www.linktobox.com Open in urlscan Pro
2606:4700::6812:72 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://tinyurl.com/4u5s29r7
Effective URL:
https://www.linktobox.com/a/d/Mu5HVLi
Submission: On July 24 via manual (July 24th 2023, 5:22:47 pm UTC) from SA — Scanned from DE

Summary HTTP 107 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 18 IPs in 4 countries across 15 domains to perform 107 HTTP transactions. The main IP is 2606:4700::6812:72, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.linktobox.com.
TLS certificate: Issued by GTS CA 1P5 on June 4th 2023. Valid for: 3 months.

This is the only time www.linktobox.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:10:... 2606:4700:10::6814:8b41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700::68... 2606:4700::6812:103f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 6	2606:4700::68... 2606:4700::6812:72	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
19	2606:4700::68... 2606:4700::6812:172	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6 12	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
15	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	47.74.232.58 47.74.232.58	45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.)
1	2606:4700::68... 2606:4700::6812:1eb9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
23	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
3 4	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4005:811::2003	15169 (GOOGLE) (GOOGLE)
1	173.194.76.156 173.194.76.156	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:1d::7	15169 (GOOGLE) (GOOGLE)
107	18

1 2606:4700:10::6814:8b41 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

tinyurl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:103f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

lktbx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6812:72 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

linktobox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linktobox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2606:4700::6812:172 (United States)

ASN13335 (CLOUDFLARENET, US)

www.linktobox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a02:6b8::1:119 (Moscow, Russian Federation) 6 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 47.74.232.58 (Singapore)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)

log.sharemusic5.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1eb9 (United States)

ASN13335 (CLOUDFLARENET, US)

avatar.fuplink.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4005:811::2003 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.194.76.156 (United States)

ASN15169 (GOOGLE, US)
PTR: ws-in-f156.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:1d::7 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r2---sn-4g5lznle.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 134 tpc.googlesyndication.com — Cisco Umbrella Rank: 153	492 KB
25	linktobox.com 1 redirects linktobox.com www.linktobox.com	997 KB
16	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 56 bid.g.doubleclick.net — Cisco Umbrella Rank: 743	127 KB
8	yandex.com 4 redirects mc.yandex.com — Cisco Umbrella Rank: 11187	3 KB
7	gstatic.com www.gstatic.com csi.gstatic.com	23 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 82 imasdk.googleapis.com — Cisco Umbrella Rank: 510	135 KB
4	google.com 3 redirects www.google.com — Cisco Umbrella Rank: 3	1 KB
4	yandex.ru 2 redirects mc.yandex.ru — Cisco Umbrella Rank: 4002	75 KB
3	2mdn.net 1 redirects gcdn.2mdn.net — Cisco Umbrella Rank: 1160 r2---sn-4g5lznle.c.2mdn.net	961 B
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 207	169 KB
1	fuplink.net avatar.fuplink.net — Cisco Umbrella Rank: 793848	5 KB
1	sharemusic5.com log.sharemusic5.com — Cisco Umbrella Rank: 84416	179 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1178	606 B
1	lktbx.com 1 redirects lktbx.com	162 B
1	tinyurl.com 1 redirects tinyurl.com — Cisco Umbrella Rank: 17979	524 B
107	15

	Domain	Requested by
24	www.linktobox.com	www.linktobox.com
23	tpc.googlesyndication.com	pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com imasdk.googleapis.com
17	pagead2.googlesyndication.com	www.linktobox.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
15	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
8	mc.yandex.com	4 redirects www.linktobox.com
4	csi.gstatic.com	imasdk.googleapis.com
4	www.google.com	3 redirects tpc.googlesyndication.com
4	mc.yandex.ru	2 redirects www.linktobox.com
3	www.gstatic.com	googleads.g.doubleclick.net
3	www.googletagservices.com	googleads.g.doubleclick.net
3	fonts.googleapis.com	googleads.g.doubleclick.net
2	r2---sn-4g5lznle.c.2mdn.net
2	imasdk.googleapis.com	googleads.g.doubleclick.net
1	gcdn.2mdn.net	1 redirects
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	avatar.fuplink.net	www.linktobox.com
1	log.sharemusic5.com	www.linktobox.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	linktobox.com	1 redirects
1	lktbx.com	1 redirects
1	tinyurl.com	1 redirects
107	21

This site contains links to these domains. Also see Links.

Domain
play.google.com

Subject Issuer	Validity	Valid
linktobox.com GTS CA 1P5	`2023-06-04` - `2023-09-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-03-17` - `2023-08-27`	5 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
sharemusic5.com ZeroSSL RSA Domain Secure Site CA	`2023-05-04` - `2023-08-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-11-28` - `2023-11-28`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-07-11` - `2023-09-19`	2 months	crt.sh

This page contains 17 frames:

Primary Page: https://www.linktobox.com/a/d/Mu5HVLi
Frame ID: 95030418D1A76D85963C8FB76AFFF550
Requests: 49 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20190131/zrt_lookup.html
Frame ID: E29555F92B42D0B0B5768CD514F2C3A7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8248666120992444&output=html&adk=1812271804&adf=3025194257&lmt=1690219360&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x1080_l%7C500x1080_r&format=0x0&url=https%3A%2F%2Fwww.linktobox.com%2Fa%2Fd%2FMu5HVLi&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690219360957&bpp=8&bdt=530&idt=249&shv=r20230719&mjsv=m202307180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=167826253924&frm=20&pv=2&ga_vid=732159558.1690219361&ga_sid=1690219361&ga_hid=1761318810&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076342%2C44788442%2C44796827%2C44797786&oid=2&pvsid=2943535127515376&tmod=589971265&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=266
Frame ID: CD2C027318E3EAC7A58FD6D0DD0BAA18
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
Frame ID: F5D70A9C2159C01C1CB6E24AE68069F5
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
Frame ID: 0A5C779E8AE5A94E5788A5E6F35207AF
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
Frame ID: 1C6759A0E3372C648E2E0ED26EDBFB15
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
Frame ID: 7E179D15806422BED47ABE72B0B8D978
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F6CE7998BFABD3C238EEA0A7E9DFDF47
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DF286270A73A9CEFD3FB2A2CC61E96EB
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 3E9C3D2FB2999110EDCB421459F6E2AD
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 27DE80697537400E69BA60CC9C1DF227
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/abg_lite_fy2021.js
Frame ID: D8DC15D1CF7EDFFB9A197A4F9875867C
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: CAA2048034E975B43B5DA4B449158614
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/7iS30H4CIOlAzWX_-DRl8EqUdjCbSbkytJAMRoxuMII.js
Frame ID: 159E2221B2C3963C0C30C27E98ECF8D9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/7iS30H4CIOlAzWX_-DRl8EqUdjCbSbkytJAMRoxuMII.js
Frame ID: CB158DFF47B827ED0ECA6211DE010943
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/7iS30H4CIOlAzWX_-DRl8EqUdjCbSbkytJAMRoxuMII.js
Frame ID: F656263AA16786DAC6698D63B12FCB26
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: D6749647BA5413D75363A856C27B3322
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

TeleBox

Page URL History Show full URLs

https://tinyurl.com/4u5s29r7 HTTP 301
https://lktbx.com/d/Mu5HVLi HTTP 302
https://linktobox.com/a/d/Mu5HVLi HTTP 301
https://www.linktobox.com/a/d/Mu5HVLi Page URL

Detected technologies

Ant Design (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]*class="ant-(?:btn|col|row|layout|breadcrumb|menu|pagination|steps|select|cascader|checkbox|calendar|form|input-number|input|mention|rate|radio|slider|switch|tree-select|time-picker|transfer|upload|avatar|badge|card|carousel|collapse|list|popover|tooltip|table|tabs|tag|timeline|tree|alert|modal|message|notification|progress|popconfirm|spin|anchor|back-top|divider|drawer)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

107
Requests

96 %
HTTPS

90 %
IPv6

15
Domains

21
Subdomains

18
IPs

4
Countries

2025 kB
Transfer

6383 kB
Size

21
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://play.google.com/store/apps/details?id=com.linkbox.plus.android&referrer=utm_source%3DOfficical%26utm_campaign%3Dgp
Title: Install App

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://tinyurl.com/4u5s29r7 HTTP 301
https://lktbx.com/d/Mu5HVLi HTTP 302
https://linktobox.com/a/d/Mu5HVLi HTTP 301
https://www.linktobox.com/a/d/Mu5HVLi Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10074.feSeYYbtlyFaxeFa2JKJZLkM641jK6G3LPKgZkzgFFkDJl6arfHe0RgV-47K4lkn.H33Sk--ONcyLoV7VYq9WovtkXnU%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10074.aC_jwCj-NfXbLXHhUHgp4YcTwYWUCo_-N7H5F0eEqLLWoqfl8EuQclmBEpsYY5KuOxGoypY0gLdeMsYhalzC7_HQuZKUW6RfU2-tWnRUb8k%2C.yZZVO_ZcRSRRusFd_ztq5o0MNNI%2C

Request Chain 26

https://mc.yandex.com/watch/88583577?wmode=7&page-url=https%3A%2F%2Fwww.linktobox.com%2Fa%2Fd%2FMu5HVLi&nohit=1&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7h8dgiykw9ep6c3ao218h5r%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1082%3Acn%3A1%3Adp%3A0%3Als%3A1021236476241%3Ahid%3A482009424%3Az%3A0%3Ai%3A20230724172241%3Aet%3A1690219361%3Ac%3A1%3Arn%3A182576923%3Au%3A1690219361450535846%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1690219358834%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1690219361%3At%3ATeleBox&t=gdpr(14)clc(0-0-0)aw(1)ti(1) HTTP 302
https://mc.yandex.com/watch/88583577/1?wmode=7&page-url=https%3A%2F%2Fwww.linktobox.com%2Fa%2Fd%2FMu5HVLi&nohit=1&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7h8dgiykw9ep6c3ao218h5r%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1082%3Acn%3A1%3Adp%3A0%3Als%3A1021236476241%3Ahid%3A482009424%3Az%3A0%3Ai%3A20230724172241%3Aet%3A1690219361%3Ac%3A1%3Arn%3A182576923%3Au%3A1690219361450535846%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1690219358834%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1690219361%3At%3ATeleBox&t=gdpr%2814%29clc%280-0-0%29aw%281%29ti%281%29

Request Chain 39

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10074.al0YK9aS9h0ph63X7OUtMqsH8zOkvxO7zwA4OseDFSNoqdNZzwCH9nW4ddNQeaRI.C4uCB1kTk28yJbG_YB4i1OF0wJ8%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10074.5q8Zbn3sQvvx2Pi5d1JqIjMHGGXeAe1nXq0CGi4jMZmt9XWBBPPWyFHtZOJ7T6h6wrVkblN9fxSDEwQ8yNFYN2PCB783Ts3HzQ9qHyDeXv0%2C.LV0n_OG-E78upHZuQz2qvyFQDT0%2C HTTP 302
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10074.l4oZcJfyRNXEDmGn9jBtO9Ja4lgt0h__Me8otB8cgPRXSKPYmI4nJMlfIDwFclxUI4YngFkDlfFSn4BzlewVnWSr-1k1EDj_2q-yUulNrcpoh8WTJmqJWW_o-2Y41UUSD__J8M3o7k7M_DkLK8xhUe4gHCZuF-GbRl_8RMquW9zvQs2mGDqilgCLnU-KkkatyA554EpDk5zi737OLNKLdw%2C%2C.PjmjtJii3_NbQlibvcJuBF11DNE%2C

Request Chain 80

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 82

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 98

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 107

https://gcdn.2mdn.net/videoplayback/id/437cda7db0606454/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1721755363/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/8A69C76B0C064953334EB7520CFFE1BA18577280.42190D627A00759398E6947F9926AC7424E9865A/key/ck2/file/file.mp4 HTTP 302
https://r2---sn-4g5lznle.c.2mdn.net/videoplayback/id/437cda7db0606454/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1721755363/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/B08BFDD525A5DBF856DC9FB38D8E4C7639A5AB.6DE4F45EE222133EEB3AB2473972F1CFC9C8F2DB/key/cms1/cms_redirect/yes/mh/IK/mip/2001:1b60:1010:2:1012:8bfa:690c:329e/mm/42/mn/sn-4g5lznle/ms/onc/mt/1690219017/mv/m/mvi/2/pl/29/file/file.mp4

107 HTTP transactions
12 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request Mu5HVLi Show response
www.linktobox.com/a/d/
Redirect Chain

https://tinyurl.com/4u5s29r7
https://lktbx.com/d/Mu5HVLi
https://linktobox.com/a/d/Mu5HVLi
https://www.linktobox.com/a/d/Mu5HVLi

3 KB
1 KB

239ms
217ms

Document
text/html

2606:4700::6812:72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.linktobox.com/a/d/Mu5HVLi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd957bcbf630c865a035622c7d1cb1bd999a5e52fcea653719f710b224860714

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=14400
cf-cache-status: MISS
cf-ray: 7ebdd8b95e90361d-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 24 Jul 2023 17:22:40 GMT
expires: Mon, 24 Jul 2023 21:22:40 GMT
last-modified: Mon, 24 Jul 2023 17:22:40 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=3600
cf-ray: 7ebdd8b90e0c361d-FRA
date: Mon, 24 Jul 2023 17:22:40 GMT
expires: Mon, 24 Jul 2023 18:22:40 GMT
location: https://www.linktobox.com/a/d/Mu5HVLi
server: cloudflare
vary: Accept-Encoding

GET
H2 200 performance-sdk.js Show response
www.linktobox.com/lib/ 12 KB
4 KB 218ms
209ms Script
application/javascript 2606:4700::6812:72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.linktobox.com/lib/performance-sdk.js
Requested by: Host: www.linktobox.com
URL: https://www.linktobox.com/a/d/Mu5HVLi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 175b28f718ff7884f1888724e41e572ce8dcfd4c92dea9e839e6fc88ee655689

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.linktobox.com/a/d/Mu5HVLi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 17:22:40 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 19 Jul 2023 10:21:35 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 7ebdd8bac8eb361d-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 24 Jul 2023 21:22:40 GMT

GET
H2 200 performance-init.js Show response
www.linktobox.com/lib/ 97 B
194 B 215ms
207ms Script
application/javascript 2606:4700::6812:72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.linktobox.com/lib/performance-init.js
Requested by: Host: www.linktobox.com
URL: https://www.linktobox.com/a/d/Mu5HVLi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a239e950d8a4031a97e60456b411224e739d457f0372d5e3555d0b7b99737d8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.linktobox.com/a/d/Mu5HVLi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 17:22:40 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 19 Jul 2023 10:21:35 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 7ebdd8bac8f3361d-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 24 Jul 2023 21:22:40 GMT

GET
H2 200 collection-log.js Show response
www.linktobox.com/lib/ 14 KB
5 KB 347ms
346ms Script
application/javascript 2606:4700::6812:72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.linktobox.com/lib/collection-log.js
Requested by: Host: www.linktobox.com
URL: https://www.linktobox.com/a/d/Mu5HVLi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a6a7c52a2a3ccf340a31c4d570fed3dd80861a5417e769d139ae02183bce06e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.linktobox.com/a/d/Mu5HVLi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 17:22:40 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 19 Jul 2023 10:21:35 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 7ebdd8bac8f7361d-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 24 Jul 2023 21:22:40 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 129ms
75ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8248666120992444

Requested by

Host: www.linktobox.com
URL: https://www.linktobox.com/a/d/Mu5HVLi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ac221a9c2308990a33c9d0ac03537c0cea7091b7bc913156ca8ee310f77fbd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.linktobox.com/a/d/Mu5HVLi
Origin: https://www.linktobox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 17:22:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50744
x-xss-protection: 0
server: cafe
etag: 15156042588084624833
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 24 Jul 2023 17:22:40 GMT

GET
H3 200 main.cbe2cdbf.js Show response
www.linktobox.com/static/js/ 2 MB
527 KB 45ms
44ms Script
application/javascript 2606:4700::6812:172
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.linktobox.com/static/js/main.cbe2cdbf.js
Requested by: Host: www.linktobox.com
URL: https://www.linktobox.com/a/d/Mu5HVLi
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:172 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a60f1a2c93e36a7c08ba4b670f55137ba6598d7d314a6521e1b0a8129b706e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.linktobox.com/a/d/Mu5HVLi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 17:22:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Jul 2023 10:21:33 GMT
server: cloudflare
age: 2038
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 7ebdd8bced7f1cb9-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 24 Jul 2023 21:22:40 GMT

GET
H2 200 main.84c01ad4.css
www.linktobox.com/static/css/ 652 KB
88 KB 274ms
273ms Stylesheet
text/css 2606:4700::6812:72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.linktobox.com/static/css/main.84c01ad4.css
Requested by: Host: www.linktobox.com
URL: https://www.linktobox.com/a/d/Mu5HVLi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7eb034447b38f15ea0d639612f9bab65ac99d50e691df79a2f8ef162583b126

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.linktobox.com/a/d/Mu5HVLi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 17:22:40 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 19 Jul 2023 10:21:34 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 7ebdd8bac8ef361d-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 24 Jul 2023 21:22:40 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 215 KB
74 KB 288ms
138ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: www.linktobox.com
URL: https://www.linktobox.com/a/d/Mu5HVLi

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

5409164b5daa69ef292b0c866658ebbafbfe1828bb13660f9e650e1ac1799da5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.linktobox.com/a/d/Mu5HVLi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 17:22:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Mon, 24 Jul 2023 14:51:22 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "64be65ba-12458"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 74840
expires: Mon, 24 Jul 2023 18:22:40 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307180101/ 360 KB
123 KB 143ms
96ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8248666120992444&plah=www.linktobox.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8248666120992444

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f4115b756d6bc2467be4def348f642d01e8bf8d2bcdc7a31ba79b009c4ba41fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.linktobox.com/a/d/Mu5HVLi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 17:22:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126222
x-xss-protection: 0
server: cafe
etag: 1125921900362500539
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 24 Jul 2023 17:22:41 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230719/r20190131/ Frame E295 10 KB
5 KB 75ms
22ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230719/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8248666120992444

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.linktobox.com/a/d/Mu5HVLi
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 23824
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 24 Jul 2023 10:45:37 GMT
etag: 12368291122986407432
expires: Mon, 07 Aug 2023 10:45:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ascribe Show response
www.linktobox.com/api/file/ 105 B
224 B 203ms
203ms XHR
application/json 2606:4700::6812:172
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.linktobox.com/api/file/ascribe?shareToken=Mu5HVLi&itemId=&dirId=&platform=web&pf=web&lan=en
Requested by: Host: www.linktobox.com
URL: https://www.linktobox.com/lib/performance-sdk.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:172 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8fb5bd3c9bb3723dd19019b3bc93c353164ee42d8bc21ec0d554a12786f3d80

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.linktobox.com/a/d/Mu5HVLi
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 17:22:41 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7ebdd8bec8e81cb9-FRA
alt-svc: h3=":443"; ma=86400
content-type: application/json; charset=utf-8

GET
H3 200 info Show response
www.linktobox.com/api/user/ 40 B
173 B 202ms
202ms Fetch
application/json 2606:4700::6812:172
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.linktobox.com/api/user/info?token=null
Requested by: Host: www.linktobox.com
URL: https://www.linktobox.com/lib/performance-sdk.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:172 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e8cd5d44ff898a4b1c2af1d9ad23acaa88356265a25e1420b0fc6786995cfa8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.linktobox.com/a/d/Mu5HVLi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 17:22:41 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7ebdd8bec8f81cb9-FRA
alt-svc: h3=":443"; ma=86400
content-length: 40
content-type: application/json; charset=utf-8

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10074.feSeYYbtlyFaxeFa2JKJZLkM641jK6G3LPKgZkzgFFkDJl6arfHe0RgV-47K4lkn.H33Sk--ONcyLoV7VYq9WovtkXnU%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10074.aC_jwCj-NfXbLXHhUHgp4YcTwYWUCo_-N7H5F0eEqLLWoqfl8EuQclmBEpsYY5KuOxGoypY0gLdeMsYhalzC7_HQuZKUW6RfU2-tWnRUb8k%2C.yZZVO_ZcRSRRusFd_ztq5o0MNNI%2C

43 B
67 B

81ms
81ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=10074.aC_jwCj-NfXbLXHhUHgp4YcTwYWUCo_-N7H5F0eEqLLWoqfl8EuQclmBEpsYY5KuOxGoypY0gLdeMsYhalzC7_HQuZKUW6RfU2-tWnRUb8k%2C.yZZVO_ZcRSRRusFd_ztq5o0MNNI%2C

Requested by

Host: www.linktobox.com
URL: https://www.linktobox.com/a/d/Mu5HVLi

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.linktobox.com/a/d/Mu5HVLi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 17:22:41 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=10074.aC_jwCj-NfXbLXHhUHgp4YcTwYWUCo_-N7H5F0eEqLLWoqfl8EuQclmBEpsYY5KuOxGoypY0gLdeMsYhalzC7_HQuZKUW6RfU2-tWnRUb8k%2C.yZZVO_ZcRSRRusFd_ztq5o0MNNI%2C
date: Mon, 24 Jul 2023 17:22:41 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
162 B 70ms
70ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: www.linktobox.com
URL: https://www.linktobox.com/a/d/Mu5HVLi

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.linktobox.com/a/d/Mu5HVLi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 17:22:41 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 24 Jul 2023 14:51:22 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "64be65ba-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Mon, 24 Jul 2023 18:22:41 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 393 B
606 B 137ms
29ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.linktobox.com&callback=_gfp_s_&client=ca-pub-8248666120992444

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8248666120992444&plah=www.linktobox.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b0240f1c738c7df8079d3f1469452a08b72a8c39b63d5be262cf8d63fd6755ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.linktobox.com/a/d/Mu5HVLi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 17:22:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 254
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CD2C 472 KB
87 KB 987ms
983ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8248666120992444&output=html&adk=1812271804&adf=3025194257&lmt=1690219360&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x1080_l%7C500x1080_r&format=0x0&url=https%3A%2F%2Fwww.linktobox.com%2Fa%2Fd%2FMu5HVLi&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690219360957&bpp=8&bdt=530&idt=249&shv=r20230719&mjsv=m202307180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=167826253924&frm=20&pv=2&ga_vid=732159558.1690219361&ga_sid=1690219361&ga_hid=1761318810&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759876%2C44759927%2C31076342%2C44788442%2C44796827%2C44797786&oid=2&pvsid=2943535127515376&tmod=589971265&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=266

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c548450889bae41dacdcd58e3f43eeda8d1cda4ac857945bb5c5d46e9040c28d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.linktobox.com/a/d/Mu5HVLi
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 89268
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 24 Jul 2023 17:22:42 GMT
expires: Mon, 24 Jul 2023 17:22:42 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 1220.b3cd2300.chunk.js Show response
www.linktobox.com/static/js/ 58 KB
18 KB 37ms
37ms Script
application/javascript 2606:4700::6812:172
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.linktobox.com/static/js/1220.b3cd2300.chunk.js
Requested by: Host: www.linktobox.com
URL: https://www.linktobox.com/static/js/main.cbe2cdbf.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:172 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dedaaf36fcc069f97351032cd7d04ef07a5a117e1af8f74dd5e36d21d02a15fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.linktobox.com/a/d/Mu5HVLi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 17:22:41 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Jul 2023 10:21:35 GMT
server: cloudflare
age: 2038
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 7ebdd8c01b1d1cb9-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 24 Jul 2023 21:22:41 GMT

GET
H3 200 1930.6ffb9e3b.chunk.js Show response
www.linktobox.com/static/js/ 74 KB
19 KB 42ms
42ms Script
application/javascript 2606:4700::6812:172
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.linktobox.com/static/js/1930.6ffb9e3b.chunk.js
Requested by: Host: www.linktobox.com
URL: https://www.linktobox.com/static/js/main.cbe2cdbf.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:172 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0647849e545b416e10147c05434eb8dc002b2278e2f13153a3a4381634407224

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.linktobox.com/a/d/Mu5HVLi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 17:22:41 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Jul 2023 10:21:35 GMT
server: cloudflare
age: 2038
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 7ebdd8c01b1e1cb9-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 24 Jul 2023 21:22:41 GMT

GET
H3 200 4763.82f25004.chunk.js Show response
www.linktobox.com/static/js/ 33 KB
25 KB 31ms
31ms Script
application/javascript 2606:4700::6812:172
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.linktobox.com/static/js/4763.82f25004.chunk.js
Requested by: Host: www.linktobox.com
URL: https://www.linktobox.com/static/js/main.cbe2cdbf.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:172 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5276ce765b43635355a6f015488309ce0f6ecebea882b8b9c7f894ae3587a2e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.linktobox.com/a/d/Mu5HVLi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 17:22:41 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Jul 2023 10:21:33 GMT
server: cloudflare
age: 2038
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 7ebdd8c01b201cb9-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 24 Jul 2023 21:22:41 GMT

GET
H3 200 4158.4c9951fb.chunk.js Show response
www.linktobox.com/static/js/ 152 KB
101 KB 35ms
35ms Script
application/javascript 2606:4700::6812:172
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.linktobox.com/static/js/4158.4c9951fb.chunk.js
Requested by: Host: www.linktobox.com
URL: https://www.linktobox.com/static/js/main.cbe2cdbf.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:172 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24616281a4d30958fbbb4302b41d04f8d0b31aeeb232d2474b2866cf15293fd2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.linktobox.com/a/d/Mu5HVLi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 17:22:41 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Jul 2023 10:21:33 GMT
server: cloudflare
age: 2038
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 7ebdd8c01b211cb9-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 24 Jul 2023 21:22:41 GMT

GET
H3 200 9406.3353cfae.chunk.css
www.linktobox.com/static/css/ 25 KB
4 KB 34ms
34ms Stylesheet
text/css 2606:4700::6812:172
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.linktobox.com/static/css/9406.3353cfae.chunk.css
Requested by: Host: www.linktobox.com
URL: https://www.linktobox.com/static/js/main.cbe2cdbf.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:172 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa84a1b49a11f80a2c1633a5e4d696a9976bcfa33a7e097f0bfbccba12c3d35d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.linktobox.com/a/d/Mu5HVLi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 17:22:41 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Jul 2023 10:21:33 GMT
server: cloudflare
age: 2038
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 7ebdd8c01b231cb9-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 24 Jul 2023 21:22:41 GMT

GET
H3 200 9406.a8968feb.chunk.js Show response
www.linktobox.com/static/js/ 32 KB
16 KB 39ms
38ms Script
application/javascript 2606:4700::6812:172
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.linktobox.com/static/js/9406.a8968feb.chunk.js
Requested by: Host: www.linktobox.com
URL: https://www.linktobox.com/static/js/main.cbe2cdbf.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:172 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61530dcfb6019d437486c69e7b414775bf952c48d993480d44de293bf850001f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.linktobox.com/a/d/Mu5HVLi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 17:22:41 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Jul 2023 10:21:33 GMT
server: cloudflare
age: 2038
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 7ebdd8c01b261cb9-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 24 Jul 2023 21:22:41 GMT

GET
H3 200 3904.c25e72cf.chunk.js Show response
www.linktobox.com/static/js/ 12 KB
4 KB 30ms
29ms Script
application/javascript 2606:4700::6812:172
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.linktobox.com/static/js/3904.c25e72cf.chunk.js
Requested by: Host: www.linktobox.com
URL: https://www.linktobox.com/static/js/main.cbe2cdbf.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:172 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c5a2a077139ef4d497ef514d6e7dee296112b9fac854fb9137d4feca248c748

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.linktobox.com/a/d/Mu5HVLi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 17:22:41 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Jul 2023 10:21:33 GMT
server: cloudflare
age: 1076
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 7ebdd8c01b281cb9-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 24 Jul 2023 21:22:41 GMT

GET
H3 200 8572.2575ac80.chunk.css
www.linktobox.com/static/css/ 20 KB
4 KB 38ms
37ms Stylesheet
text/css 2606:4700::6812:172
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.linktobox.com/static/css/8572.2575ac80.chunk.css
Requested by: Host: www.linktobox.com
URL: https://www.linktobox.com/static/js/main.cbe2cdbf.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:172 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34ab6374c8d0a70eb092db4e53106629b7195304ebb84a8c3a7fe870673e47b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.linktobox.com/a/d/Mu5HVLi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 17:22:41 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Jul 2023 10:21:33 GMT
server: cloudflare
age: 2038
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 7ebdd8c01b2a1cb9-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 24 Jul 2023 21:22:41 GMT

GET
H3 200 8572.22624bd7.chunk.js Show response
www.linktobox.com/static/js/ 21 KB
8 KB 37ms
37ms Script
application/javascript 2606:4700::6812:172
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.linktobox.com/static/js/8572.22624bd7.chunk.js
Requested by: Host: www.linktobox.com
URL: https://www.linktobox.com/static/js/main.cbe2cdbf.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:172 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb8d2b86a81144e62374dffa09b3f41c12224f930d0fe24d1e29687dfab05c43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.linktobox.com/a/d/Mu5HVLi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 17:22:41 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Jul 2023 10:21:35 GMT
server: cloudflare
age: 2038
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 7ebdd8c01b2c1cb9-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 24 Jul 2023 21:22:41 GMT

GET
H3 200 6146.6e6fac48.chunk.css
www.linktobox.com/static/css/ 3 KB
944 B 212ms
212ms Stylesheet
text/css 2606:4700::6812:172
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.linktobox.com/static/css/6146.6e6fac48.chunk.css
Requested by: Host: www.linktobox.com
URL: https://www.linktobox.com/static/js/main.cbe2cdbf.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:172 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 258c12b5985008d2e9d4673e23be0b994c76551a74dfd914e55a83c16daf5629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.linktobox.com/a/d/Mu5HVLi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 17:22:41 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 19 Jul 2023 10:21:33 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 7ebdd8c01b2d1cb9-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 24 Jul 2023 21:22:41 GMT

GET
H3 200 6146.2add2a1c.chunk.js Show response
www.linktobox.com/static/js/ 7 KB
3 KB 199ms
198ms Script
application/javascript 2606:4700::6812:172
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.linktobox.com/static/js/6146.2add2a1c.chunk.js
Requested by: Host: www.linktobox.com
URL: https://www.linktobox.com/static/js/main.cbe2cdbf.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:172 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6b6bd03146f325ba839200df976c4e16004aa752d24e34809d37633119f162c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.linktobox.com/a/d/Mu5HVLi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 17:22:41 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 19 Jul 2023 10:21:33 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 7ebdd8c01b2e1cb9-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 24 Jul 2023 21:22:41 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/88583577/
Redirect Chain

https://mc.yandex.com/watch/88583577?wmode=7&page-url=https%3A%2F%2Fwww.linktobox.com%2Fa%2Fd%2FMu5HVLi&nohit=1&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7h8dgiykw9ep6c3ao218h5r%3Afu%...
https://mc.yandex.com/watch/88583577/1?wmode=7&page-url=https%3A%2F%2Fwww.linktobox.com%2Fa%2Fd%2FMu5HVLi&nohit=1&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7h8dgiykw9ep6c3ao218h5r%3Af...

435 B
518 B

73ms
73ms

Fetch
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/88583577/1?wmode=7&page-url=https%3A%2F%2Fwww.linktobox.com%2Fa%2Fd%2FMu5HVLi&nohit=1&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7h8dgiykw9ep6c3ao218h5r%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1082%3Acn%3A1%3Adp%3A0%3Als%3A1021236476241%3Ahid%3A482009424%3Az%3A0%3Ai%3A20230724172241%3Aet%3A1690219361%3Ac%3A1%3Arn%3A182576923%3Au%3A1690219361450535846%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1690219358834%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1690219361%3At%3ATeleBox&t=gdpr%2814%29clc%280-0-0%29aw%281%29ti%281%29

Requested by

Host: www.linktobox.com
URL: https://www.linktobox.com/a/d/Mu5HVLi

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

a8229e87b0c6f109c721a158289507efce14ddd0dc7db02d5729738881279893

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.linktobox.com/a/d/Mu5HVLi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jul 2023 17:22:41 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Mon, 24-Jul-2023 17:22:41 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.linktobox.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 435
x-xss-protection: 1; mode=block
expires: Mon, 24-Jul-2023 17:22:41 GMT

Redirect headers

pragma: no-cache
date: Mon, 24 Jul 2023 17:22:41 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 24-Jul-2023 17:22:41 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/88583577/1?wmode=7&page-url=https%3A%2F%2Fwww.linktobox.com%2Fa%2Fd%2FMu5HVLi&nohit=1&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7h8dgiykw9ep6c3ao218h5r%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1082%3Acn%3A1%3Adp%3A0%3Als%3A1021236476241%3Ahid%3A482009424%3Az%3A0%3Ai%3A20230724172241%3Aet%3A1690219361%3Ac%3A1%3Arn%3A182576923%3Au%3A1690219361450535846%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1690219358834%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1690219361%3At%3ATeleBox&t=gdpr%2814%29clc%280-0-0%29aw%281%29ti%281%29
access-control-allow-origin: https://www.linktobox.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Mon, 24-Jul-2023 17:22:41 GMT

GET
H3 200 / Show response
www.linktobox.com/api/file/share_out_list/ 3 KB
697 B 214ms
214ms XHR
application/json 2606:4700::6812:172
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.linktobox.com/api/file/share_out_list/?sortField=name&sortAsc=1&pageNo=1&pageSize=50&shareToken=Mu5HVLi&pid=0&scene=comList&needTpInfo=1&platform=web&pf=web&lan=en
Requested by: Host: www.linktobox.com
URL: https://www.linktobox.com/lib/performance-sdk.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:172 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19068acee65114219e32aa63c0c51ae21046068e667790a1d0aa5ca0e5cff30d

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.linktobox.com/a/d/Mu5HVLi
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 17:22:41 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7ebdd8c1adc31cb9-FRA
alt-svc: h3=":443"; ma=86400
content-type: application/json; charset=utf-8

POST
H2 200 pushlog_sdk Show response
log.sharemusic5.com/ 23 B
179 B 624ms
198ms XHR
application/json 47.74.232.58
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://log.sharemusic5.com/pushlog_sdk
Requested by: Host: www.linktobox.com
URL: https://www.linktobox.com/lib/performance-sdk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.74.232.58 , Singapore, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: /
Resource Hash: 6975ee44fc78b3490483b31a83e36b95273edf236de67f71d4d3809d9815b3da

Request headers

Referer: https://www.linktobox.com/a/d/Mu5HVLi
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Mon, 24 Jul 2023 17:22:42 GMT
stime: 1690219362
content-length: 23
access-control-allow-methods: GET,POST,OPTIONS
content-type: application/json; charset=utf-8

GET
H3 200 folder_base_info Show response
www.linktobox.com/api/file/ 22 B
155 B 202ms
202ms XHR
application/json 2606:4700::6812:172
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.linktobox.com/api/file/folder_base_info?dirId=0&platform=web&pf=web&lan=en
Requested by: Host: www.linktobox.com
URL: https://www.linktobox.com/lib/performance-sdk.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:172 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5abb22204e625f554860d0e7f86479098840d624d92896159ca9ec5720602822

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.linktobox.com/a/d/Mu5HVLi
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 17:22:41 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7ebdd8c1adc91cb9-FRA
alt-svc: h3=":443"; ma=86400
content-length: 22
content-type: application/json; charset=utf-8

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ffb7bfb84afcc682549e04af5054b939857c41ff32f58cde2832d95f3a0a7935

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.linktobox.com/a/d/Mu5HVLi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c21240fb81d6d995dd3024f6bdf399c6d35c85edd9b730a77d531036ad0cd739

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.linktobox.com/a/d/Mu5HVLi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 en-pc.ce44de94a22312d06bfa.png
www.linktobox.com/static/media/ 138 KB
138 KB 40ms
40ms Image
image/png 2606:4700::6812:172
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.linktobox.com/static/media/en-pc.ce44de94a22312d06bfa.png
Requested by: Host: www.linktobox.com
URL: https://www.linktobox.com/a/d/Mu5HVLi
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:172 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38cbf50e3a1eec659a5287bcb47e8db8a2a80f784496aa2494ee933f1661d185

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.linktobox.com/a/d/Mu5HVLi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 17:22:41 GMT
cf-cache-status: HIT
last-modified: Wed, 19 Jul 2023 10:21:35 GMT
server: cloudflare
age: 2037
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7ebdd8c1add01cb9-FRA
alt-svc: h3=":443"; ma=86400
content-length: 141193
expires: Mon, 24 Jul 2023 21:22:41 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7a661ebffee30ead37a309677384cbb265f36220427459933d65603481e5fcb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.linktobox.com/a/d/Mu5HVLi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 473 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 944c85e840998eabee1edf5686912feb4112f2e29239093926e5d9e028ea5597

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.linktobox.com/a/d/Mu5HVLi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 309 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 458cf182ae79b54da2ac7388b49b1c9f04723777f017d26c4ccf31d63a10e26d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.linktobox.com/a/d/Mu5HVLi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 bg.d50c23467e88e5ee66b6.png
www.linktobox.com/static/media/ 28 KB
28 KB 30ms
30ms Image
image/png 2606:4700::6812:172
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.linktobox.com/static/media/bg.d50c23467e88e5ee66b6.png
Requested by: Host: www.linktobox.com
URL: https://www.linktobox.com/a/d/Mu5HVLi
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:172 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 493b1cea6b441409f701f77058eca25515be893b3ba3f0b5094aeeb32dee8192

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.linktobox.com/a/d/Mu5HVLi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 17:22:41 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Wed, 19 Jul 2023 10:21:33 GMT
server: cloudflare
age: 2037
cf-polished: status=not_needed
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7ebdd8c1add41cb9-FRA
alt-svc: h3=":443"; ma=86400
content-length: 28713
expires: Mon, 24 Jul 2023 21:22:41 GMT

GET
DATA 200
OK truncated
/ 475 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 21ec3a050bfccff132ee71df91e742566c3eddefb712ae00de74cddbc1f4ec45

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.linktobox.com/a/d/Mu5HVLi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1760e4811565b6ecf850b4aa9f0d8e73b297c53052e171031f591b5a65d079c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.linktobox.com/a/d/Mu5HVLi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10074.al0YK9aS9h0ph63X7OUtMqsH8zOkvxO7zwA4OseDFSNoqdNZzwCH9nW4ddNQeaRI.C4uCB1kTk28yJbG_YB4i1OF0wJ8%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10074.5q8Zbn3sQvvx2Pi5d1JqIjMHGGXeAe1nXq0CGi4jMZmt9XWBBPPWyFHtZOJ7T6h6wrVkblN9fxSDEwQ8yNFYN2PCB783Ts3HzQ9qHyDeXv0%2C.LV0n_OG-E78upHZuQz2qvyFQDT0%2C
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10074.l4oZcJfyRNXEDmGn9jBtO9Ja4lgt0h__Me8otB8cgPRXSKPYmI4nJMlfIDwFclxUI4YngFkDlfFSn4BzlewVnWSr-1k1EDj_2q-yUulNrcpoh...

43 B
403 B

74ms
73ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10074.l4oZcJfyRNXEDmGn9jBtO9Ja4lgt0h__Me8otB8cgPRXSKPYmI4nJMlfIDwFclxUI4YngFkDlfFSn4BzlewVnWSr-1k1EDj_2q-yUulNrcpoh8WTJmqJWW_o-2Y41UUSD__J8M3o7k7M_DkLK8xhUe4gHCZuF-GbRl_8RMquW9zvQs2mGDqilgCLnU-KkkatyA554EpDk5zi737OLNKLdw%2C%2C.PjmjtJii3_NbQlibvcJuBF11DNE%2C

Requested by

Host: www.linktobox.com
URL: https://www.linktobox.com/a/d/Mu5HVLi

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.linktobox.com/a/d/Mu5HVLi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 17:22:41 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10074.l4oZcJfyRNXEDmGn9jBtO9Ja4lgt0h__Me8otB8cgPRXSKPYmI4nJMlfIDwFclxUI4YngFkDlfFSn4BzlewVnWSr-1k1EDj_2q-yUulNrcpoh8WTJmqJWW_o-2Y41UUSD__J8M3o7k7M_DkLK8xhUe4gHCZuF-GbRl_8RMquW9zvQs2mGDqilgCLnU-KkkatyA554EpDk5zi737OLNKLdw%2C%2C.PjmjtJii3_NbQlibvcJuBF11DNE%2C
date: Mon, 24 Jul 2023 17:22:41 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 06e04c9f56e42559f29238c28fbee2d293b1964763978cdefebe0e316ffca1b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.linktobox.com/a/d/Mu5HVLi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 201448726
avatar.fuplink.net/avatar/ 4 KB
5 KB 121ms
32ms Image
image/png 2606:4700::6812:1eb9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatar.fuplink.net/avatar/201448726?x-image-process=style/fixed_150
Requested by: Host: www.linktobox.com
URL: https://www.linktobox.com/a/d/Mu5HVLi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1eb9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4311fe09e80fd30bb9f522ac136a87b0ebf1c6f1534487902f0e417be367f9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.linktobox.com/a/d/Mu5HVLi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-oef-request-id: 39343939313166343435313a3234332e3233343a
date: Mon, 24 Jul 2023 17:22:41 GMT
cf-cache-status: HIT
age: 1849
x-obs-request-id: 0000018988D07D65B19A4684F7CDA208
alt-svc: h3=":443"; ma=86400
content-length: 4348
x-request-id: 39343939313166343435313a3234332e3233343a
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSGuWXXXDLH/p7luvvpJZrXcyjHpwWLC
server: cloudflare
etag: 2bec7691679ec8936d8f0f3671f383c6
vary: Accept-Encoding
x-transcode-length: 2633
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 7ebdd8c3cd559b64-FRA
expires: Mon, 24 Jul 2023 21:22:41 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2891a69970e773377873a5f58abdec0b23cb69e51fe30e7f46de97167126d87b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.linktobox.com/a/d/Mu5HVLi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 88583577 Show response
mc.yandex.com/watch/ 43 B
406 B 69ms
69ms Fetch
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/88583577?page-url=https%3A%2F%2Fwww.linktobox.com%2Fa%2Fd%2FMu5HVLi&charset=utf-8&hittoken=1690219361_3d01b92fef0617d39a438907d6a3cd39ddb6df5d77af24e8a05cbf47234b1c6c&browser-info=pv%3A1%3Aar%3A1%3Avf%3A7h8dgiykw9ep6c3ao218h5r%3Afp%3A2723%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1082%3Acn%3A1%3Adp%3A1%3Als%3A1021236476241%3Ahid%3A482009424%3Az%3A0%3Ai%3A20230724172241%3Aet%3A1690219362%3Ac%3A1%3Arn%3A136436254%3Arqn%3A1%3Au%3A1690219361450535846%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C217%2C1%2C1351%2C0%2C%2C373%2C0%2C%2C%2C%2C2239%3Aco%3A0%3Acpf%3A1%3Ans%3A1690219358834%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1690219362%3At%3ATeleBox&t=gdpr(14)mc(h-1)clc(0-0-0)rqnt(1)lt(22300)aw(1)ti(1)

Requested by

Host: www.linktobox.com
URL: https://www.linktobox.com/lib/performance-sdk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.linktobox.com/a/d/Mu5HVLi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jul 2023 17:22:41 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 24-Jul-2023 17:22:41 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://www.linktobox.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 24-Jul-2023 17:22:41 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 70ms
69ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230719&st=env

Requested by

Host: www.linktobox.com
URL: https://www.linktobox.com/lib/performance-sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b258b7feabd67cd58f2c9b0d4aff0f380740c7d98e4221735bb0377f70e17aa1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.linktobox.com/a/d/Mu5HVLi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 17:22:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11890
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307180101/ 154 KB
52 KB 127ms
127ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307180101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

97b5b06c6154e3923d44e37fecde623d498c26d896562ec26c0cdc8e92379085

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.linktobox.com/a/d/Mu5HVLi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 17:22:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53559
x-xss-protection: 0
server: cafe
etag: 14875593044202228425
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Jul 2023 17:22:42 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 84ms
34ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.linktobox.com/a/d/Mu5HVLi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 17:22:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 24 Jul 2023 17:22:42 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/ Frame F5D7 10 KB
4 KB 23ms
22ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.linktobox.com/a/d/Mu5HVLi
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 11753
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 24 Jul 2023 14:06:49 GMT
etag: 12368291122986407432
expires: Mon, 07 Aug 2023 14:06:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/ Frame 0A5C 10 KB
4 KB 22ms
22ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.linktobox.com/a/d/Mu5HVLi
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 11753
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 24 Jul 2023 14:06:49 GMT
etag: 12368291122986407432
expires: Mon, 07 Aug 2023 14:06:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/ Frame 1C67 10 KB
4 KB 22ms
22ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.linktobox.com/a/d/Mu5HVLi
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 11753
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 24 Jul 2023 14:06:49 GMT
etag: 12368291122986407432
expires: Mon, 07 Aug 2023 14:06:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/ Frame 7E17 10 KB
4 KB 22ms
22ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.linktobox.com/a/d/Mu5HVLi
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 11753
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 24 Jul 2023 14:06:49 GMT
etag: 12368291122986407432
expires: Mon, 07 Aug 2023 14:06:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame F5D7 4 KB
1 KB 89ms
35ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 24 Jul 2023 17:22:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 16:45:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 24 Jul 2023 17:22:42 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/elements/html/ Frame F5D7 14 KB
6 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f803b0618ea52f745b0c0426a63781fad8d07009a8941a6058230fd9b126a4b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 04:18:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47043
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6364
x-xss-protection: 0
server: cafe
etag: 15519008266486477248
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Aug 2023 04:18:39 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/elements/html/ Frame F5D7 20 KB
9 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

faefc7d5cb22f0899412f91aa8fcabe5910c50cb6faee897413b62ac324c0f79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 17:54:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84508
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8607
x-xss-protection: 0
server: cafe
etag: 1206383197409669553
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 06 Aug 2023 17:54:14 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F6CE 13 KB
5 KB 23ms
23ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.linktobox.com/a/d/Mu5HVLi
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 183
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 24 Jul 2023 17:19:39 GMT
expires: Tue, 23 Jul 2024 17:19:39 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame DF28 783 B
1 KB 82ms
31ms Document
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9ab993cd8c120834d195c2ac79404fddcedd32dc40f72c0d151612144f662b21

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-EYSiw98PjaZ1Vs555eOU3A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.linktobox.com/a/d/Mu5HVLi
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-EYSiw98PjaZ1Vs555eOU3A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 24 Jul 2023 17:22:42 GMT
expires: Mon, 24 Jul 2023 17:22:42 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/ Frame 0A5C 23 KB
9 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

463947d0709c9f435ed523b82dd8bbccf1ea8c25dc8f08900c90c51948210665

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 22:19:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68610
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9071
x-xss-protection: 0
server: cafe
etag: 4587423269125806604
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 06 Aug 2023 22:19:12 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3E9C 143 B
166 B 22ms
22ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 371
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 24 Jul 2023 17:16:31 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 0A5C 3 KB
1 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 13:05:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15404
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Aug 2023 13:05:58 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 0A5C 20 KB
8 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 22:19:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68610
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8309
x-xss-protection: 0
server: cafe
etag: 1379281626718990200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 06 Aug 2023 22:19:12 GMT

GET
H2 200 17710453794560484844
tpc.googlesyndication.com/simgad/ Frame 0A5C 14 KB
14 KB 32ms
31ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17710453794560484844?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmgypG-hfrU3GuBBNdeWRCcZNXmEg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bfc87e9fba5bcf0d4bfaf39661fd4cceb65e0af862cefdaaed6a3756bc0be543

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 11:41:44 GMT
x-content-type-options: nosniff
age: 366058
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13881
x-xss-protection: 0
last-modified: Tue, 18 Aug 2015 01:46:39 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 19 Jul 2024 11:41:44 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0A5C 179 KB
57 KB 134ms
66ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 17:22:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57333
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689766554590483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 24 Jul 2023 17:22:42 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 0A5C 33 KB
13 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d81ba9baa3db58495b4264c97c8b6e305a06291711e8ffb03cd28695ac9eb897

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 22:20:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68560
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13558
x-xss-protection: 0
server: cafe
etag: 8057333295417531599
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 06 Aug 2023 22:20:02 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/ Frame 1C67 23 KB
9 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

463947d0709c9f435ed523b82dd8bbccf1ea8c25dc8f08900c90c51948210665

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 22:19:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68610
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9071
x-xss-protection: 0
server: cafe
etag: 4587423269125806604
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 06 Aug 2023 22:19:12 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 27DE 143 B
166 B 23ms
22ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 371
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 24 Jul 2023 17:16:31 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 1C67 3 KB
1 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 13:05:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15404
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Aug 2023 13:05:58 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 1C67 20 KB
8 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 22:19:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68610
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8309
x-xss-protection: 0
server: cafe
etag: 1379281626718990200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 06 Aug 2023 22:19:12 GMT

GET
H3 200 3693551454626825725
tpc.googlesyndication.com/simgad/ Frame 1C67 19 KB
19 KB 34ms
33ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3693551454626825725?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qlw-eebaloH8NdzHAy0gUrvhpeofw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ff1f7378ad053d3e3f16fffb36773db566780da7880e4fc382cc62b3c3cee1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 11:11:36 GMT
x-content-type-options: nosniff
age: 367866
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19788
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 14:10:32 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 19 Jul 2024 11:11:36 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1C67 179 KB
56 KB 167ms
116ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 17:22:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57333
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689766554590483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 24 Jul 2023 17:22:42 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 1C67 33 KB
13 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d81ba9baa3db58495b4264c97c8b6e305a06291711e8ffb03cd28695ac9eb897

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 22:20:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68560
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13558
x-xss-protection: 0
server: cafe
etag: 8057333295417531599
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 06 Aug 2023 22:20:02 GMT

GET
H2 200 cac0c864edda0087bf141d240f6ef92e.js Show response
www.gstatic.com/mysidia/ Frame 7E17 9 KB
4 KB 71ms
21ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/cac0c864edda0087bf141d240f6ef92e.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d046447e30e2ecffe5f823e770fca36fff69966f98f67b6fee1acc5c37bdb61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 16:44:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 520676
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3959
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 16:24:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 16 Oct 2023 16:44:46 GMT

GET
H2 200 8f3b55d480d7aec0a3d2d67a1cbdc6d8.js Show response
www.gstatic.com/mysidia/ Frame 7E17 10 KB
4 KB 90ms
40ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8f3b55d480d7aec0a3d2d67a1cbdc6d8.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63e643f238190d83f0be0b0f2ec7daa9fba55614e399214a16c5ca0cd6c5155e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 17:18:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 518638
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4200
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 16:24:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 16 Oct 2023 17:18:44 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 7E17 14 KB
1 KB 34ms
33ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 24 Jul 2023 17:22:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 16:36:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 24 Jul 2023 17:22:42 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 7E17 2 KB
892 B 37ms
36ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 22:19:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68610
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 06 Aug 2023 22:19:12 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/ Frame 7E17 23 KB
9 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

463947d0709c9f435ed523b82dd8bbccf1ea8c25dc8f08900c90c51948210665

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 22:19:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68610
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9071
x-xss-protection: 0
server: cafe
etag: 4587423269125806604
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 06 Aug 2023 22:19:12 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 7E17 3 KB
1 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 13:05:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15404
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Aug 2023 13:05:58 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 7E17 20 KB
8 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 22:19:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68610
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8309
x-xss-protection: 0
server: cafe
etag: 1379281626718990200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 06 Aug 2023 22:19:12 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7E17 179 KB
56 KB 153ms
113ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 17:22:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57333
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689766554590483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 24 Jul 2023 17:22:42 GMT

GET
H2 200 39d4397462e2693449f221f9915f9e59.js Show response
www.gstatic.com/mysidia/ Frame 7E17 33 KB
14 KB 70ms
22ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/39d4397462e2693449f221f9915f9e59.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67edbe1fe2a38ebf16fc36b42cc267e37f18629ec79feae7a177178bf6e24d89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Wed, 19 Jul 2023 08:02:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 465609
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14179
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 16:24:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 17 Oct 2023 08:02:33 GMT

POST
H3 200 performance Show response
www.linktobox.com/api/ 11 B
144 B 217ms
216ms Fetch
application/json 2606:4700::6812:172
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.linktobox.com/api/performance
Requested by: Host: www.linktobox.com
URL: https://www.linktobox.com/lib/performance-sdk.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:172 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a491a7b7a24b52ae6dd7dbcb4ac13b6f5f6ff714d69c021c269b065a6a2e1f3e

Request headers

Referer: https://www.linktobox.com/a/d/Mu5HVLi
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 24 Jul 2023 17:22:42 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7ebdd8c8c8e21cb9-FRA
alt-svc: h3=":443"; ma=86400
content-length: 11
content-type: application/json; charset=utf-8

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3E9C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

39ms
38ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 24 Jul 2023 17:22:42 GMT
expires: Mon, 24 Jul 2023 17:22:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 24 Jul 2023 17:22:42 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 7iS30H4CIOlAzWX_-DRl8EqUdjCbSbkytJAMRoxuMII.js Show response
pagead2.googlesyndication.com/bg/ Frame F6CE 38 KB
15 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/7iS30H4CIOlAzWX_-DRl8EqUdjCbSbkytJAMRoxuMII.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee24b7d07e0220e940cd65fff83465f04a9476309b49b932b4900c468c6e3082

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 11:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22832
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14882
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 23 Jul 2024 11:02:10 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 27DE
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

32ms
32ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 24 Jul 2023 17:22:42 GMT
expires: Mon, 24 Jul 2023 17:22:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 24 Jul 2023 17:22:42 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/ Frame D8DC 23 KB
9 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

463947d0709c9f435ed523b82dd8bbccf1ea8c25dc8f08900c90c51948210665

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 22:19:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68610
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9071
x-xss-protection: 0
server: cafe
etag: 4587423269125806604
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 06 Aug 2023 22:19:12 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame D8DC 8 KB
823 B 35ms
34ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 24 Jul 2023 17:22:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 16:48:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 24 Jul 2023 17:22:42 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/ Frame D8DC 15 KB
3 KB 117ms
23ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/outstream.min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 19:15:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 598038
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2920
x-xss-protection: 0
last-modified: Mon, 10 Jul 2023 17:29:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Jul 2024 19:15:24 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/ Frame D8DC 375 KB
129 KB 117ms
24ms Script
text/javascript 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/outstream.min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

694232a260aae79863960cde335169eda08872773c6f3fc63a4c16edfcf9a477

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 19:15:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 598038
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131779
x-xss-protection: 0
last-modified: Mon, 10 Jul 2023 17:29:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Jul 2024 19:15:24 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame D8DC 20 KB
8 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 22:19:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68610
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8309
x-xss-protection: 0
server: cafe
etag: 1379281626718990200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 06 Aug 2023 22:19:12 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DF28 0
0 55ms
55ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230719&jk=2943535127515376&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CAA2 143 B
166 B 22ms
22ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 371
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 24 Jul 2023 17:16:31 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 7E17 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ecb7912ce768793b46f93913efd61db5cbf2e88fa708f49970234ebaaceeb65

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 0A5C 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04963c41cbc00a71f36fe17ad5d7cef377e2dc0467ae66a824a91fb693626d54

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 7iS30H4CIOlAzWX_-DRl8EqUdjCbSbkytJAMRoxuMII.js Show response
pagead2.googlesyndication.com/bg/ Frame 159E 38 KB
15 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/7iS30H4CIOlAzWX_-DRl8EqUdjCbSbkytJAMRoxuMII.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee24b7d07e0220e940cd65fff83465f04a9476309b49b932b4900c468c6e3082

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 11:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22832
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14882
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 23 Jul 2024 11:02:10 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame D8DC 0
54 B 700ms
184ms Ping
image/gif 2607:f8b0:4005:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lkh4yv8c&c=1283579160000&slotId=641789580000&qqid=CM3ehOXtp4ADFUWLpwod4IcCzg&fb=outstream-lima&sei=44730425%2C44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4005:811::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jul 2023 17:22:43 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D8DC 0
20 B 56ms
56ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CkUMuYbO-ZI2qGcWWngXgj4rwDLirr91xq97ZtfERZBABILidpZQBYJWy-IGUB8gBBakC26nNN5zPeT6oAwHIA5sEqgT4AU_QXCBP5GKI79heQQWlHoScMW143HUJyIBAHno5B96LAfedeoHb3H1yjdraoh6fZiUJFtPcpyZ6N6LXcdHVYNmMDOTOv8MhGArpW4L_i1x3JUomsenMKf3qxIO-F-MElYNwCnwXJP7L0VQXOxHebTajynAzLcFPUoEmYnbH_4qzxy82Pk58LYS0gbm6DyHVbnkNfmh8XHgM7OcUykii_6V7QaCCbtu3mq1NoZBuJSZPGF1vY_PO3HvRWvu67re9nVwlub6VoMtH3jJhx8A7j6BnNvIhuuYmE19pFOqVeObHruPD8gKQCsmDTeUnzmwnTiS6KtEcgKJKwASL1KOCvwTgBAOQBgGgBnaAB8HnxDeoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAeALAYAMAbATqseQFNATANgTCogUA9gUAdAVAfgWAYAXAegXAQ&eventType=clickstring&clientTime=1690219362979&ai=CkUMuYbO-ZI2qGcWWngXgj4rwDLirr91xq97ZtfERZBABILidpZQBYJWy-IGUB8gBBakC26nNN5zPeT6oAwHIA5sEqgT4AU_QXCBP5GKI79heQQWlHoScMW143HUJyIBAHno5B96LAfedeoHb3H1yjdraoh6fZiUJFtPcpyZ6N6LXcdHVYNmMDOTOv8MhGArpW4L_i1x3JUomsenMKf3qxIO-F-MElYNwCnwXJP7L0VQXOxHebTajynAzLcFPUoEmYnbH_4qzxy82Pk58LYS0gbm6DyHVbnkNfmh8XHgM7OcUykii_6V7QaCCbtu3mq1NoZBuJSZPGF1vY_PO3HvRWvu67re9nVwlub6VoMtH3jJhx8A7j6BnNvIhuuYmE19pFOqVeObHruPD8gKQCsmDTeUnzmwnTiS6KtEcgKJKwASL1KOCvwTgBAOQBgGgBnaAB8HnxDeoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAeALAYAMAbATqseQFNATANgTCogUA9gUAdAVAfgWAYAXAegXAQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jul 2023 17:22:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame D8DC 0
54 B 691ms
185ms Ping
image/gif 2607:f8b0:4005:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lkh4yv8k&c=1283579160000&slotId=641789580000&qqid=CM3ehOXtp4ADFUWLpwod4IcCzg&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.1cz&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4005:811::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jul 2023 17:22:43 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame D8DC 26 KB
17 KB 181ms
75ms XHR
text/xml 173.194.76.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-BMO37FcYjq2U2y-JjxRL6UmQjELJyNpAYkJhBee-RhZ5XIOt6MXBDjW-PNx8JeqVAInMsr37O_29N25C_shg38J_aiJQ&cry=1&dbm_d=AKAmf-D06K3_aS5eJ3jUZgi2LeZt7RDlcRZhTYzbX85TB35w64mXdroMV-BTEm5u8W4mP_ybFOrHkGvCMzKR04rnzrJczkMLYkqkroGbRAdCiswIpCCphxeiYb2rrpX3MgIbsC3gz4UIHEi8w6f3FX4vDhDTBvToM8ptNFg_BeAPeMdxSJwnInrRUoh1EkfcsD9h6u1NJqL7XrQZyOggfLb2vBZGmZ-k_w35syc-L39tJey-JgwnOKmokFHtlHj3NXyb4p-580q0O24-BYDMOE2Op9nwwrJYFmMk8RihBJtWFFbjPRUtjQInzOz3TFgpPeJelITWKnikiT72L670_6UD5I28WmD9CjnwDVmnoRzESA5qv173_lC1WvYcW4xJMEWH9THWq9SK5CdatN9c_z-7Th4yZobXjTIbPaPOHB3lfNKSyYhOaFJHFnfrvyrtv53TSL5sNaSP8A2BKRjVbAzqXH6SxJW2QD4c8NzGfqBlEO_laEg3xSeGVKiAD-QIAr8P4yFV79PesaQHkmCvJTfRjFDE4_-wbyoQix9sX8-q3kZo439CeQwryHURJsYLeHh2p7Xovpap10DtRdttfm5Anfvd7hfBR6d6SHkuQNDtnpUsRJsI1r2ND01Lo2JlHYkyFg900xY0x-SHOZetMfqcBd_6rhOQuosc02zBXeSK6NX4dJ2HGHjgaO2oRrl9VrYalnhspUZ7hKzUudNAzoN08qYtJ8obhKQ2GLgX6sISayylqePu2MeitCR5mAk4L-DjHh3iDQqGXeVS-0bfc__jz5IWh2yPie16y1GHB-LyP0Lg57kudGF98t7wjerO2tmPerXd6zOhF2nFzNnSPAn_rIOfHU4Ah16NRkTe5ycWiUsxzlWsqdQb3QR6dwKbIA8778f-Igs-tPyC64U1qEOw6QLYB_FwUwGggryJd_mLCaFmjG9eF3eTMchO8hj7RygT3s10qo6mv5AQow9H0HrTPNu5LVD4dD1EtiEYV3sqTgps1-cEZpmkG4IB613ja31_VhfBv_RWl6tuddYotX2JaOS6lGdVdsQmwliaydNAlTR4u42CP2adbJwU56APaXBMLUOSMu0gffcVVDKfA1PYM_wArfKfe6JuElbaiZEHZOzqwnHBs6M4_ykymDdsuw2AvznnfaEi-QFWKAYiT72j9S7IvwPiRFaxHDfo8QldLHETsbrDc4oogurcYPD_2-PFMlpvHqSNx8ZbFzqcH-UssHxQsy4yhsllit5mlumIcA-JB002RBL8Yd3nlWHTkrxSAWogjrWn6nIZCkbY9SS_JryWROWnbsz6ecqncFet9MuwrxquYv5YtdLwt1wWVSrnYTCVg-wPylujKrYaE5GEZuaFEYM_ID8Uz-BZDBuxN9GvTaSExDYr9ekJMWEMwgnbtEfjdn3FCTCZczz174FdHPYdbxilnEv-6jGOUluWTaR1X847L7D2POuVnreI620ihajTP9o5e85Zs9JEMFFnY_q9ljpU6ztIaWc6uYW7lvuBOcbKuO7D7PhDsuX8LMCT6m-wBwfjIJV_VRVmEoizyZNttDbA5t7v8j0aqXLxYZcrZ57_zJogp-RayjDdbQKTIl2FurLr3abgjVKu3Wrfn8Bon3YyP_E3L8j-jNC7Ypym4Cr5GX0VbDJymaH0AFxzLvZAoHlnlp4IQncd2b1FV7kkukn0RVs1sVzSOtnDygzThenBeyHTk9MxLSiy7M5flLv5-3uxJx_bArlv2l7A6tPEbev8d9gwS30rW8ze9Q1jLL6GbvUqAvXlTVYV38Fv0VbkWHpNZ0KdgUC5-lLf_0ze72-Iy8yX4IGMtto4R_V04iAg4JSsfGk1U59xL_D_6bizNcYaXtvqnupImoECSVVICLP9-jlijcqu2OeaAisaM4v-bsR5AFRTAGhJta5noJ_60vWP02pMFMI9zIYjgiI5z4x8L2qmUHSKg9UYg8EMBUZorMIfio2LXOsTvNUvZMOsGNggQa-sUtytPWN5bMKX7sli4azBeWVrmGCfvufQh7XTOyqAeG7g2aPUcI9J06OiE2BDkZfEC0Y4v8Czp-_ETw1PYmVAR8ozOLWFD48C0i1vtr1FQNMmk8cuY5Hft1TtTPHHIvgpQc5I9ukNfVyybbabtT45l5FERKuoXaBdFy3o2hL8ggUwCessXL77A58hHs7AWK2nhFETxK1LOSReZb2n7GS6v6oOL9cADu1bMs6Y59PnpF0C3wqDsSU_hfmm9tllKIuN6gLCIYEGG7OETl_5LKEPIDfdfEOhuQCc3M6O0FMVeukbofj_Nt4ZqyD6SNeQzTz6n-TPSAHC4L7cDfn2CLhkAnSHJpGNsSK1FSAxv64CR9SlZ0cE1YUz4fqYZEKdZV9QRylLoFPtp6OEfktsEcjtOJtp5-18mfspjmd4b5et5OOh7HHjmWasBw3TU28S2AhPEcYgK-t75eufRHGGYZxLmBBmBT7uejlkXU47vGwU84dd7FDrXKwSPLMSDLwuEyKSfDfSEtXuczWAS-XoEeJPKeXrc8wS3hDIBoQe0rbsK4IfE4XDNdHa14NL5iMcUMV7z-OUkpyAhDXb5lLy8gACUdXEWMBkcWegvpqWnAMCmPQ7boUjPC4CpBJ_hEhRnxdoIubRid_6Yb0R6ad3jkBAkfMDJpfwO4DfgE3Rp9eaCk7JcuJhyhYK_mbUws33sClrn4njpkK6bIrCpfjPZZrn3mO_E63tpdwSKom8rZVB-T7LD7Asmfvs_s8M7u5YXP9yrU0qKvdKViez3VJs8NMGfqgbJXA2W5Sl_BCshYZtnWh6wK3IKkvJuTLLGGEcNgTWwYSGCXUiFy86SxtohVNjoMgi8eQ4JrU6PDwLmigCI9zXmSPTnC0dXUA9cSwbXFOjSqAw1wRmf-plzANgkr_7uAkzjZ5bGklla6kSSP8U_FObkmC4fIrvvQZ2IQamu2y2pg-kNlTn2G54se7JQbwnWbTAfCp_IYeuY2kjBYXZKqj7V5qmLhbvbJn-2C5RA76gNv9-KW-TBKb7Kw4BRA5BJHkM_vIRLk-O7VHFHufQRos2TLn0nxxh1bC0Y7ralaPFLpMZgU_IUpsiYxDf2MIHBumnahBFfOojHi3IIC6Nk8cu3uEPLzodftz92pvSHAKlVh9vPoYNcCtge9HpjQ3SJkZbUb6WWxbiFErtIBm16i_wuH37Ifs0liA06obbuYBaNpcmcxKxn2ZLnce0zAd-b-SIBH0pT4jGf0K1wOfMNTBFaxkE0lyyX86c6nEkiAnKONpbAYY2RAMMZbSIvZMbvyLOnP7sZmuLVrzI_8Jw88upuI4LB7W_diNIh3o5OzcsENvqRx8CxFUGtL5ZHY2tK8-wDgoMxamwls-HDf8HSVhyzsmMjKfCYgDp02OehnnhzlDuzjxh7NSCsBvkwwNu43T6K8zqhoQ2wxKI5jwUU6Q900kFHWTg6l3k9A3EIeJnh-BEuJ0WCHePSBFf5szjYgQnvjZsEzLLO3oKn-SYlyKP-wq5rNkK9gITnmg0TdgbOMjKJwUPVJXP55vI2irlVeSBa0eVakyWAQMQaF0&cid=CAQSGwBpAlJW1RJ81FoQRCpCJrEh3BGYxxwOcR_EeRgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.76.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ws-in-f156.1e100.net

Software

cafe /

Resource Hash

24513ec455c2c469263070dde6971a59c8f32df52cc4fe2ce6d31428ab81fa6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 17:22:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16096
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0A5C 0
23 B 69ms
68ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CySbcYbO-ZI6qGcWWngXgj4rwDOb7vbBN6Jre5-8EwI23ARABILidpZQBYJWy-IGUB6AB0MPt9APIAQKoAwHIA8kEqgTXAU_QYxYCyY2X9fqxTWTSwIybx8Rz1f-GN9AVmpPY6tluT_vZUeT2ZVQKsLjXICeEmBisIPQddC4O2qOtQ3ZYyEe9iCdi0a70QrajfR72XjqvCTF4VJF0bYkbcsnnMZ5Zv62LUPZlCtw7wy7_6StFSH0_dTlx59_YV978JjM3fKtBZrDSTVGsLv-Azix_MV3_LTIdYD6F5FdCzMZKvt1B1Snb7zAbOWEfskPhVCaa5Lc0FWO6EYVeC47Kg_ngppnRwfHBEEYiW5w35NNP3-TapL-tk9Hf0NEswAS0tvvOBpIFBAgEGAGSBQQIBRgEoAYCgAeYvJILqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ-cMI0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAdgTAtAVAZgWAYAXAbIXHAoaCAASFHB1Yi04MjQ4NjY2MTIwOTkyNDQ0GAA&sigh=P7X7k_FKwH0&uach_m=[UACH]&cid=CAQSGwBpAlJW1RJ81FoQRCpCJrEh3BGYxxwOcR_EeRgB&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 24 Jul 2023 17:22:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 24 Jul 2023 17:22:43 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CAA2
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

32ms
32ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 24 Jul 2023 17:22:43 GMT
expires: Mon, 24 Jul 2023 17:22:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 24 Jul 2023 17:22:43 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F6CE 0
10 B 22ms
22ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?JxH3AQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 17:22:43 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
DATA 200
OK truncated
/ Frame 1C67 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4625f28372c16f27546ce8aba75c8d5485c4bb015d70010795e326b2643e70b8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 7iS30H4CIOlAzWX_-DRl8EqUdjCbSbkytJAMRoxuMII.js Show response
pagead2.googlesyndication.com/bg/ Frame CB15 38 KB
15 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/7iS30H4CIOlAzWX_-DRl8EqUdjCbSbkytJAMRoxuMII.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee24b7d07e0220e940cd65fff83465f04a9476309b49b932b4900c468c6e3082

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 11:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22833
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14882
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 23 Jul 2024 11:02:10 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1C67 0
23 B 67ms
67ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C33A6YbO-ZI-qGcWWngXgj4rwDI_z-7tx6pT9_-sRl96ivcABEAEguJ2llAFglbL4gZQHoAHq3IDRAsgBAqkCu5XCzhqXpj6oAwHIA8kEqgTbAU_QKqzlTZTVTlVdJtGWVwYx8YXmMzB153x7NZuFAu1ueeSlScc3OsETBVS82qVI3YRdJXdOVWi8CIa-lmB82DAkZPW-xYp0Ew-hhmFNm9SFVf3DEfu-t5PrWmXliNb7H3ky0jflCHIwjr20C7Ch91vQybribb_Qb7R_8FhR9rDyju8Fswi3he3um56LgLBWLojdROcvKQp3vJQz02mnSETfw4X1XAqcoOTKi4Q5ZPxisPQ0YjlqrkINFY5ZPs-c8cLD4ItfqdvON7ozoa3YoS14F587-JutXS1uVsAE95CB8b8EkgUECAQYAZIFBAgFGASgBgKAB_6i_64BqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ8OUY0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAdgTAtAVAZgWAYAXAbIXHAoaCAASFHB1Yi04MjQ4NjY2MTIwOTkyNDQ0GAA&sigh=YZxOYImj0qc&uach_m=[UACH]&cid=CAQSGwBpAlJW1RJ81FoQRCpCJrEh3BGYxxwOcR_EeRgB&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 24 Jul 2023 17:22:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 24 Jul 2023 17:22:43 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7E17 0
19 B 67ms
66ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C9M-AYbO-ZJCqGcWWngXgj4rwDOb7vbBNwJXe5-8EwI23ARABILidpZQBYJWy-IGUB6AB0MPt9APIAQGoAwHIA8MEqgTYAU_Q_gbN-8C4tjdprQTRuQhH97eCB6YG1UBe9qgTzdt4dQA5FOKmFtYzjA2OoXH2n5iSMgxQjLdnkenzjex3PJaDxBqLXLoneLCXloajq4xqwmNvUkteDUsXx1A87Rc3WOYq59sqlVDC7_JFkeYTJ2Qo_CdPnS8e3yGzwFrpaO5wP_S8qOfhBMPAkwnQne4i3TT6KVbRmwk2cFxurkDQFOLCSZmns0aa5qWx_oEUpaIcL5PKtV25bT2mMfVNVfw0gnyAhCBDfdBq4dmzFYPqK88f20Bv9CfxcMAEtLb7zgaSBQQIBBgBkgUECAUYBKAGUYAHmLySC6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEKzTDtIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHYEwLQFQGYFgGAFwGyFxwKGggAEhRwdWItODI0ODY2NjEyMDk5MjQ0NBgA&sigh=tGTHwWcZE5o&uach_m=[UACH]&cid=CAQSGwBpAlJW1RJ81FoQRCpCJrEh3BGYxxwOcR_EeRgB&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 24 Jul 2023 17:22:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 7iS30H4CIOlAzWX_-DRl8EqUdjCbSbkytJAMRoxuMII.js Show response
pagead2.googlesyndication.com/bg/ Frame F656 38 KB
15 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/7iS30H4CIOlAzWX_-DRl8EqUdjCbSbkytJAMRoxuMII.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee24b7d07e0220e940cd65fff83465f04a9476309b49b932b4900c468c6e3082

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 11:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22833
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14882
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 23 Jul 2024 11:02:10 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame D8DC 0
234 B 495ms
184ms Ping
image/gif 2607:f8b0:4005:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lkh4yv8t&c=1283579160000&slotId=641789580000&qqid=CM3ehOXtp4ADFUWLpwod4IcCzg&fb=outstream-lima&vast_v=2.0&vmfc=9&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4005:811::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jul 2023 17:22:43 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame D8DC 41 KB
15 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 04:59:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 390190
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Jul 2024 04:59:33 GMT

HEAD
H/1.1

200
OK

file.mp4
r2---sn-4g5lznle.c.2mdn.net/videoplayback/id/437cda7db0606454/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1721755363/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame D8DC
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/437cda7db0606454/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1721755363/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r2---sn-4g5lznle.c.2mdn.net/videoplayback/id/437cda7db0606454/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1721755363/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

519ms
321ms

Fetch
video/mp4

2a00:1450:4001:1d::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-4g5lznle.c.2mdn.net/videoplayback/id/437cda7db0606454/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1721755363/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/B08BFDD525A5DBF856DC9FB38D8E4C7639A5AB.6DE4F45EE222133EEB3AB2473972F1CFC9C8F2DB/key/cms1/cms_redirect/yes/mh/IK/mip/2001:1b60:1010:2:1012:8bfa:690c:329e/mm/42/mn/sn-4g5lznle/ms/onc/mt/1690219017/mv/m/mvi/2/pl/29/file/file.mp4

Protocol

HTTP/1.1

Server

2a00:1450:4001:1d::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date: Mon, 24 Jul 2023 17:22:43 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 6802385
Last-Modified: Tue, 18 Jul 2023 08:53:04 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Mon, 24 Jul 2023 17:22:43 GMT

Redirect headers

date: Mon, 24 Jul 2023 17:22:43 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 664
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r2---sn-4g5lznle.c.2mdn.net/videoplayback/id/437cda7db0606454/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1721755363/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/B08BFDD525A5DBF856DC9FB38D8E4C7639A5AB.6DE4F45EE222133EEB3AB2473972F1CFC9C8F2DB/key/cms1/cms_redirect/yes/mh/IK/mip/2001:1b60:1010:2:1012:8bfa:690c:329e/mm/42/mn/sn-4g5lznle/ms/onc/mt/1690219017/mv/m/mvi/2/pl/29/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame D674 23 KB
8 KB 23ms
22ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 38475
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 24 Jul 2023 06:41:28 GMT
expires: Tue, 23 Jul 2024 06:41:28 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 vVBxlHWLSq1fuQw2L5BPyxsDoAp2pX6f0RpBSmAaURU.js Show response
pagead2.googlesyndication.com/bg/ Frame D674 37 KB
14 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/vVBxlHWLSq1fuQw2L5BPyxsDoAp2pX6f0RpBSmAaURU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd507194758b4aad5fb90c362f904fcb1b03a00a76a57e9fd11a414a601a5115

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 06:23:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39530
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14655
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 23 Jul 2024 06:23:53 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 56ms
56ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&wpc=ca-pub-8248666120992444&su=www.linktobox.com&eid=44759837%2C44759876%2C44759927%2C31076342%2C44788442%2C44796827%2C44797786&doc=complete&pg_h=1200&pg_w=1600&pg_hs=1200&c=2&aa_c=0&av_h=607.141&av_w=160&av_a=97142.500&s=630&all_s=630&b=532.859&all_b=532.859&d=1.012&all_d=1.012&ard=0.101&all_ard=0.101&dt=d

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.linktobox.com/a/d/Mu5HVLi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jul 2023 17:22:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D674 0
20 B 59ms
59ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BOZf7Y7O-ZM6tB8qIhcIPwIKRGAAAAAA4AeAEAg&bg=!p6SlpPDNAAZsPphkTD47ADkAdvg8Wrgb8b7092MaIxVFooK19F94Nqzcuso1GJcxb_wmu03Y2-W53alkIQPDWcMSLIuAjqz1JAgCAAAAUFIAAAAGaAEHCgAmfUSIZ8at99DttPqPJ7LI1N08QTxlRfYG5oWy8VG4-XRS9o9sU7uZAz7fnCeGD41s-x6ICyOhl_bWqatdFcr_InuIUKJLZmwZ5mbFweRPJLQtgG3nL0r-3AK5FgJh7TL1ypFWVJiDdYAvxvUhel_eFByoZyaZJcY4qNF5JARhlRFsKHRojU0sc-HhRyTRpREOwx0BOnxhUXiCBiHXIjXdeT6SzEvhaQFSIYq3RPD3Luxedl8rzI95nJ12wJR3XFqTejQqu5TS1Tt116pNZlyobCmSXt6lmEiFD5V5h38ouIhZOgHGNzKCQt79GTM-k5rcJc5T2yPSxxObv4-ED1G-_7NWXsogBEFUgU-VBkOjIPl9s3PABFfniFKlR2Ida8ydoQZmOsORySnEwU0Fa7tV5fFs2a-1sDf8qo78yG1SWfZF_-X1quWZ601d79g_acDe1ncyggRuOrxSpomeI9ugPKgXOwYJvzwOPPr-axk-Lpa2ZmzdzkmcfExZ6W_fE9M2dLf7SEO-nwnFaIHttPRkx0x8-hCtAucULLxU_XH_zvMuhAqVvnN0N0dQXGi7nzrPPGAdjfTnTJ_DKT6kyu-60lLU5Qo6eAcS1haxwGC7p3ngAiO3x3Imprfz5ljT2RRQ-VwP921NQLhU7G0_e7HeHKe2T0dNxRpuiq8N3XY3h46iBhTnNlMH42BQ1A7rqNblMt830qSGVYeMt5LfkG0-IZwCbfNxK-145GKY4hFP-blgOwwDT2TcS161kmlC6JAKuzxndcSr9IRcyypZ96SBOiAm7la90APx9fxCl9s5uqdDTzTzHZgSmmL2YU13p9wZfbuMdJILfEvC0u_I4-58FI9jIwoxCa6Vg6mm2Ov5MBFmwiA_XU2mgPAOxmrrfdAnjcaTtMH6fRbFVjkS10Ys-IfpF8IUZQPNnMwdfJoP0f7Eyl-OXMNS3sLDNiK8-SzR6EzaSq1EsowHm2kJU4-qsGXXQVSisnYhdOyQUkE7XQM_ytPI5_FrFTzEDNjcI7hVmEvHhVy-Bk-w5Zz7ptFgyLwAYMzTG7Raxmu5V63p8jIc2mJJ9niFAS9u3LC2aKDim8HZGdLJFaFtwr75_U_IH_lDop3PzKjHcaknYpiLc9sa9OfdTmYXHKF4zT3FH37dPiG1SuEqfg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jul 2023 17:22:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 59ms
59ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230719&jk=2943535127515376&bg=!ODulO2_NAAZsPphkTD47ADkAdvg8WuuRtdhmyoZL24owj92nkcFiPr5NNxn00I4OivqZokEbJ29HDEn8dhb5wsCLwW-A_DpmaTwCAAABalIAAAAFaAEHmQMDMBug3lFNImV7sNKWwVNmiG3QONTYgq_qw5-gm7gfB-2-9b1FLr3DxxNtdixI_Tf-9sv5qJN7E-xN2rx3o4VgEIPfU9BApSVh7o-7fWl7BNgGXmpPa2fjXoyVbb96VR7Y5mNYfOyUoz6qlnNinIyyNAdw_vEajMRS5UBrNnCO6_oU_Nw40AumOvpocf_XDDw9PzCvBeBlxysBfBLkQS7a3n69eR0qBc5F816vRzNK4BQ1RGwHYzfo2Lt7Q8ZsVVI_QZ8fMb7OVpwCtAf3WuDf8Yv7CClMiYcpT0P6sdRfnnfMZEkdMitLyzGBpUO5tq8xvqXCwnia84R5azUX-gSU1i7BGGgNw_F-QC067njEnV4cXvbnOx_g-4j95sXdvp0wX6yrtmUAbFlLDdiSA3ie5Yyj7XUbN3ZlHJiBCvylsJnZDOsSegdnf5r3t_O6YP_O5GbsD7Nsn6iuqPnUsnbNdfw7BGPdgK52K2s9aqECaNGAYYpMZSKJF9j3-z4vy_SgLti3lT6qO51oX2icywKMy3tu4OD17y9TniErqOF3SVhhX-fikfD8gzDABQmK8_VRzE-6rbjNlgi3vsPyd3GKxmdCTUhzSAg-fXg6Sny1UAB9mNUi2T9JzIa99ioWgda0wcFny1hCb6e7prwIB8h7XetzOKoGT8BDYNXUvbQhWsxa07od1P9BCvEg26ZoBr-mEsc-n57HIokqARob8Bg_ON4zNxjk7ecdDKOSYK7atDKS3HY1I5sqOn2LvcpxNWtmuFWyS7p1a1HUuduehcbLYD_ICa_ZyTIri90_7so9147fc6nGkUFwMs5BdHFVqWZd9RkHgo4P4iXMxqWkZ7FVdvPhXAAErifoMcTuZ_15PHyG-dkJ48JvFoPDt9ZYpKeAS6cw4JDYAI7MnIqviQnNUClU62HJw5dZj5i__1mLbP4sDhPtYcP2Z-kM_aSfcbTjQCK8BOqcngmucnmHkTjzT5zf9CX4h6irwA-GuXd-CQq5mJS5iAG_ZrR0Z3ZT5Z2XkviM
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.linktobox.com/a/d/Mu5HVLi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

GET
H3 206 file.mp4
r2---sn-4g5lznle.c.2mdn.net/videoplayback/id/437cda7db0606454/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1721755363/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame D8DC 193 KB
0 262ms
144ms Media
video/mp4 2a00:1450:4001:1d::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:1d::7 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Range: bytes=0-

Response headers

expires: Mon, 24 Jul 2023 17:22:44 GMT
date: Mon, 24 Jul 2023 17:22:44 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-6802384/6802385
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 6802385
last-modified: Tue, 18 Jul 2023 08:53:04 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0A5C 42 B
64 B 58ms
57ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstoBHm2uQS-nD4YM8piPkFZUGlS5Q7xO9VEh4VyKpXhFi80YShqfm9BTNN_DZHX5IGXJ2FjuYyWUtaksnQh1hDai8904Gm8VJU2WdGtVrag0WOCVatbwOla4wU26mdI4x0lHdZGqmEr18pU&sai=AMfl-YRjY6h0IZgFA23yaw8ytHKCYDlF-TgefrWUVfZpBd1EnAQFLhQqm6nGrHF6Gp4rUD8vczqHiOyD2pnG&sig=Cg0ArKJSzDBn9DjbvLLQEAE&cid=CAQSGwBpAlJW1RJ81FoQRCpCJrEh3BGYxxwOcR_EeRgB&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230719&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1690219362557&rpt=301&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jul 2023 17:22:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1C67 42 B
64 B 57ms
57ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstanAx6TYlHhQp5OB6mKnwAB39nYZ0QflNmxLZaM9p6LeR3ESn4AquUkXsn4mJfM6UYlQ9nAXtA4262LNhUPBShl5IqMzxGLNjbu832roxJuYAIPXzP_wHe_JnBG-hU7wMBansZqnpSxp94&sai=AMfl-YSYrCBpCWSy1uoJfYi2Z5ZxHXZVh6aXzfY05kkPQcmJNuURJjZ-AHV-uibHcJw3e8_2oNhvaCQv0GnQ&sig=Cg0ArKJSzOTNSBDAHFy1EAE&cid=CAQSGwBpAlJW1RJ81FoQRCpCJrEh3BGYxxwOcR_EeRgB&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230719&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1690219362559&rpt=366&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jul 2023 17:22:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7E17 42 B
64 B 59ms
59ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsugCdSVz9twELMUy6J54xsZ6kKQNwVWioILz7wpoxMu3Bma8HGmQbMVuCVHtq7DPGaZ6xpovsECl-Vad4DVvOh5j0-TfmqE7Mhvb_3WqkIg-bFgmZz6QRBdvrx36H1u6qKSoBPGOYEeGkO5&sai=AMfl-YQgL5HgmFJWUupEtrDA-wFHZLiA8qLmBC6gyG3GFn7inrQOzGNfuRAhbHQglEZ867FNjaXKpZrRx2Lv&sig=Cg0ArKJSzFUWoz-k-fLwEAE&cid=CAQSGwBpAlJW1RJ81FoQRCpCJrEh3BGYxxwOcR_EeRgB&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=317,998,1000,1000,1000&tos=317,681,2,0,0&v=20230719&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1690219362561&rpt=555&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jul 2023 17:22:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame D8DC 0
54 B 186ms
186ms Ping
image/gif 2607:f8b0:4005:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lkh4yve8&c=1283579160000&slotId=641789580000&qqid=CM3ehOXtp4ADFUWLpwod4IcCzg&fb=outstream-lima&gpm_i=7&gpm_c=7&gpm_a=7&smb=1000&br=988&mt=video%2Fmp4&vs=640x360&msm=1&aits=0%2C18%2C692%2C59%2C342%2C343%2C344%2C345%2C346&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.1ij~vil.28q&ape=1&ple=0&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4005:811::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Jul 2023 17:22:44 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.linktobox.com/	1970-01-20 13:40:24	Name: uid Value: 75f6b895-962472a-afac4ec8-ecb6494%3D1690219360786
.linktobox.com/	1970-01-20 22:15:55	Name: _ym_uid Value: 1690219361450535846
.linktobox.com/	1970-01-20 22:15:55	Name: _ym_d Value: 1690219361
.linktobox.com/	1970-01-20 13:31:31	Name: _ym_isad Value: 2
.linktobox.com/	1970-01-20 22:51:55	Name: __gads Value: ID=7d6a5753485e47cf-22f2be84b1e700b3:T=1690219361:RT=1690219361:S=ALNI_MZ3QyiaoLapL08Kt4aBl4RE0ivcrA
.linktobox.com/	1970-01-20 22:51:55	Name: __gpi Value: UID=00000d127474f5d9:T=1690219361:RT=1690219361:S=ALNI_MZMJMO9BnOHGkmfa5YYwsTgDE1kjQ
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 464887981690219361
.yandex.com/	1970-01-20 23:06:19	Name: i Value: zg3wdvde3PmDwp1hI2qunbS4XTl5fPE2w/KY1PsivEuuqXgaI/C6+pDB6+MqwvV2FTobT9cV4rL73usfM4oW6fc/q5I=
.yandex.com/	1970-01-20 23:06:19	Name: yandexuid Value: 3887214681690219361
.yandex.com/	1970-01-20 22:15:55	Name: yuidss Value: 3887214681690219361
.yandex.com/	1970-01-20 22:15:55	Name: bh Value: KgI/MA==
.mc.yandex.com/	1970-01-20 13:30:19	Name: sync_cookie_csrf Value: 2548505336fake
.mc.yandex.ru/	1970-01-20 13:30:19	Name: sync_cookie_csrf Value: 2021612878fake
.mc.yandex.com/	1970-01-20 13:31:45	Name: sync_cookie_ok Value: synced
.yandex.ru/	1970-01-20 23:06:19	Name: yandexuid Value: 3887214681690219361
.yandex.ru/	1970-01-20 23:06:19	Name: yuidss Value: 3887214681690219361
.yandex.ru/	1970-01-20 23:06:19	Name: i Value: zg3wdvde3PmDwp1hI2qunbS4XTl5fPE2w/KY1PsivEuuqXgaI/C6+pDB6+MqwvV2FTobT9cV4rL73usfM4oW6fc/q5I=
.yandex.com/	1970-01-20 22:15:55	Name: ymex Value: 1721755361.yrts.1690219361#1721755361.yrtsi.1690219361
.doubleclick.net/	1970-01-20 13:30:22	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 22:51:55	Name: IDE Value: AHWqTUmh4AUPtX7YhKaz_GZ6Wa6a9LC2ue-JYtokXusMC824zNreLxN4Bh0TFvF37Og
.doubleclick.net/	1970-01-20 17:49:31	Name: APC Value: Aa3gxNrzYhsnpKIEOV28A6-EvMjKzOXf199bak7t8G4vA49b2S9MFQ

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230719/r20110914/zrt_lookup.html?fsb=1#RS-3-&adk=1812271801&client=ca-pub-8248666120992444&fa=1&ifi=5&uci=a!5&btvi=1&xpc=7p2BpnCXtp&p=https%3A//www.linktobox.com Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

avatar.fuplink.net
bid.g.doubleclick.net
csi.gstatic.com
fonts.googleapis.com
gcdn.2mdn.net
googleads.g.doubleclick.net
imasdk.googleapis.com
linktobox.com
lktbx.com
log.sharemusic5.com
mc.yandex.com
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
r2---sn-4g5lznle.c.2mdn.net
tinyurl.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.linktobox.com
173.194.76.156
2606:4700:10::6814:8b41
2606:4700::6812:103f
2606:4700::6812:172
2606:4700::6812:1eb9
2606:4700::6812:72
2607:f8b0:4005:811::2003
2a00:1450:4001:1d::7
2a00:1450:4001:800::2002
2a00:1450:4001:806::2003
2a00:1450:4001:806::200e
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2004
2a00:1450:4001:810::200a
2a00:1450:4001:81c::2001
2a00:1450:4001:81c::200a
2a00:1450:4001:828::2002
2a00:1450:4001:82b::2002
2a02:6b8::1:119
47.74.232.58
04963c41cbc00a71f36fe17ad5d7cef377e2dc0467ae66a824a91fb693626d54
0647849e545b416e10147c05434eb8dc002b2278e2f13153a3a4381634407224
06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d
06e04c9f56e42559f29238c28fbee2d293b1964763978cdefebe0e316ffca1b4
0ac221a9c2308990a33c9d0ac03537c0cea7091b7bc913156ca8ee310f77fbd8
175b28f718ff7884f1888724e41e572ce8dcfd4c92dea9e839e6fc88ee655689
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
19068acee65114219e32aa63c0c51ae21046068e667790a1d0aa5ca0e5cff30d
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
21ec3a050bfccff132ee71df91e742566c3eddefb712ae00de74cddbc1f4ec45
24513ec455c2c469263070dde6971a59c8f32df52cc4fe2ce6d31428ab81fa6e
24616281a4d30958fbbb4302b41d04f8d0b31aeeb232d2474b2866cf15293fd2
258c12b5985008d2e9d4673e23be0b994c76551a74dfd914e55a83c16daf5629
2891a69970e773377873a5f58abdec0b23cb69e51fe30e7f46de97167126d87b
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
34ab6374c8d0a70eb092db4e53106629b7195304ebb84a8c3a7fe870673e47b8
38cbf50e3a1eec659a5287bcb47e8db8a2a80f784496aa2494ee933f1661d185
3a60f1a2c93e36a7c08ba4b670f55137ba6598d7d314a6521e1b0a8129b706e2
3a6a7c52a2a3ccf340a31c4d570fed3dd80861a5417e769d139ae02183bce06e
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
458cf182ae79b54da2ac7388b49b1c9f04723777f017d26c4ccf31d63a10e26d
4625f28372c16f27546ce8aba75c8d5485c4bb015d70010795e326b2643e70b8
463947d0709c9f435ed523b82dd8bbccf1ea8c25dc8f08900c90c51948210665
493b1cea6b441409f701f77058eca25515be893b3ba3f0b5094aeeb32dee8192
4e8cd5d44ff898a4b1c2af1d9ad23acaa88356265a25e1420b0fc6786995cfa8
5276ce765b43635355a6f015488309ce0f6ecebea882b8b9c7f894ae3587a2e2
5409164b5daa69ef292b0c866658ebbafbfe1828bb13660f9e650e1ac1799da5
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5abb22204e625f554860d0e7f86479098840d624d92896159ca9ec5720602822
5ecb7912ce768793b46f93913efd61db5cbf2e88fa708f49970234ebaaceeb65
61530dcfb6019d437486c69e7b414775bf952c48d993480d44de293bf850001f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63e643f238190d83f0be0b0f2ec7daa9fba55614e399214a16c5ca0cd6c5155e
67edbe1fe2a38ebf16fc36b42cc267e37f18629ec79feae7a177178bf6e24d89
694232a260aae79863960cde335169eda08872773c6f3fc63a4c16edfcf9a477
6975ee44fc78b3490483b31a83e36b95273edf236de67f71d4d3809d9815b3da
6d046447e30e2ecffe5f823e770fca36fff69966f98f67b6fee1acc5c37bdb61
6ff1f7378ad053d3e3f16fffb36773db566780da7880e4fc382cc62b3c3cee1d
7a661ebffee30ead37a309677384cbb265f36220427459933d65603481e5fcb3
7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e
7c5a2a077139ef4d497ef514d6e7dee296112b9fac854fb9137d4feca248c748
944c85e840998eabee1edf5686912feb4112f2e29239093926e5d9e028ea5597
97b5b06c6154e3923d44e37fecde623d498c26d896562ec26c0cdc8e92379085
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
9ab993cd8c120834d195c2ac79404fddcedd32dc40f72c0d151612144f662b21
a239e950d8a4031a97e60456b411224e739d457f0372d5e3555d0b7b99737d8a
a491a7b7a24b52ae6dd7dbcb4ac13b6f5f6ff714d69c021c269b065a6a2e1f3e
a8229e87b0c6f109c721a158289507efce14ddd0dc7db02d5729738881279893
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
b0240f1c738c7df8079d3f1469452a08b72a8c39b63d5be262cf8d63fd6755ae
b1760e4811565b6ecf850b4aa9f0d8e73b297c53052e171031f591b5a65d079c
b258b7feabd67cd58f2c9b0d4aff0f380740c7d98e4221735bb0377f70e17aa1
b4311fe09e80fd30bb9f522ac136a87b0ebf1c6f1534487902f0e417be367f9e
b7eb034447b38f15ea0d639612f9bab65ac99d50e691df79a2f8ef162583b126
bd507194758b4aad5fb90c362f904fcb1b03a00a76a57e9fd11a414a601a5115
bfc87e9fba5bcf0d4bfaf39661fd4cceb65e0af862cefdaaed6a3756bc0be543
c21240fb81d6d995dd3024f6bdf399c6d35c85edd9b730a77d531036ad0cd739
c548450889bae41dacdcd58e3f43eeda8d1cda4ac857945bb5c5d46e9040c28d
d6b6bd03146f325ba839200df976c4e16004aa752d24e34809d37633119f162c
d81ba9baa3db58495b4264c97c8b6e305a06291711e8ffb03cd28695ac9eb897
d8fb5bd3c9bb3723dd19019b3bc93c353164ee42d8bc21ec0d554a12786f3d80
dd957bcbf630c865a035622c7d1cb1bd999a5e52fcea653719f710b224860714
dedaaf36fcc069f97351032cd7d04ef07a5a117e1af8f74dd5e36d21d02a15fa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee24b7d07e0220e940cd65fff83465f04a9476309b49b932b4900c468c6e3082
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4115b756d6bc2467be4def348f642d01e8bf8d2bcdc7a31ba79b009c4ba41fb
f803b0618ea52f745b0c0426a63781fad8d07009a8941a6058230fd9b126a4b7
fa84a1b49a11f80a2c1633a5e4d696a9976bcfa33a7e097f0bfbccba12c3d35d
faefc7d5cb22f0899412f91aa8fcabe5910c50cb6faee897413b62ac324c0f79
fb8d2b86a81144e62374dffa09b3f41c12224f930d0fe24d1e29687dfab05c43
ffb7bfb84afcc682549e04af5054b939857c41ff32f58cde2832d95f3a0a7935

www.linktobox.com Open in urlscan Pro 2606:4700::6812:72 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

107 Requests

96 %HTTPS

90 %IPv6

15 Domains

21 Subdomains

18 IPs

4 Countries

2025 kBTransfer

6383 kBSize

21 Cookies

1 Outgoing links

Page URL History

Redirected requests

107 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 12 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.linktobox.com Open in urlscan Pro
2606:4700::6812:72 Public Scan

Screenshot
Live screenshot

Full Image

107
Requests

96 %
HTTPS

90 %
IPv6

15
Domains

21
Subdomains

18
IPs

4
Countries

2025 kB
Transfer

6383 kB
Size

21
Cookies

107 HTTP transactions
12 data transactions