXXQdznc7yxhylp5u0JlYU2koUn_X-sJbZZ83POsi6zWT48EtRiobmb87zzb3l8ZaqL611BPFmH42cxnV7rxENqBk4GHbQGv8qYjFvEtJsasIDcAha_55rM6m6SHXG0jl0lUxEnQ24yCvMS4IXV47HECi3qMSriPISxx38zk0-y5WVF6y8IyKuna3vRNNeik8TUhoV53sEORzX010ble1bm-hpEgAtTKwwOT7AY7SJn6lFkEjsfG1AKvd-OEaAowB_ZeExiv6pQ2Fv00uMWuZTmGpgVsjJzN8piNJ8EFHkh3JxknhXDhAkWIXfsMZi5CCVzEFh78vx6GeLQZkO2rjXNVk1IMZAo-TKPqTqdpGVKhQHIKCMoy8RyMwSLoWu2pVtU-_-5H5vVhkCj53bXfZgATZR_3FEGJ2TGFA5lULepkmy_Zlh8qsWlbvLwN7UxRAIqVSpQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052384650666721&output=html&h=280&adk=1958173566&adf=867136312&pi=t.aa~a.2964258233~rp.1&w=500&fwrn=4&fwrnh=100&lmt=1705504205&rafmt=1&to=qs&pwprc=8885713159&format=500x280&url=https%3A%2F%2F3seclab.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705504205281&bpp=1&bdt=1699&idt=0&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85f5c5c159c77a69%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_Mb93ZQYCJF9PNRrdD0nXxMvr4sL5w&gpic=UID%3D00000d43700928e7%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_MYzgamZlVuSn9boNcaAHLj5-qNlIw&prev_fmts=0x0%2C1200x280%2C500x280&nras=3&correlator=7814081595830&rume=1&frm=20&pv=1&ga_vid=440884274.1705504204&ga_sid=1705504204&ga_hid=1558612209&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=2001&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31080431%2C95320892%2C95321627%2C95322163%2C95322325%2C31061691%2C31061692&oid=2&psts=AOrYGsl95Ya7pY9kXAFmbNgL7fy4ghf-ulzrwF1d6HFUVvqvJwDESaqv5gDxcdYSHGP0kk2oC1kI7vRjWjmX9Q&pvsid=593978333931182&tmod=1091228091&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229222587609903619200%22,%22debug_reporting%22:true,%22destination%22:%22https://misou.co.kr%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22877371990%22],%2222%22:[%22true%22],%224%22:[%2201-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224966427951081888689%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 17 Jan 2024 15:10:07 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
csi
csi.gstatic.com/ Frame C597 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=2~lrhx63ig&chm=1&ctx=2&gqid=zO2nZd_7F8C89u8P5MOgwA4&qqid=CP_flaLa5IMDFReHjggdaCUHjw&met.6=6.1_CgsY7AggZSoECAcSAA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400e:c03::78 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:06 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 561F 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lrhx649j&chm=1&ctx=2&gqid=ze2nZcSHE7-69u8P1qmfsAI&qqid=COyCzaLa5IMDFa2mjggd9ToPfg&met.4=fb.ph~lb.t1~cmrload.vo~ol.11p~bdt.-1bb~bpp.-3~dtd.-1~dt.-4&met.3=492.sj_1~555.vc~556.vd~113.182_1~112.182_2&met.1=1.lrhx631h~6.0~7.0~8.0~9.0~10.0~11.0~12.0~13.p9~14.r0~15.pa~16.vc~17.vc~18.vd~19.11g~20.11g~21.11o&met.7=CAUQCBgBMMwHOM0KaAFwjQd4vOcCgAGQ5QKIAa-tCLABAbgBAw~CBsQBxgBIJIHKJIHML0HOCw~CBsQBxgBIJIHKJIHMPMHOGE~CBIQBxgBIL0HKL0HMI4IOFFoxQdw_Qd42QqAAa0IiAGQOqoBEQoPR29vZ2xlIFNhbnM6NDAwsAEBuAED~CBwQChgBIL0HKL0HMPsHOD5oyAdw9Ad4xwiAAZsGiAGIDbABAbgBAw~CAkQChgBIMwHKMwHMI8IOENozwdw_gd46EqAAbxIiAGgugGwAQG4AQM~CB4QChgBIMwHKMwHMJgIOExozwdwjQh4gAyAAdQJiAGBFbABAbgBAw~CBsQBhgBIMwHKMwHMIEIODU~CBwQChgBIMwHKMwHMJQIOEdozwdwhQh42ESAAaxCiAHUoQGwAQG4AQM~CBwQChgBIMwHKMwHMKYIOFpo0AdwiAh4vvADgAGS7gOIAczqDLABAbgBAw~CBsQChgBIM0HKM0HMIMIODc~CCgQBRgBIIUIKIUIMMMIOD5olwhwwQh4vQOAAZEBiAGPAbABAbgBAw~CBwQBRgBIIYIKIYIMMAIODtolwhwvwh4lgeAAeoEiAGWCbABAbgBAw~CCgQChgBINkKKNkKMIkLODFo2Qpwhgt408IBgAGnwAGIAcyEBLABAbgBAw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400e:c03::78 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:06 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
InterstateCondensedBlack.woff2
s0.2mdn.net/creatives/assets/4925812/ Frame CDFE 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4925812/InterstateCondensedBlack.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16194089670991452542/index-70c4f56f.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3b7bf416424abed17314649bb71a1de7a3afc6af66840d04b730e69652e27ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/16194089670991452542/index-70c4f56f.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:56:11 GMT
x-content-type-options
nosniff
age
835
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14644
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 09:13:06 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 17 Jan 2024 15:11:11 GMT
InterstateCondensed.woff2
s0.2mdn.net/creatives/assets/4925812/ Frame CDFE 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4925812/InterstateCondensed.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16194089670991452542/index-70c4f56f.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
241bb801b29748e542884f7b902c02f12f6a318ba97f70224986634926dbc433
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/16194089670991452542/index-70c4f56f.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:06:54 GMT
x-content-type-options
nosniff
age
192
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28596
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 09:13:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 17 Jan 2024 15:21:54 GMT
kacheln.svg
s0.2mdn.net/4528404/1693566003742/ Frame CDFE 		1 KB
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1693566003742/kacheln.svg
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f53e834474e33540f149e24fb765f3ccbb808b07c2e650ae1aafdb165611c15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16194089670991452542/index.html?e=69&leftOffset=0&topOffset=0&c=CSTZhzLPkK&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 09:00:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22167
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
482
x-xss-protection
0
last-modified
Fri, 01 Sep 2023 11:00:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 18 Jan 2024 09:00:39 GMT
agata.png
s0.2mdn.net/4528404/ Frame CDFE 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/agata.png
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96ba8dcd11d2e05a343a7dfe34dbae7c1fb48cda32eec0532d006b0ef2e20e37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16194089670991452542/index.html?e=69&leftOffset=0&topOffset=0&c=CSTZhzLPkK&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 09:05:54 GMT
x-content-type-options
nosniff
age
21852
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2436365
x-xss-protection
0
last-modified
Fri, 01 Sep 2023 10:30:05 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 18 Jan 2024 09:05:54 GMT
dc_oe=ChMIqsncotrkgwMVuan9Bx1QEQhvEAAYACCe44NdQhMIgeCVotrkgwMVF4eOCB1oJQeP;dc_eps=AHas8cAwvN33h3nsoRW5TreJHJIA69QWzK78e32M0h4r98X4_q_1DjrWzxVYYisWfErIEKTg3awJ9QU;stragg=1;&timestamp=1705504206996;s...
ade.googlesyndication.com/ddm/activity/ Frame 4145 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIqsncotrkgwMVuan9Bx1QEQhvEAAYACCe44NdQhMIgeCVotrkgwMVF4eOCB1oJQeP;dc_eps=AHas8cAwvN33h3nsoRW5TreJHJIA69QWzK78e32M0h4r98X4_q_1DjrWzxVYYisWfErIEKTg3awJ9QU;stragg=1;&timestamp=1705504206996;str=nextSlide;strtype=1
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
InterstateCondensed.woff2
s0.2mdn.net/creatives/assets/4925812/ Frame AFEE 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4925812/InterstateCondensed.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16194089670991452542/index-70c4f56f.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
241bb801b29748e542884f7b902c02f12f6a318ba97f70224986634926dbc433
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/16194089670991452542/index-70c4f56f.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:06:54 GMT
x-content-type-options
nosniff
age
193
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28596
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 09:13:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 17 Jan 2024 15:21:54 GMT
InterstateCondensedBlack.woff2
s0.2mdn.net/creatives/assets/4925812/ Frame AFEE 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4925812/InterstateCondensedBlack.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16194089670991452542/index-70c4f56f.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3b7bf416424abed17314649bb71a1de7a3afc6af66840d04b730e69652e27ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/16194089670991452542/index-70c4f56f.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:56:11 GMT
x-content-type-options
nosniff
age
836
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14644
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 09:13:06 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 17 Jan 2024 15:11:11 GMT
InterstateRegular.woff2
s0.2mdn.net/creatives/assets/4925812/ Frame AFEE 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4925812/InterstateRegular.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16194089670991452542/index-70c4f56f.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
619fdeaed027f4e2b96cb82baa60c9c6615e7b24172f08eed907e617537171e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/16194089670991452542/index-70c4f56f.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:06:09 GMT
x-content-type-options
nosniff
age
238
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29508
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 09:13:09 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 17 Jan 2024 15:21:09 GMT
logo-v2.svg
s0.2mdn.net/4528404/1687769488937/ Frame AFEE 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1687769488937/logo-v2.svg
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
59196f295fdadd3391cfbb187fef654f77ae385d6f8555c588963b521b1a98a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16194089670991452542/index.html?e=69&leftOffset=0&topOffset=0&c=Hv1rQvFnSe&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 09:56:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18806
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1838
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 08:51:29 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 18 Jan 2024 09:56:41 GMT
apple_iphone15_blau.png
s0.2mdn.net/4528404/ Frame AFEE 		4 MB
4 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/apple_iphone15_blau.png
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2c8d4c4f851bc762ff462329786060fc683b9ac19e857cc9426e95771b648a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16194089670991452542/index.html?e=69&leftOffset=0&topOffset=0&c=Hv1rQvFnSe&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 21:11:37 GMT
x-content-type-options
nosniff
age
64710
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3833315
x-xss-protection
0
last-modified
Fri, 15 Dec 2023 09:30:05 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 17 Jan 2024 21:11:37 GMT
cta_mit-pfeil_01.svg
s0.2mdn.net/4528404/1687937402098/ Frame AFEE 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1687937402098/cta_mit-pfeil_01.svg
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a9cba16c5a30dc7cc3bdcbba2a45e9e2e28ec4437894302c6676369ed0ec732
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16194089670991452542/index.html?e=69&leftOffset=0&topOffset=0&c=Hv1rQvFnSe&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 15:56:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
83631
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1134
x-xss-protection
0
last-modified
Wed, 28 Jun 2023 07:30:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 17 Jan 2024 15:56:16 GMT
stoerer-120sparen-links.svg
s0.2mdn.net/4528404/1702634402667/ Frame AFEE 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1702634402667/stoerer-120sparen-links.svg
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a746b54d9607284603c4b6d8ffdb8ee004ce3d3cd7d431801c42436ee9d3572
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16194089670991452542/index.html?e=69&leftOffset=0&topOffset=0&c=Hv1rQvFnSe&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 21:28:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63697
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1945
x-xss-protection
0
last-modified
Fri, 15 Dec 2023 10:00:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 17 Jan 2024 21:28:30 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C551 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu8T_zQynfPPBk5EofZzU5QtS9785BzKKos3w1_u1UIYMlN2QWJDS9eaftyAJlk7zGaDia6-4zBYnlQZgoCmzWqq2isuods5N-Y1C1SQEUPQgkW68rtX9m41MADq_YXcMaUh-DF8neiEgU73ePzd0mWztrR&sai=AMfl-YSs3Lzbvg7odVDy6ODGNM58FgKi3bKKaZu6hR6aLhJLGpAOiU9jwXffMc33sMV2LGJmg0qZXCpvMJYftkIo3kW8mKIzPFbDjgXXbz5FLkkwfsKdnUypdsbdHbK0O2YiSMyLh6Pw6ee_k_WiK2SCrQ&sig=Cg0ArKJSzHWDHmtapgBfEAE&cid=CAQSTwAvHhf_V3BaC8O8IHgqvaFtbIFehzB_dnJDb-RiyLsNRmLY1-Ca5oj_1p2nQS5xXyNXok7A8Ya-R3Pw_vMseGcgb9QmOxkbyCdSNSaeGCoYAQ&id=lidar2&mcvt=1028&p=0,0,90,728&mtos=571,1028,1028,1028,1028&tos=571,457,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705504205497&rpt=476&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
apple_iphone15_blau.png
s0.2mdn.net/4528404/ Frame 48B1 		4 MB
4 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/apple_iphone15_blau.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12977775661556909822/template-2d058155.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2c8d4c4f851bc762ff462329786060fc683b9ac19e857cc9426e95771b648a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12977775661556909822/index.html?e=69&leftOffset=0&topOffset=0&c=2MW6RW6pHX&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 21:11:37 GMT
x-content-type-options
nosniff
age
64710
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3833315
x-xss-protection
0
last-modified
Fri, 15 Dec 2023 09:30:05 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 17 Jan 2024 21:11:37 GMT
cta_mit-pfeil_01.svg
s0.2mdn.net/4528404/1687937402098/ Frame 48B1 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1687937402098/cta_mit-pfeil_01.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12977775661556909822/template-2d058155.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a9cba16c5a30dc7cc3bdcbba2a45e9e2e28ec4437894302c6676369ed0ec732
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12977775661556909822/index.html?e=69&leftOffset=0&topOffset=0&c=2MW6RW6pHX&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 15:56:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
83631
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1134
x-xss-protection
0
last-modified
Wed, 28 Jun 2023 07:30:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 17 Jan 2024 15:56:16 GMT
InterstateCondensed.woff2
s0.2mdn.net/creatives/assets/4925812/ Frame 48B1 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4925812/InterstateCondensed.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12977775661556909822/index-70c4f56f.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
241bb801b29748e542884f7b902c02f12f6a318ba97f70224986634926dbc433
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/12977775661556909822/index-70c4f56f.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:06:54 GMT
x-content-type-options
nosniff
age
193
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28596
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 09:13:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 17 Jan 2024 15:21:54 GMT
InterstateCondensedBlack.woff2
s0.2mdn.net/creatives/assets/4925812/ Frame 48B1 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4925812/InterstateCondensedBlack.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12977775661556909822/index-70c4f56f.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3b7bf416424abed17314649bb71a1de7a3afc6af66840d04b730e69652e27ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/12977775661556909822/index-70c4f56f.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:56:11 GMT
x-content-type-options
nosniff
age
836
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14644
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 09:13:06 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 17 Jan 2024 15:11:11 GMT
InterstateRegular.woff2
s0.2mdn.net/creatives/assets/4925812/ Frame 48B1 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4925812/InterstateRegular.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12977775661556909822/index-70c4f56f.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
619fdeaed027f4e2b96cb82baa60c9c6615e7b24172f08eed907e617537171e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/12977775661556909822/index-70c4f56f.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:06:09 GMT
x-content-type-options
nosniff
age
238
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29508
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 09:13:09 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 17 Jan 2024 15:21:09 GMT
stoerer-120sparen-links.svg
s0.2mdn.net/4528404/1702634402667/ Frame 48B1 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1702634402667/stoerer-120sparen-links.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12977775661556909822/template-2d058155.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a746b54d9607284603c4b6d8ffdb8ee004ce3d3cd7d431801c42436ee9d3572
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12977775661556909822/index.html?e=69&leftOffset=0&topOffset=0&c=2MW6RW6pHX&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 21:28:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63697
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1945
x-xss-protection
0
last-modified
Fri, 15 Dec 2023 10:00:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 17 Jan 2024 21:28:30 GMT
logo.svg
s0.2mdn.net/4528404/1687521602712/ Frame 48B1 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/4528404/1687521602712/logo.svg
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0d80991c6e4b62d5c77985c1e293aad44cc120e03aee7ae6936c79d25a0e467
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12977775661556909822/index.html?e=69&leftOffset=0&topOffset=0&c=2MW6RW6pHX&t=1&renderingType=2&ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 17:08:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
79296
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1913
x-xss-protection
0
last-modified
Fri, 23 Jun 2023 12:00:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 17 Jan 2024 17:08:31 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 08B7 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssnFRoE77Mtqqk-k8wUGuqHWa8RYHqJH00_HJoaMV7Yid6dgHS2g9NktDymSrmHVMsD7PDvOx7D3sEy2kQTJ8eArDkZQtih6dNnFQeODZnwGEeTwOwX2qmJAX9tKq2xQuRrujjbDOnMrMXYyyolSYrTm9xry64GiDMgLT70few3RYbxwQun5lJaLBZVyoZ7YqzJr-hYRR3BXJbQuFw&sai=AMfl-YQ8HhLYrNOnpfP-uO_e7OlV191ptyzN7zRlyC-HSu5il_Pf2yBmcdnz_LOGo7zIGKP1E4MMr9g19NpPqXSQ4SacI7HnLytelrfr0HMW49J5Bw79u-aJXFczsZ1fhxY0gJ9uuwbzxUlw_rd-sJvfb8Xvc7EE&sig=Cg0ArKJSzB8aAZc0GWJCEAE&uach_m=%5BUACH%5D&urlfix=1&vt=13&adurl=
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:10:07 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
dc_oe=ChMI5-LbotrkgwMVVZ79Bx184A3AEAAYACCe44NdQhMIgOCVotrkgwMVF4eOCB1oJQeP;dc_eps=AHas8cCrsc8eiQHuPv-93z3Migu4DkFE3B81O1h5YqhDYZmRvpyDJbVFnOe71LIslP-3cQ_xlEmm-2c;stragg=1;&timestamp=1705504207028;s...
ade.googlesyndication.com/ddm/activity/ Frame F18A 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI5-LbotrkgwMVVZ79Bx184A3AEAAYACCe44NdQhMIgOCVotrkgwMVF4eOCB1oJQeP;dc_eps=AHas8cCrsc8eiQHuPv-93z3Migu4DkFE3B81O1h5YqhDYZmRvpyDJbVFnOe71LIslP-3cQ_xlEmm-2c;stragg=1;&timestamp=1705504207028;str=nextSlide;strtype=1
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI5-LbotrkgwMVVZ79Bx184A3AEAAYACCe44NdQhMIgOCVotrkgwMVF4eOCB1oJQeP;dc_eps=AHas8cCrsc8eiQHuPv-93z3Migu4DkFE3B81O1h5YqhDYZmRvpyDJbVFnOe71LIslP-3cQ_xlEmm-2c;stragg=1;&timestamp=1705504207029;s...
ade.googlesyndication.com/ddm/activity/ Frame F18A 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI5-LbotrkgwMVVZ79Bx184A3AEAAYACCe44NdQhMIgOCVotrkgwMVF4eOCB1oJQeP;dc_eps=AHas8cCrsc8eiQHuPv-93z3Migu4DkFE3B81O1h5YqhDYZmRvpyDJbVFnOe71LIslP-3cQ_xlEmm-2c;stragg=1;&timestamp=1705504207029;str=nextSlide;strtype=1
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI8M3eotrkgwMV5KD9Bx0zFAcDEAAYACCq2oNdQhMIguCVotrkgwMVF4eOCB1oJQeP;dc_eps=AHas8cB33VD14ENCDsu70NcSE23HURzpBWbyh65UueBneHC6Pu-hfcevZQFeSgw60wLaCEv0VsauAmo;stragg=1;&timestamp=1705504207048;s...
ade.googlesyndication.com/ddm/activity/ Frame C551 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI8M3eotrkgwMV5KD9Bx0zFAcDEAAYACCq2oNdQhMIguCVotrkgwMVF4eOCB1oJQeP;dc_eps=AHas8cB33VD14ENCDsu70NcSE23HURzpBWbyh65UueBneHC6Pu-hfcevZQFeSgw60wLaCEv0VsauAmo;stragg=1;&timestamp=1705504207048;str=nextSlide;strtype=1
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI8M3eotrkgwMV5KD9Bx0zFAcDEAAYACCq2oNdQhMIguCVotrkgwMVF4eOCB1oJQeP;dc_eps=AHas8cB33VD14ENCDsu70NcSE23HURzpBWbyh65UueBneHC6Pu-hfcevZQFeSgw60wLaCEv0VsauAmo;stragg=1;&timestamp=1705504207049;s...
ade.googlesyndication.com/ddm/activity/ Frame C551 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI8M3eotrkgwMV5KD9Bx0zFAcDEAAYACCq2oNdQhMIguCVotrkgwMVF4eOCB1oJQeP;dc_eps=AHas8cB33VD14ENCDsu70NcSE23HURzpBWbyh65UueBneHC6Pu-hfcevZQFeSgw60wLaCEv0VsauAmo;stragg=1;&timestamp=1705504207049;str=nextSlide;strtype=1
Requested by
Host: 3seclab.com
URL: https://3seclab.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 08B7 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1875473&asId=972324fa-d288-260c-671b-b32e16643e57&tv=%7Bc:1zuDI9,time:490,type:e,im:%7BpWait:10%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:490,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B484~0%5D,as:%5B484~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:404,fm:u1DjQgr+11%7C12%7C131%7C141%7C142%7C151*.1875473-77671614%7C1511%7C1512%7C15131%7C1514%7C1611%7C1711%7C1712%7C1713%7C1811%7C1812%7C1813%7C1911%7C1912%7C1913,idMap:151*,rmeas:1,rend:0,renddet:na,siq:17,sis:433%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052384650666721&output=html&h=280&adk=1958173566&adf=867136312&pi=t.aa~a.2964258233~rp.1&w=500&fwrn=4&fwrnh=100&lmt=1705504205&rafmt=1&to=qs&pwprc=8885713159&format=500x280&url=https%3A%2F%2F3seclab.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705504205281&bpp=1&bdt=1699&idt=0&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85f5c5c159c77a69%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_Mb93ZQYCJF9PNRrdD0nXxMvr4sL5w&gpic=UID%3D00000d43700928e7%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_MYzgamZlVuSn9boNcaAHLj5-qNlIw&prev_fmts=0x0%2C1200x280%2C500x280&nras=3&correlator=7814081595830&rume=1&frm=20&pv=1&ga_vid=440884274.1705504204&ga_sid=1705504204&ga_hid=1558612209&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=2001&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31080431%2C95320892%2C95321627%2C95322163%2C95322325%2C31061691%2C31061692&oid=2&psts=AOrYGsl95Ya7pY9kXAFmbNgL7fy4ghf-ulzrwF1d6HFUVvqvJwDESaqv5gDxcdYSHGP0kk2oC1kI7vRjWjmX9Q&pvsid=593978333931182&tmod=1091228091&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:d34e:2c1b:3408:57ec Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:07 GMT
server
nginx
x-server-name
dt07.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
passback_300x250.js
static.adsafeprotected.com/ Frame 5D1B 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/passback_300x250.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:ba00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6005e56ab3043d83726d25b0d17458e35b72355a81ca3230cc9de9058ee8b1f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
vr1Fa3eAVtG7AGe6kPa1Y0WAZAHvQkII
content-encoding
gzip
via
1.1 eb6e5773d654b9aeadbed8169564506c.cloudfront.net (CloudFront)
date
Fri, 12 Jan 2024 02:40:36 GMT
x-amz-cf-pop
FRA56-P5
age
476971
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 18 Feb 2022 23:29:42 GMT
server
AmazonS3
etag
W/"44f0ac540dc9c11f94344414c879b658"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
EWHgdzE66eT5G9EOFCrT5muJ-4UZ_nHYxJy-G2gb4mDS-xh4DteSmg==
IAS_PassbackAds_300x250.png
static.adsafeprotected.com/ Frame 5D1B 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/IAS_PassbackAds_300x250.png
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:ba00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f6adb794eda0e31a163ed517d8e63d388dbb762031a189349c72af2bc37bb4f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id
5gVOAFoF.BCvnrybv6D.a4lGJXzJNSyO
date
Mon, 15 Jan 2024 23:59:30 GMT
via
1.1 eb6e5773d654b9aeadbed8169564506c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
141040
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
14233
last-modified
Fri, 18 Feb 2022 23:28:59 GMT
server
AmazonS3
etag
"65a8b98b798ce416d94c2847aca40c71"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
x-amz-cf-id
H_uEUZRDHhEaNJ_DYeEnXEpjC6kvEmGArDj1jBMvuL_6ho3bnEa6Xw==
dt
dt.adsafeprotected.com/ Frame 08B7 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1875473&asId=972324fa-d288-260c-671b-b32e16643e57&tv=%7Bc:1zuDLE,pingTime:-10,time:707,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjIyNCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1705504207302%7C%7C9a646170195646e4cd8205741aed59b8%7C%7C09dd4f7e094d0daae996260c074cbdea%7C%7C50d2fa43dbb22ca811cdaa6f20024b7d%7C%7C07645fd8f59d2d588a80e9b6d0dc3584%7C%7C501c7072d62610c1a7bb93ee6854d362%7C%7C362958212a0dc7c00523526c4727510c%7C%7C973b5fad57c0a87a4e33e23190105cf2%7C%7C1663701684%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052384650666721&output=html&h=280&adk=1958173566&adf=867136312&pi=t.aa~a.2964258233~rp.1&w=500&fwrn=4&fwrnh=100&lmt=1705504205&rafmt=1&to=qs&pwprc=8885713159&format=500x280&url=https%3A%2F%2F3seclab.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705504205281&bpp=1&bdt=1699&idt=0&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85f5c5c159c77a69%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_Mb93ZQYCJF9PNRrdD0nXxMvr4sL5w&gpic=UID%3D00000d43700928e7%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_MYzgamZlVuSn9boNcaAHLj5-qNlIw&prev_fmts=0x0%2C1200x280%2C500x280&nras=3&correlator=7814081595830&rume=1&frm=20&pv=1&ga_vid=440884274.1705504204&ga_sid=1705504204&ga_hid=1558612209&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=2001&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31080431%2C95320892%2C95321627%2C95322163%2C95322325%2C31061691%2C31061692&oid=2&psts=AOrYGsl95Ya7pY9kXAFmbNgL7fy4ghf-ulzrwF1d6HFUVvqvJwDESaqv5gDxcdYSHGP0kk2oC1kI7vRjWjmX9Q&pvsid=593978333931182&tmod=1091228091&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:d34e:2c1b:3408:57ec Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:07 GMT
server
nginx
x-server-name
dt10.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
gen_204
pagead2.googlesyndication.com/pagead/ Frame C551 		0
25 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7999179386363&version=m202309260101&ct=76&x=1&cor=13293513632237795000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240116&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7052384650666721&plah=3seclab.com&bust=31080431
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1b7824d66fe6dd650f879ac215211ca528b26ea47f7537bfea0b9c338b48e413
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3seclab.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:10:07 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12239
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame F18A 		0
25 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6667094013623&version=m202309260101&ct=76&x=1&cor=18129108834150730000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4145 		0
25 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5547882057095&version=m202309260101&ct=76&x=1&cor=72415186287961570
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame 08B7 		65 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052384650666721&output=html&h=280&adk=1958173566&adf=867136312&pi=t.aa~a.2964258233~rp.1&w=500&fwrn=4&fwrnh=100&lmt=1705504205&rafmt=1&to=qs&pwprc=8885713159&format=500x280&url=https%3A%2F%2F3seclab.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705504205281&bpp=1&bdt=1699&idt=0&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D85f5c5c159c77a69%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_Mb93ZQYCJF9PNRrdD0nXxMvr4sL5w&gpic=UID%3D00000d43700928e7%3AT%3D1705504204%3ART%3D1705504204%3AS%3DALNI_MYzgamZlVuSn9boNcaAHLj5-qNlIw&prev_fmts=0x0%2C1200x280%2C500x280&nras=3&correlator=7814081595830&rume=1&frm=20&pv=1&ga_vid=440884274.1705504204&ga_sid=1705504204&ga_hid=1558612209&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=2001&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31080431%2C95320892%2C95321627%2C95322163%2C95322325%2C31061691%2C31061692&oid=2&psts=AOrYGsl95Ya7pY9kXAFmbNgL7fy4ghf-ulzrwF1d6HFUVvqvJwDESaqv5gDxcdYSHGP0kk2oC1kI7vRjWjmX9Q&pvsid=593978333931182&tmod=1091228091&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2f6bea46c546f8965429c8793da815b8aa488ea358656607513811e6220f4583
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:33:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
2176
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24615
x-xss-protection
0
server
cafe
etag
10902498161188913397
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Wed, 17 Jan 2024 15:33:51 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F18A 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvW3w8ec9dIA_Z20QiHRAM6gd0Aoy_SFNE_-6IKXwFj67okknF-jhdrJ621BHVcxfO0xPnCN3ixUd5Vo7dUu1BUrvd_luCizAWt-z1-tW-GuFI5euGv0LbZIcTdEt8NAfGP3jEqWRFXDYxn5jWb_ypYyhwR&sai=AMfl-YTA1kmLUo_9KQRXGasDk578A21kpzTFUdaiDWr4QH3CxlOxaO0FpjNcsRFKYrzKQhEaltXzC5Dludi8lOPU7tYnma8lFEr7ukMluOZnujIav-tY3g0C6rxP2aJdROecvDcxM1JwAdvn5LCKy--Uag&sig=Cg0ArKJSzBJyS5Asd8NREAE&cid=CAQSTwAvHhf_V3BaC8O8IHgqvaFtbIFehzB_dnJDb-RiyLsNRmLY1-Ca5oj_1p2nQS5xXyNXok7A8Ya-R3Pw_vMseGcgb9QmOxkbyCdSNSaeGCoYAQ&id=lidar2&mcvt=1001&p=0,0,600,160&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705504205476&rpt=435&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4145 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvTjj2WrXPaDBJQUM1cQzgK2snQVrW2OFs1DFhBzyR7bnPdKvxCvDl9b3YaMNrH9mKtg5xfUEjTRXygAIod5ZDsDnBPNfc9MUb4M7KCH9q1Bze3Wd5G22NkDZxXcW0y-2XQ1ufetsmKU0W2-jlTLTH6Y0ks&sai=AMfl-YQuu59y0ZYioo9IN7BqDHnTcWWmbT2HPYaM0Kl3fsI8-Htg_s-QH1dh7RtWHI0iBisq8g4Y12j4o3LMDQVLUhJGb2NSd2Klymk0kwA6FznWE1qTZzrZ-24WbENxCGW_i_XLwxo94VuN9HNqeRYr9Q&sig=Cg0ArKJSzLLTz14JqwOTEAE&cid=CAQSTwAvHhf_V3BaC8O8IHgqvaFtbIFehzB_dnJDb-RiyLsNRmLY1-Ca5oj_1p2nQS5xXyNXok7A8Ya-R3Pw_vMseGcgb9QmOxkbyCdSNSaeGCoYAQ&id=lidar2&mcvt=1002&p=0,0,600,160&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705504205487&rpt=436&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 08B7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1875473&asId=972324fa-d288-260c-671b-b32e16643e57&tv=%7Bc:1zuDOz,time:888,type:e,im:%7Bpci:%7Btdr:829%7D,pLoad:841%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:888,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B882~0%5D,as:%5B882~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:133,fm:u1DjQgr+11%7C12%7C131%7C141%7C142%7C151*.1875473-77671614%7C1511%7C1512%7C15131%7C1514%7C1611%7C1711%7C1712%7C1713%7C1811%7C1812%7C1813%7C1911%7C1912%7C1913,idMap:151*,rmeas:1,rend:1,renddet:XIFRAME.us.dr,siq:17,sis:433%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4282:d34e:2c1b:3408:57ec Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
csi
csi.gstatic.com/ Frame 08B7 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lrhx64t0&chm=1&ctx=2&gqid=ze2nZdahE_uz9u8PjpWzmAg&qqid=CLCrzaLa5IMDFb2bjggdm8UK9Q&met.4=fb.1w~lb.9c~cmrload.bc~ol.15o~bdt.-1tf~bpp.-i7~idt.-i8~dtd.-i3~dt.-i8&met.3=374.bg~113.19g_1~113.19h~112.19f_2&met.1=1.lrhx63jl~14.0~15.0~16.0~17.0~18.0~19.0~20.0~21.0~1.lrhx631j~6.0~7.0~8.0~9.0~10.0~12.1~13.hr~14.jb~15.hs~16.jy~17.jy~18.jz~19.1nq~20.1nq~21.1nq&met.7=CAUQCBgBMAE4AQ~CCgQBRgBIEUoRTCbAThWaEhwmgF4igSAAd4BiAHwBLABAbgBAw~CBwQChgBIEUoRTC5ATh1aEdwnwF4qfgBgAH99QGIAYXHBbABAbgBAw~CB4QChgBIEUoRTBxOC1oR3BveIAMgAHUCYgBgRWwAQG4AQM~CBwQChgBIEUoRTB0OC9oR3ByeNhEgAGsQogB1KEBsAEBuAED~CBsQBhgBIEUoRTDTATiOAQ~CCoQChgBIEUoRTC6ATh1aEhwlgF434cEgAGzhQSIAZLnDLABAbgBAw~CBwQBhgBIEUoRTDhATibAWhIcN4BeNYCgAEqiAEqsAEBuAED~CBwQARgBIMgBKMgBMOQCOJwBaMgBcOQCeKwCsAEBuAED~CBwQARgBIMkBKMkBMOUCOJ0BaMkBcOUCeKwCsAEBuAED~CCgQChgBIM8BKM8BMMUCOHZozwFwuwJ4is0CgAHeygKIAd_iBrABAbgBAw~CBsQCiDHAjjEAg~CCkQChgBIMgCKMgCMI8DOEdoyQJw8QJ4qrkCgAH-tgKIAbH1BrABAbgBAw~CBwQChgBIMkCKMkCMI8DOEZoygJwhQN4yySAAZ8iiAGwXLABAbgBAw~CAkQChgBIM0CKM0CMI8DOENozQJwhgN4mV-AAe1ciAGA-QGwAQG4AQM~CCcQChgBIM0CKM0CMI0DOEBozQJwgwN4nW-AAfFsiAHpyQKwAQG4AQM~CBwQBRgBIM8CKM8CMJMDOERo0wJwiQN4lgeAAeoEiAGWCbABAbgBAw~CCcQBRgBIJYDKJYDMMUDOC9omwNwwgN4oWiAAfVliAH-sAKwAQG4AQM~CB8QBRgBIKIDKKIDMNEDOC9opgNwzQN4sBmAAYQXiAHFRLABAbgBAw~CCIQBBgBIKQDKKQDMPoDOFdopgNw-QN4rAKwAQG4AQM~CCIQBBgBIOwEKOwEMLkFOE1o7QRwuAV4rAKwAQG4AQM~CBsQCiCkBTipAg~CBsQBiDFBTiBAw~CBsQBiDGBTiBAw~CBsQBiDPBTj4Ag~CCIQARgBIMQIKMQIMJsJOFdoxAhwmgl4rAKwAQG4AQM~CBsQBiD9CDiGAQ~CBsQBiDXCjh8~CCgQChgBIO0LKO0LMOIMOHVo7Qtwmgx408IBgAGnwAGIAcyEBLABAbgBAw~CAUQCBgBMLcFOOYQaAFw_wR433KAAbNwiAGolQKgAfb6_________wGwAQG4AQM
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400e:c03::78 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:07 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401110101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7052384650666721&plah=3seclab.com&bust=31080431
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3seclab.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:10:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 17 Jan 2024 15:10:07 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 842D 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3seclab.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2337
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 17 Jan 2024 14:31:10 GMT
expires
Thu, 16 Jan 2025 14:31:10 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 7826 		829 B
561 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d3052d320ab4ea5d273b5446b3735e1ad0591616347401b9321051ba8a73997e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Zg3hDV926VTxmzmBCcNr6A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://3seclab.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-Zg3hDV926VTxmzmBCcNr6A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 17 Jan 2024 15:10:07 GMT
expires
Wed, 17 Jan 2024 15:10:07 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 7826 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240116&jk=593978333931182&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
pagead2.googlesyndication.com/bg/ Frame 842D 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 14:31:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
2336
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15219
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 09:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 16 Jan 2025 14:31:11 GMT
generate_204
tpc.googlesyndication.com/ Frame 842D 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?GPMOSA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 15:10:07 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240116&jk=593978333931182&bg=!39yl3JPNAAa8BdJLnAU7ADQBe5WfODTL2Efz2xrfUUKsNzBxSeZWkKlk60Dq_e-YQSHF47MI2QwDDc_YO8FdQZcy_TtAAgAAADpSAAAAAmgBBwoAN22gUiUEJDlUOx-2cuzfo8pm0d2AKPDV3nfc4sz9mHgeeMgow5919Eb7hZSgTshN6AUQphtc2p2ZAqf6LB6yMCoq5v2pJnLbOp6uzEZdlUe0gLq2h10P49pOIqEfg85LwzdykM1Y0r1mHe0mqZydvkIPM_r2y3d_W09g7vTcVMO2E22UxPHXw9He0NJ-BJVfw9aL8qv7d4GUkqvYu9dtq5sfQU7ob6cfcr4EYf_-byQ8p7t3Ev0739EZNRaLvNcJxaByRqmitqr_PvzdFo9gniKW41ZsEVzoBjA_yxm3L9XbuhnfGL3TlGZ55TqWSkgIJcDgFDPmhkieKqnkhZvvsLU-uMvOVtElXBbEgw4_KrrBrCSSESd-eRdo5qO38STOjHZZxyeDCh71tpkWYM9g6nXq-umcZcCucmM8TU-zyaNTF4ra2yzKBK0Z8wwnre2wyM2oThUwxxG9cvr4uXQn0iksk4PFHj-SF2cPWLjQ_qGNPY8fCQGINDjB9mBXTEq9-_RukKqV6efFarLq1G3yhU6CgPQSB3r4cqGuAR6jdENNcx2At-CJBjIqEbumUtrfG7rM-oCHa8_J629kPy9YmBDcb721RjxXQH8a47Gz-Lq81hrEB6MTzUQF8hWp6R9N5r2DumoVASJcRE6UbQZhjq2ecXaDrpJT5xblJfUf-A1aZ74iu2LqvQMVg_in5Mbro9htsbYJ861xuQ4A0ZpKanTKmz94kT1ABuZTUoE91L-K-YCBQWhaHAmT1u76oq-GoToFOGzLdrbwHSjs1VZMVRK4P1msW2urkCUNdoghHnYeE_8ObzXH4NXiXrk52ZhZgVIi3kD6n1PzW0aa8AkMXeGEj5Magw3VSSSv_rWVKuzks-jvN_cYtjDJb6nNRpaCM8bPehm-QP2rx1Vdk925cpgFfonL60id6ZYj_3bPX7tcTBPswoia6T8dstXGveMAIBqZAi7Y5_YVvOCnO1qfoVJg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3seclab.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 08B7 		0
25 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7891764725259&version=m202309260101&ct=76&x=1&cor=2200309961829521700
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~lrhx62cs&c=593978333931182&e=44759875%2C44759926%2C44759837%2C42531705%2C31080431%2C31061691%2C31061692&ctx=1&met.3=1000.dv_1__1~782.dv_2~1001.du_3__1~165.dt_4~166.dj_q~164.jq~191.jn_4~247.jx~248.jy~164.jy~165.jr_7~247.k7~248.k7~164.k7~165.k6_1~166.r1_4~1032.sd~326.sf_1~832.sh~868.sh~216.sd_5~215.sd_5~843.sc_6~889.ss~639.sx~1032.sx~326.sx~832.sx~868.sx~216.sx_1~215.sx_1~889.sz~639.t3~1032.t7~216.t7~215.t7~639.t7~112.to_1~168.1b2~168.1b2~168.1b2~168.1b2_1~168.1b2_1~429.1hs~993.1hv_1__3~992.1hw__3~994.1hw__3~991.1hu_2__3~990.1hu_2__3~353.1ht_3~453.1i3~754.1i4__8~995.1i4_1__8~998.1i3_2__8~453.1i5~754.1i5_1__b~995.1i5_1__b~247.1i7~248.1i7~1032.1i7~326.1i8~832.1i8~868.1i8~164.1i7_1~165.1i7_1~996.1i7_1__b~997.1i6_2__b~453.1i8~754.1i9__b~995.1i9_1__b~247.1i9~248.1i9~1032.1i9~326.1ia~832.1ia~868.1ia~164.1i9_1~165.1i9_1~996.1i9_1__b~997.1i9_1__b~453.1ia~754.1ia__b~995.1ia_1__b~998.1i5_6__b~889.1ic~889.1ie~639.1ig~639.1ig~453.1ii~754.1ij__m~995.1ii__m~998.1ii_1__m~453.1ij~453.1ij~453.1ij~453.1ik~454.1ik~454.1ik~454.1ik~453.1ik~753.1il~210.1lh_1~1032.1lj~326.1lj~832.1lj~868.1lj~164.1lj_1~165.1li_1~466.1li_1~1032.1lj~326.1lj~832.1lk~868.1lk~164.1lj~165.1lj_1~466.1lj_1~1032.1lk~326.1lk~832.1lk~868.1lk~164.1lk~165.1lk~466.1lk~1032.1lk~326.1ll~832.1ll~868.1ll~164.1lk~165.1lk_1~466.1lk_1~522.1li_3~525.1lm_c~525.1lz_2~525.1m1_1~1013.1m3~525.1m1_6~639.1m7~639.1m7~639.1m7~639.1m7~264.1m8~264.1me~264.1mw~264.1nj~264.1of~264.1oj~264.1q4~264.1q9~264.1r0~264.1r9~264.1rj~264.1ry~168.1s5~168.1s5~168.1s5~168.1s5~168.1s5~168.1s5~168.1s5~168.1s5~168.1s5~168.1s5~168.1s6~168.1s6~168.1s6~168.1s6~168.1s6~168.1s6~168.1s6~168.1s6~168.1s6~264.1sf~264.1sw~264.1tc~264.1tt~264.1ua~264.1vn~952.1vs~168.1w3~168.1w3~168.1w3~168.1w3~168.1w3~168.1w3~168.1w3~168.1w4~168.1w4~168.1w4~168.1w4~168.1w4~168.1w4~168.1w4~168.1w4~168.1w4~168.1w4~168.1w4~168.1w4~264.1w5~264.1xg~168.1xk~168.1xk~168.1xk~168.1xl~168.1xl~168.1xl~168.1xl~168.1xl~168.1xl~168.1xl~168.1xl~168.1xl~168.1xl~168.1xl~168.1xl~168.1xl~168.1xl~168.1xl~168.1xm~168.1xq~168.1xq~168.1xq~168.1xq~168.1xq~168.1xq~168.1xq~168.1xq~168.1xq~168.1xq~168.1xq~168.1xq~168.1xq~168.1xq~168.1xq~168.1xq~168.1xq~168.1xq~168.1xq~264.1xr~264.1y2~264.1z2~264.1z9~264.1ze~264.1zu~264.20c~264.20v~264.21j~264.223~264.227~264.22m~264.23c~264.24i~264.253~264.25a~264.25t~264.26e~264.26k~264.270~264.278~264.27r~264.286~264.28o~264.295~264.2a9~168.2ae~168.2af~168.2af~168.2af~168.2af~168.2af~168.2af~168.2af~168.2af~168.2af~168.2af~168.2af~168.2af~168.2af~168.2af~168.2af~168.2af~168.2af~168.2af~264.2ak~264.2aq~264.2b0~168.2bf~168.2bf~168.2bf~168.2bf~168.2bf~168.2bf~168.2bf~168.2bf~168.2bf~168.2bf~168.2bf~168.2bf~168.2bf~168.2bf~168.2bf~168.2bf~168.2bf~168.2bf~168.2bf~264.2bf~264.2c4~264.2d2~264.2dh~273.2dx~273.2e5~273.2e7~264.2e8~264.2en~264.2f2~264.2f6~264.2fk~264.2g1~264.2gv~264.2hh~264.2hv~264.2i5~264.2ij~264.2jp~257.2ka~264.2ka~264.2ki~113.36l&met.1=1.lrhx61j4~6.3i~7.3j~8.3j~9.3j~10.5u~11.4o~12.5v~13.6z~14.71~15.72~16.t8~17.t8~18.th~19.365~20.365~21.366~22.k9~23.k9
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20240116/r20110914/rum_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:400e:c03::78 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3seclab.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:08 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-B3CW348TC4&gtm=45je41a0v874379345&_p=1705504203599&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=440884274.1705504204&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1705504203&sct=1&seg=0&dl=https%3A%2F%2F3seclab.com%2F&dt=3%EC%B4%88%20%EC%97%B0%EA%B5%AC%EC%86%8C&_s=3&tfd=5723
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B3CW348TC4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://3seclab.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 17 Jan 2024 15:10:09 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://3seclab.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
googlecm.hit.gemius.pl
URL
https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESENyDlG0jm67ke7D1AXJRkuI&google_cver=1&google_push=AXcoOmRkT_T128PVPiL5YBukwYQshLk0VIInikRsc7M5POY-nd5ato5ETOhaMJ4qZqJU1s2kANcFyVPpSHabNAsSL31Tqc7eL4Uf8TC-VjbNW5q41drvqZ0TmshSJdc-tJf3OYMtnUFl_Zu_POxD4kJ9PEcscs26

Verdicts & Comments Add Verdict or Comment

99 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 function| gtag object| dataLayer function| $ function| jQuery object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state number| google_rum_task_id_counter string| google_user_agent_client_hint object| google_tag_manager function| onYouTubeIframeAPIReady object| gaGlobal object| FontAwesomeKitConfig object| _taboola function| google_spfd number| google_unique_id object| google_sv_map object| regeneratorRuntime function| Jackdaw function| adfit function| Odometer function| getDate function| getDateWorld function| getPageView function| getTotalPageView function| getThumbnail object| newList object| topList object| aiList object| feedList function| google_sa_impl object| google_rum_config number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages function| clickTest0 function| clickTest1 function| clickTest2 function| clickTest3 function| clickTest999 function| clickTest4 function| clickTest5 function| clickTest6 function| clickTest7 function| toNotion function| clickSquareBanner object| _google_rum_ns_ function| _typeof object| TRC object| _tblConsole undefined| msg function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl object| googletag object| google_llp undefined| google_rum_values object| GoogleGcLKhOms object| google_image_requests

24 Cookies

Domain/Path Name / Value
.3seclab.com/ Name: _ga
Value: GA1.1.440884274.1705504204
.3seclab.com/ Name: _ga_B3CW348TC4
Value: GS1.1.1705504203.1.0.1705504204.0.0.0
.3seclab.com/ Name: __gads
Value: ID=85f5c5c159c77a69:T=1705504204:RT=1705504204:S=ALNI_Mb93ZQYCJF9PNRrdD0nXxMvr4sL5w
.3seclab.com/ Name: __gpi
Value: UID=00000d43700928e7:T=1705504204:RT=1705504204:S=ALNI_MYzgamZlVuSn9boNcaAHLj5-qNlIw
.casalemedia.com/ Name: CMPS
Value: 2237
.adnxs.com/ Name: uuid2
Value: 3780468839494359802
.doubleclick.net/ Name: APC
Value: AfxxVi7WquEUXqYso5qCVFFOzvgEEfwHunrwte1g4Nc6Htj21J8xLA
.casalemedia.com/ Name: CMID
Value: ZaftzbSKeWwN67RCUif7OQAA
.casalemedia.com/ Name: CMPRO
Value: 2237
.doubleclick.net/ Name: IDE
Value: AHWqTUnA2rgQ8nIDlg1oG2I07JGsr4tNpqz5LXJd1By7AqgZvjCexMUjRn7BLi4bk5I
.adnxs.com/ Name: XANDR_PANID
Value: gfdm9kNndEWFF6rVcuYo79_R99smoOV3kSVTdnHcXymkRdgOBZwwR-FGHyqrFtllwRn6c8Wt9k0zmW1J5BglANang4sUf4YrR7MdiDnMIBY.
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2C$Qvz3jc!]tbd8i_iqf!oN/@E'zz<*Z0QS0NV'gOCgQYK13k>UxjF<q-][n/oRpa-)w.TD._*PlZ[C[-kX-7$s)6
.yahoo.com/ Name: A3
Value: d=AQABBM7tp2UCEKjCQPhhKeinsSuh3d8kpikFEgEBAQE_qWWxZQAAAAAA_eMAAA&S=AQAAAsX83kPiYmbzTEDf8AWYAGw
.agkn.com/ Name: ab
Value: 0001%3A1jUjC8vJGTcWere5sAvkUNTl7SXlWg7G
.agkn.com/ Name: u
Value: C|0CEAtOqpOLTqqTgAAAAAAAQ13AQCAAQpAAAAAAA
.doubleclick.net/ Name: DSID
Value: NO_DATA
.quantserve.com/ Name: d
Value: EEQBCQH2KoEA
.quantserve.com/ Name: mc
Value: 65a7edce-89560-ff1e5-1aa0f
.w55c.net/ Name: matchgoogle
Value: 5
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZaftzgAPDiOs1wAM
.w55c.net/ Name: wfivefivec
Value: mHNJfmtS1Rq7ym5
.simpli.fi/ Name: suid
Value: 022B358611524395B72E3CFC9921E9EF
.tribalfusion.com/ Name: ANON_ID
Value: adntuJuyTYEBErv6XromjZbcETVVdrIJRKq9DjrLTbdVPnu2KkZdMSSuEdqUAcwZbQZa1EYgt1sUtQyEBuZapjcZcsVoOE
.googleadservices.com/ Name: ar_debug
Value: 1

2 Console Messages

Source Level URL
Text
other warning URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7052384650666721&output=html&h=280&slotname=8309648592&adk=3127313283&adf=97736722&pi=t.ma~as.8309648592&w=1200&fwrn=4&fwrnh=100&lmt=1705504204&rafmt=1&format=1200x280&url=https%3A%2F%2F3seclab.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705504204039&bpp=7&bdt=457&idt=330&shv=r20240116&mjsv=m202401110101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7814081595830&rume=1&frm=20&pv=1&ga_vid=440884274.1705504204&ga_sid=1705504204&ga_hid=1558612209&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=550&ady=3706&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31080431%2C95320892%2C95321627%2C95322163%2C95322325%2C31061691%2C31061692&oid=2&pvsid=593978333931182&tmod=1091228091&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=1152&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=334
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://dt.adsafeprotected.com/dt?advEntityId=1875473&asId=972324fa-d288-260c-671b-b32e16643e57&tv=%7Bc:1zuDOz,time:888,type:e,im:%7Bpci:%7Btdr:829%7D,pLoad:841%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:888,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B882~0%5D,as:%5B882~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:133,fm:u1DjQgr+11%7C12%7C131%7C141%7C142%7C151*.1875473-77671614%7C1511%7C1512%7C15131%7C1514%7C1611%7C1711%7C1712%7C1713%7C1811%7C1812%7C1813%7C1911%7C1912%7C1913,idMap:151*,rmeas:1,rend:1,renddet:XIFRAME.us.dr,siq:17,sis:433%7D&br=c
Message:
Failed to load resource: the server responded with a status of 502 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3seclab.com
a.tribalfusion.com
ade.googlesyndication.com
ads.eu.criteo.com
ajax.googleapis.com
cat.nl3.eu.criteo.com
cdn.jsdelivr.net
cdn.rawgit.com
cdn.taboola.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
csi.gstatic.com
csm.eu.criteo.net
d.agkn.com
dclk-match.dotomi.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
googlecm.hit.gemius.pl
gum.criteo.com
ib.adnxs.com
imageproxy.eu.criteo.net
ka-f.fontawesome.com
kit.fontawesome.com
odr.mookie1.com
pagead2.googlesyndication.com
pm.w55c.net
pr-bh.ybp.yahoo.com
region1.google-analytics.com
rtb.nl3.eu.criteo.com
s.tribalfusion.com
s0.2mdn.net
securepubads.g.doubleclick.net
static.adsafeprotected.com
static.criteo.net
sync-tm.everesttech.net
t1.daumcdn.net
tpc.googlesyndication.com
um.simpli.fi
user-images.githubusercontent.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
googlecm.hit.gemius.pl
104.18.36.155
142.250.184.194
142.250.185.98
142.250.186.130
151.101.129.44
151.101.194.49
178.250.1.6
18.158.149.85
18.192.231.252
18.197.244.187
2001:4860:4802:32::36
216.58.206.34
2400:52e0:1e00::1081:1
2600:1f18:1aca:4282:d34e:2c1b:3408:57ec
2600:9000:223f:ba00:8:48e:53c0:93a1
2606:4700:4400::ac40:93bc
2606:4700::6810:5614
2606:4700::6811:190e
2606:4700::6812:19ad
2606:4700:e4::ac40:a407
2606:50c0:8000::154
2607:f8b0:400e:c03::78
2620:116:800d:21:7eb1:3826:be7e:d981
2a00:1450:4001:800::200a
2a00:1450:4001:802::2001
2a00:1450:4001:806::2002
2a00:1450:4001:808::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2008
2a00:1450:4001:811::2002
2a00:1450:4001:813::2003
2a00:1450:4001:828::2004
2a00:1450:4001:82a::200a
2a00:1450:4001:830::2006
2a00:1450:4001:831::2003
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::9
2a02:2638:3::c
2a02:26f0:7100::1720:ee90
2a02:fa8:8806:20::2040
2a05:d018:d29:3601:fb9e:de5f:307d:4267
3.70.101.28
3.76.149.124
34.150.170.96
34.160.236.64
37.252.171.149
54.73.100.143
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
03c1e188b884240e56a79c39b6918e16e9cfdf9b4ed4e84d5d8efe71fef778ae
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0646c9cc0553a4d577afee3cea3243f14bb8a5efe1940fdad72144346130e3d6
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0a147c4ad6d7c25b8f8e60d007a049bcdfc63f9d250d56cf55bbc9ca88202297
0ad172fa0a6b2994671e3fc1fcbb4c6095871df345ee14de6e06a4c771b96ae3
0b5c28f4ec8eab536f573936aa731e9f4bf67f510cf86c6369d0469ec5a6ac16
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0be287ca7f0489e9605b3ea6690cb4c0f124e0068209f5d6ed575e70dd1efee7
0de7c1baa53cac77e11a5e964537c7b2e020c1abd1f8eda3570444527900e197
118c896ee0da998013a6507f7510f9e430736412ef38571c24af9f0545510c8b
153b9c71df431376e7e82b2a07e232527d66b0bdd19660c177e19f78c77cf564
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
1a36bb8fc87d6ebbd8579170033ee9c926c731476bd7281f05431edd367e0a01
1a9cba16c5a30dc7cc3bdcbba2a45e9e2e28ec4437894302c6676369ed0ec732
1b7824d66fe6dd650f879ac215211ca528b26ea47f7537bfea0b9c338b48e413
1e602c28eb1cd6264b9d101f790d012aa35863dbe826beace0648a588b523fb4
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
241bb801b29748e542884f7b902c02f12f6a318ba97f70224986634926dbc433
25c076b9d2b3097de9315dcd24e09324921fa9a438254dfaf12fb4aa86ae87a6
2722765094819beab1a31ecf85b44298d6912c7f00a0716a573b7bfa9b96d99c
2a891dd66730225e7e9f4c9d6c4ec564a787e43d5e34c113a22566f78d0973d5
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2f6bea46c546f8965429c8793da815b8aa488ea358656607513811e6220f4583
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
32bb6bb95ee0cfe00efcc89ac8aec81afa338173a5f8323653fab2ddc97e1849
33e6de7cfb3f4e549f0e126579ccc264c63f75503ebaed6bfe193e38ab603a89
3568df73646f1293690093987be25d4e1093490ffdaaae67f7df1e4cd24b3daa
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3b5c81d74cb3cd963e359ca75955b3e838091e2660f4a793fb898e37b0bd11bc
3b8e8b8ecb597ede4fe31689e6c8425d55b9001201cb381f40a72a027c093dd7
3d4b70074eb7d712dfe4dcb2c20473bc5bb8d9de71e7cddf63345963d3008f0e
3fd13aa5309882955edefa1157aab289e1542b6cac5b258f7a486ef88ed1d876
417d6eb8c5360add5b64962d7645178b396f12542c18ffcdee5690dcfc3ccb56
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
4795994cb8db38d3b5982cbcd138a654f7a96bd6b4ca2d0b3b33b819610e253d
493233eed7ae56c3ebdbda84aa21a05198a1af8d23ae7beac97152d6aa0abf38
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cff944fa0c249af468fe287e9e55f04a601f6b010eb93883bd3950549b4677a
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d960d962ad82e978743dd80842b508aa661a3c6a982ce9797a28904d79d2495
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
503c8931cb5a8d976b52e148531fd9d93c8111df465df51226e01e858dc82f3a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
557db5123dcc2dce86e6af5a6279d127562748d5add45a6dd68ac06309a6d56e
559ed27b48f52ad1c65466a95a120b8264f7dea4a23d31f2ebb3b5beca3321f6
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55ee9510e78623f5fd1309067dc6e7a15f70d48e23e5658a0aa81be100ad232b
5668fb08dc7b010e78933a488a9352bce5c049739ec0c765f9146d47880ae21c
5828ff27c35c12c94d0d8b3cdfd77b28606034437c009902d28cf7f5bcb6a907
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
59196f295fdadd3391cfbb187fef654f77ae385d6f8555c588963b521b1a98a8
5971ff70f5dc3090e3f6d9ce048abb0f5d9c9ac8f871804aa3ead0f868768564
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5fd90aa1cd1fcc9983fde36f1ea8cdd002f5b80bb12d6b3db9c9b3f22e362351
6005e56ab3043d83726d25b0d17458e35b72355a81ca3230cc9de9058ee8b1f0
6044993035a5c3b9ae5ae01dbd877ae12c7db7b9ce14537c9ba74149dc89c063
60bbd198b164ded548ef31bd866000fa0076524b15a1dfe3e2e5f50e1874ba69
619fdeaed027f4e2b96cb82baa60c9c6615e7b24172f08eed907e617537171e1
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62d8e57ac9942eeefb1d01232cc721f5a059607dfb5272c0bd259397beb1550c
68823139906c0cb7f53b790ec44c83511ae580884759f103fa25322548c53d8a
693971948a7c61c749e3d153c5a5210bde0b82e949b984c6455754170e1ff81e
6aee84ab9563e65f689c6d05b07d5da21a8d34a04dba07b68fc557eeb9668452
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
6ec02d6a5d3091b1f85eff855d277d63ece9f09ac05a8458f0d2fa0f8a936ea1
6f53e834474e33540f149e24fb765f3ccbb808b07c2e650ae1aafdb165611c15
70c4f56f8e13e9387d9c65b17636a678eb6ccf82a8255cb1d2eb9192f7e478bb
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72afec3698db07b794eebd045a464c969c7e4a0fbbd7cacc64ea63a41c2554f4
741439021c6759db793fd978c0028df74867e8671d048da5b06f05d875a3b4d0
7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d
7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a
7b43a44f0f7c4f1a4096d544d5722abcbc099f8e963aac2fd6be34d62dd8f311
7d49863a484344c6ebf94f660baeea6cd41b4423cdc92fea215e807d166e99d5
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
8225101a9126f083f13d195309b9ac0250a44f2614240c2bf99575135d41cc2a
846dbf808016b540ed729ead9df2f8383bb04c9ccf9d579f5fcac922cbd53e01
8813fcb15abbbd087e06127a9a31efeaf6a73a842c4571a29d54c98a967fb6ea
8a746b54d9607284603c4b6d8ffdb8ee004ce3d3cd7d431801c42436ee9d3572
8de4807f45fda8584ee495db10f1cd0bf31e1921d44db07219413aefac97a599
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287
91646ad7616b3dc8e741bba8115e98c73478008c31d0c4ccc124adb057af98c6
96ba8dcd11d2e05a343a7dfe34dbae7c1fb48cda32eec0532d006b0ef2e20e37
972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651
97c530c44249746307c2b01b37eed0f53757d139bc4243798f468c71da9844da
98ea92621a1e03efc11987fba7aff5dae88cd39ffa85960a627b7c8c7b002e8e
99589eed955e57d3afcd0579de31b576b7b6aa69e9dcf68b89be8758333c73a2
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d4fcb4aa905905b607e24ad048a59dbb263c61a5ec3801df124d9afc2349220
9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1
9eb3bf3e8c6ea320509db483e9e683ef91b7cbd05243f4b5768c4e315680aea1
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2c8d4c4f851bc762ff462329786060fc683b9ac19e857cc9426e95771b648a6
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a92dec929dbc475595813bb3f15358141c995a581ae241190dc472c898046cb9
ae0ae6525aa03acf684cc54443f6bb25006f81e2bb9b45c2b06e6b4d05ad24af
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5be0732ab1cc16692e165a7950810f0c772e400f6a2f63e1026a0b938016813
b61357b10f6ecbaa86914307307d2bbd03939ad047661b33722ea8aa2b08efb4
b92e3b279a432124a580b446aa03604a19e0ce77bf5d3449420281068b069e27
bbebb6b5589a2b23572a79aef21e82a63632d23aad06cef36c5941170961009a
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
c03f6158c284d3307c734ac656acfa057ff7db01064ff75aaf340568921de738
c079199a5435fa99db800056db5eaf70effb0229c4440048016a325996678094
c0b9241b80d62fb8c916c74e58c2f6ab6613dcff3c4d57a248ddac950a389bc8
c3b7bf416424abed17314649bb71a1de7a3afc6af66840d04b730e69652e27ac
c569682705465762d14563bf726433c8567982e4b82f6d557d0f51b8725b5e97
c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7
cab592df2cdafc6691a72631ba50837628b535989afb2ef1d98d3819838d60ec
ce3226a134c0d881ca75d7d39878a259693effa7596c6abc27f0202bd37aab31
d0d80991c6e4b62d5c77985c1e293aad44cc120e03aee7ae6936c79d25a0e467
d101da11bbbc29d5ab5fb660f968a4d49f63b25ce66577d10ec7bb8e576f9ab4
d2f739ccd0f4015ddd8911da46f0e54d9e5873313e11382fef9d16d6e4fb1cdd
d3052d320ab4ea5d273b5446b3735e1ad0591616347401b9321051ba8a73997e
d4cf1fe6c222ce1c7d4e211a77e04119655e2b630d8fd74cd9ec88e9e205d8b1
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d621f700fc53936c24ba89acc2c9990fe9ab9f8278b999dbe86c35776bf55145
d7775ada10d4dbfbc3e7e6ff4b39986211d5270dfc3aec91f9b8c9eb488d363d
d917660c3d6f7aad32ebc4b0012c6d0bb84a13e201a012e334bcca4b9f4686c9
da10d8b8587c8c2f57b549a436dff23e35c7ba130d315e39be083470275b47fc
db05e489350f13fb0929666ca6ca5bdb7958fe730494614532499ed08b95930b
db2a0a3f32617aa69bf04a9c1ac37a7e2c6e9801af79bb11f25c1f4f5ec45bb7
deedd1a5bf2243d12d0393fe733a3637c5da52d9afcce74e9f11e905c865c67d
e02af7df9a190d88380e2dcec2050ecaa493ae2d23526dbeec67f6907df3a752
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5118140a15e5dbb471f19c06816bcfa44170878bd8fe0ade80c24b7a988d8ba
e537bb0b81601eabcdc6dd4e2eb938917a7c6887765651882ec0ed5081c26c67
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
e8db9866a2f31276fbad78de2dee127539b8248b1d50bc0e00c940ebc3a286e6
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
e9a94e6a13c292358a9913fc16737eaaea42b230be6ac212e6bf99b41408ef33
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
eff7ff2359783849ffbde9a53c7243fb15a82e7aca5c9f9ceeb8f48b2adf1e6c
f10d5bdd8d60943848d514b3aa6e7d4d663e669069c8ed946ff4ed262a288a07
f212cb39e6ab513d00fd32320d69f2f8841fa3175b2f9735b910fa818d9218be
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f6adb794eda0e31a163ed517d8e63d388dbb762031a189349c72af2bc37bb4f2
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda