cover.box3.net Open in urlscan Pro
88.212.29.3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://covers.box3.net/index.php
Effective URL:
https://cover.box3.net/index.php
Submission: On March 04 via api (March 4th 2022, 2:06:11 am UTC) from US — Scanned from DE

Summary HTTP 114 Redirects Behaviour Indicators

Summary

This website contacted 16 IPs in 3 countries across 11 domains to perform 114 HTTP transactions. The main IP is 88.212.29.3, located in Košice, Slovakia and belongs to ANTIK, SK. The main domain is cover.box3.net.
TLS certificate: Issued by R3 on January 16th 2022. Valid for: 3 months.

This is the only time cover.box3.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 25	88.212.29.3 88.212.29.3	42841 (ANTIK) (ANTIK)
17	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
30	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
2	142.250.186.67 142.250.186.67	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
3 4	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2006	15169 (GOOGLE) (GOOGLE)
114	16

25 88.212.29.3 (Košice, Slovakia) 1 redirects

ASN42841 (ANTIK, SK)
PTR: nat-88-212-29-3.antik.sk

covers.box3.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cover.box3.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net

p4-fvyzqhgdvu72k-pgt2ut47hyagldsh-if-v6exp3-v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
47	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 90 tpc.googlesyndication.com — Cisco Umbrella Rank: 122	544 KB
25	box3.net 1 redirects covers.box3.net cover.box3.net	53 KB
17	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 276	166 KB
8	gstatic.com p4-fvyzqhgdvu72k-pgt2ut47hyagldsh-if-v6exp3-v4.metric.gstatic.com fonts.gstatic.com www.gstatic.com	59 KB
6	google.com 3 redirects adservice.google.com — Cisco Umbrella Rank: 57 www.google.com — Cisco Umbrella Rank: 2	1 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 147	190 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	3 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8832	914 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 246	13 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 716	642 B
114	11

	Domain	Requested by
30	tpc.googlesyndication.com	googleads.g.doubleclick.net cover.box3.net tpc.googlesyndication.com pagead2.googlesyndication.com
24	cover.box3.net	cover.box3.net
17	pagead2.googlesyndication.com	cover.box3.net pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
16	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
5	www.googletagservices.com	googleads.g.doubleclick.net
4	www.gstatic.com	googleads.g.doubleclick.net
4	www.google.com	3 redirects tpc.googlesyndication.com
4	fonts.googleapis.com	googleads.g.doubleclick.net
2	fonts.gstatic.com	fonts.googleapis.com
2	p4-fvyzqhgdvu72k-pgt2ut47hyagldsh-if-v6exp3-v4.metric.gstatic.com	googleads.g.doubleclick.net p4-fvyzqhgdvu72k-pgt2ut47hyagldsh-if-v6exp3-v4.metric.gstatic.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.google-analytics.com	cover.box3.net www.google-analytics.com
1	s0.2mdn.net	googleads.g.doubleclick.net
1	googleads4.g.doubleclick.net	cover.box3.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	covers.box3.net	1 redirects
114	17

This site contains no links.

Subject Issuer	Validity	Valid
cover.box3.net R3	`2022-01-16` - `2022-04-16`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh

This page contains 20 frames:

Primary Page: https://cover.box3.net/index.php
Frame ID: 43688573FB61E59C263207F10D13E715
Requests: 37 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20190131/zrt_lookup.html
Frame ID: 1E50EA9555A7CAF57E5339C8FCD34D9D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2612646834689859&output=html&h=600&slotname=3239060328&adk=659777109&adf=2901631502&pi=t.ma~as.3239060328&w=160&fwrn=4&fwrnh=100&lmt=1646359566&rafmt=1&psa=0&format=160x600&url=https%3A%2F%2Fcover.box3.net%2Findex.php&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646359566209&bpp=8&bdt=273&idt=138&shv=r20220302&mjsv=m202202280101&ptt=9&saldr=aa&abxe=1&correlator=2429559766634&frm=20&pv=2&ga_vid=1777689329.1646359566&ga_sid=1646359566&ga_hid=2144191766&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=216&ady=650&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C21066430&oid=2&pvsid=3581939701936144&pem=916&tmod=1125180866&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CapeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=mUoRkNnNhB&p=https%3A//cover.box3.net&dtd=157
Frame ID: EAE47C90603515764E96B88871E42AD6
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2612646834689859&output=html&h=280&slotname=6012589442&adk=2661501742&adf=3100471964&pi=t.ma~as.6012589442&w=660&fwrn=4&fwrnh=100&lmt=1646359566&rafmt=1&psa=0&format=660x280&url=https%3A%2F%2Fcover.box3.net%2Findex.php&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646359566217&bpp=1&bdt=281&idt=165&shv=r20220302&mjsv=m202202280101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&correlator=2429559766634&frm=20&pv=1&ga_vid=1777689329.1646359566&ga_sid=1646359566&ga_hid=2144191766&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=394&ady=143&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C21066430&oid=2&pvsid=3581939701936144&pem=916&tmod=1125180866&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CapeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=HvwCyjOmME&p=https%3A//cover.box3.net&dtd=169
Frame ID: A7A2EC60A9D984FAC6BABEB162249F14
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2612646834689859&output=html&h=90&slotname=7130229994&adk=1834998291&adf=3689938709&pi=t.ma~as.7130229994&w=660&lmt=1646359566&rafmt=11&psa=0&format=660x90&url=https%3A%2F%2Fcover.box3.net%2Findex.php&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646359566218&bpp=2&bdt=282&idt=171&shv=r20220302&mjsv=m202202280101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C660x280&correlator=2429559766634&frm=20&pv=1&ga_vid=1777689329.1646359566&ga_sid=1646359566&ga_hid=2144191766&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=394&ady=915&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C21066430&oid=2&pvsid=3581939701936144&pem=916&tmod=1125180866&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CapeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=DHE3m7YNdZ&p=https%3A//cover.box3.net&dtd=174
Frame ID: 8BA0300B70DBF45D033521771D034B8A
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2612646834689859&output=html&adk=1812271804&adf=3025194257&lmt=1646359566&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fcover.box3.net%2Findex.php&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646359566229&bpp=1&bdt=293&idt=167&shv=r20220302&mjsv=m202202280101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C660x280%2C660x90&nras=1&correlator=2429559766634&frm=20&pv=1&ga_vid=1777689329.1646359566&ga_sid=1646359566&ga_hid=2144191766&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C21066430&oid=2&pvsid=3581939701936144&pem=916&tmod=1125180866&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=172
Frame ID: 1388FE50E4FCBEFEB47DEE49DED5610B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 8FF4DDB8B6AC27CA8028EBFEF48BD3D1
Requests: 2 HTTP requests in this frame

Frame: https://p4-fvyzqhgdvu72k-pgt2ut47hyagldsh-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: 2256335DEF92DE7166A3C2D3E693CE41
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 95705942BA40C3E82CC47311F3163371
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1
Frame ID: 461122D35C601C97E7B8CAD51B10CD62
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1
Frame ID: 6B233DEBB30136AA6716ECF3F9B24F19
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/nqw9n8Q7ZgUQXaeEyqlQgfSoiWvYVLzKil4oLL1-OrQ.js
Frame ID: 2AD82BCC128260C3E5B0CD0283E35F5F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/nqw9n8Q7ZgUQXaeEyqlQgfSoiWvYVLzKil4oLL1-OrQ.js
Frame ID: 31A0A6685B794B37AD8B39A669E796B3
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 45250449D954862438B91C97BFB53201
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 5F37BD63692464BC29E93CC8B0F8E360
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/nqw9n8Q7ZgUQXaeEyqlQgfSoiWvYVLzKil4oLL1-OrQ.js
Frame ID: 7AD0FBE40B118BF862AA57AA10B9C8A1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: FEB7A4EB1B41AFE8A6B7544FF7AFA2B2
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/nqw9n8Q7ZgUQXaeEyqlQgfSoiWvYVLzKil4oLL1-OrQ.js
Frame ID: D2D8C23D6EC6DF2C194E635BE15D73E3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C5423E970A49111143895CD8ACE19CA4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FA05D8C7D20BD8C7AD8609F4AA0C093D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

COVERS.BOX.SK - high quality DVD / Blueray / Movie

Page URL History Show full URLs

http://covers.box3.net/index.php HTTP 302
https://cover.box3.net/index.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

114
Requests

100 %
HTTPS

73 %
IPv6

11
Domains

17
Subdomains

16
IPs

3
Countries

1050 kB
Transfer

2656 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://covers.box3.net/index.php HTTP 302
https://cover.box3.net/index.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 70

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 104

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

114 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request index.php Show response
cover.box3.net/
Redirect Chain

http://covers.box3.net/index.php
https://cover.box3.net/index.php

24 KB
5 KB

205ms
53ms

Document
text/html

88.212.29.3
ANTIK

General

Check archive.org

Show headers Download Go to

Full URL: https://cover.box3.net/index.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 88.212.29.3 Košice, Slovakia, ASN42841 (ANTIK, SK),
Reverse DNS: nat-88-212-29-3.antik.sk
Software: Apache/2.4.52 (Debian) /
Resource Hash: a02a569f5573bd082ad90d16774540fe529f759d5ed4f94c779c67e1720c4051

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Fri, 04 Mar 2022 02:06:05 GMT
Server: Apache/2.4.52 (Debian)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5034
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Fri, 04 Mar 2022 02:06:05 GMT
Server: Apache/2.4.52 (Debian)
Location: https://cover.box3.net/index.php
Content-Length: 297
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK my.css
cover.box3.net/ 11 KB
3 KB 37ms
36ms Stylesheet
text/css 88.212.29.3
ANTIK

General

Check archive.org

Show headers Download Go to

Full URL: https://cover.box3.net/my.css
Requested by: Host: cover.box3.net
URL: https://cover.box3.net/index.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 88.212.29.3 Košice, Slovakia, ASN42841 (ANTIK, SK),
Reverse DNS: nat-88-212-29-3.antik.sk
Software: Apache/2.4.52 (Debian) /
Resource Hash: f2bd1967455d002cfe26a5d61cffe7a69c2981d1354ae4fdf930aaa329ee433a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cover.box3.net/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 02:06:05 GMT
Content-Encoding: gzip
Last-Modified: Fri, 07 Jan 2022 01:05:04 GMT
Server: Apache/2.4.52 (Debian)
ETag: "2b05-5d4f393c52172-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 3000

GET
H/1.1 200
OK main.js Show response
cover.box3.net/ 1 KB
885 B 72ms
35ms Script
application/javascript 88.212.29.3
ANTIK

General

Check archive.org

Show headers Download Go to

Full URL: https://cover.box3.net/main.js
Requested by: Host: cover.box3.net
URL: https://cover.box3.net/index.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 88.212.29.3 Košice, Slovakia, ASN42841 (ANTIK, SK),
Reverse DNS: nat-88-212-29-3.antik.sk
Software: Apache/2.4.52 (Debian) /
Resource Hash: 42e5e65ae9b6a0d95ecb7e01b3a0f9ab3f34e4dd785d6a5290279b44574f9c51

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cover.box3.net/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 02:06:06 GMT
Content-Encoding: gzip
Last-Modified: Sat, 10 Jan 2015 21:38:23 GMT
Server: Apache/2.4.52 (Debian)
ETag: "505-50c5317b351c0-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 536

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 153 KB
53 KB 149ms
63ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: cover.box3.net
URL: https://cover.box3.net/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15111ec003884a1081261bed747e563999872f0ed00d8253e155992189a0f25c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cover.box3.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 02:06:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53894
x-xss-protection: 0
server: cafe
etag: 13238113938229496529
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 04 Mar 2022 02:06:06 GMT

GET
H/1.1 200
OK th1646299422-front-cover.jpg
cover.box3.net/newsimg/dvdmov/ 2 KB
2 KB 35ms
35ms Image
image/jpeg 88.212.29.3
ANTIK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cover.box3.net/newsimg/dvdmov/th1646299422-front-cover.jpg
Requested by: Host: cover.box3.net
URL: https://cover.box3.net/index.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 88.212.29.3 Košice, Slovakia, ASN42841 (ANTIK, SK),
Reverse DNS: nat-88-212-29-3.antik.sk
Software: Apache/2.4.52 (Debian) /
Resource Hash: 45e394a76ea282a012520e69a90f9d18ae4fd1077e8bac475b7f1258ed49b29b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cover.box3.net/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 02:06:06 GMT
Last-Modified: Thu, 03 Mar 2022 09:23:43 GMT
Server: Apache/2.4.52 (Debian)
ETag: "7e2-5d94cf44f0fbd"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 2018

GET
H/1.1 200
OK th1646294829-front-cover.jpg
cover.box3.net/newsimg/dvdmov/ 2 KB
2 KB 36ms
35ms Image
image/jpeg 88.212.29.3
ANTIK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cover.box3.net/newsimg/dvdmov/th1646294829-front-cover.jpg
Requested by: Host: cover.box3.net
URL: https://cover.box3.net/index.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 88.212.29.3 Košice, Slovakia, ASN42841 (ANTIK, SK),
Reverse DNS: nat-88-212-29-3.antik.sk
Software: Apache/2.4.52 (Debian) /
Resource Hash: 89d44cd7fa51c7804f5e43ed9eb6d80920d2390331703a749e2eac4751d2d762

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cover.box3.net/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 02:06:06 GMT
Last-Modified: Thu, 03 Mar 2022 08:07:09 GMT
Server: Apache/2.4.52 (Debian)
ETag: "89d-5d94be281b6c1"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2205

GET
H/1.1 200
OK th1646294807-front-cover.jpg
cover.box3.net/newsimg/dvdmov/ 2 KB
3 KB 134ms
33ms Image
image/jpeg 88.212.29.3
ANTIK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cover.box3.net/newsimg/dvdmov/th1646294807-front-cover.jpg
Requested by: Host: cover.box3.net
URL: https://cover.box3.net/index.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 88.212.29.3 Košice, Slovakia, ASN42841 (ANTIK, SK),
Reverse DNS: nat-88-212-29-3.antik.sk
Software: Apache/2.4.52 (Debian) /
Resource Hash: 18197854e41c5e9933f4385d1bf312f74c2a137ae4c26db50f7cef461e253fe7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cover.box3.net/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 02:06:06 GMT
Last-Modified: Thu, 03 Mar 2022 08:06:47 GMT
Server: Apache/2.4.52 (Debian)
ETag: "976-5d94be131a77b"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2422

GET
H/1.1 200
OK th1646293807-front-cover.jpg
cover.box3.net/newsimg/dvdmov/ 2 KB
2 KB 145ms
34ms Image
image/jpeg 88.212.29.3
ANTIK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cover.box3.net/newsimg/dvdmov/th1646293807-front-cover.jpg
Requested by: Host: cover.box3.net
URL: https://cover.box3.net/index.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 88.212.29.3 Košice, Slovakia, ASN42841 (ANTIK, SK),
Reverse DNS: nat-88-212-29-3.antik.sk
Software: Apache/2.4.52 (Debian) /
Resource Hash: 82df5178bd43b2abdb6acdc77da7e8d5dcf12c5ab192bf7aa1a7d57e95bec235

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cover.box3.net/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 02:06:06 GMT
Last-Modified: Thu, 03 Mar 2022 07:50:07 GMT
Server: Apache/2.4.52 (Debian)
ETag: "811-5d94ba59567fd"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2065

GET
H/1.1 200
OK th1646342637-front-cover.jpg
cover.box3.net/newsimg/dvdmov/ 1 KB
2 KB 146ms
35ms Image
image/jpeg 88.212.29.3
ANTIK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cover.box3.net/newsimg/dvdmov/th1646342637-front-cover.jpg
Requested by: Host: cover.box3.net
URL: https://cover.box3.net/index.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 88.212.29.3 Košice, Slovakia, ASN42841 (ANTIK, SK),
Reverse DNS: nat-88-212-29-3.antik.sk
Software: Apache/2.4.52 (Debian) /
Resource Hash: 0d38b0fffa609e84a2b79651d38ee8262d6d552cdaf276d448fc43df28c4cff6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cover.box3.net/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 02:06:06 GMT
Last-Modified: Thu, 03 Mar 2022 21:23:57 GMT
Server: Apache/2.4.52 (Debian)
ETag: "575-5d957041dc676"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 1397

GET
H/1.1 200
OK th1646290161-front-cover.jpg
cover.box3.net/newsimg/dvdmov/ 2 KB
2 KB 146ms
35ms Image
image/jpeg 88.212.29.3
ANTIK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cover.box3.net/newsimg/dvdmov/th1646290161-front-cover.jpg
Requested by: Host: cover.box3.net
URL: https://cover.box3.net/index.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 88.212.29.3 Košice, Slovakia, ASN42841 (ANTIK, SK),
Reverse DNS: nat-88-212-29-3.antik.sk
Software: Apache/2.4.52 (Debian) /
Resource Hash: 23ab8152f996d10c8c4c05221f0fb6085e56c521d0a902c41d9c161b5700a72a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cover.box3.net/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 02:06:06 GMT
Last-Modified: Thu, 03 Mar 2022 06:49:21 GMT
Server: Apache/2.4.52 (Debian)
ETag: "619-5d94acc4d8719"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1561

GET
H/1.1 200
OK th1646290075-front-cover.jpg
cover.box3.net/newsimg/dvdmov/ 2 KB
2 KB 104ms
33ms Image
image/jpeg 88.212.29.3
ANTIK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cover.box3.net/newsimg/dvdmov/th1646290075-front-cover.jpg
Requested by: Host: cover.box3.net
URL: https://cover.box3.net/index.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 88.212.29.3 Košice, Slovakia, ASN42841 (ANTIK, SK),
Reverse DNS: nat-88-212-29-3.antik.sk
Software: Apache/2.4.52 (Debian) /
Resource Hash: b5a39beec63314b7359a69eed95be1c4b451c16382a97771e67294595fcf5077

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cover.box3.net/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 02:06:06 GMT
Last-Modified: Thu, 03 Mar 2022 06:47:55 GMT
Server: Apache/2.4.52 (Debian)
ETag: "6eb-5d94ac728a262"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1771

GET
H/1.1 200
OK th1646289995-front-cover.jpg
cover.box3.net/newsimg/dvdmov/ 2 KB
2 KB 80ms
36ms Image
image/jpeg 88.212.29.3
ANTIK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cover.box3.net/newsimg/dvdmov/th1646289995-front-cover.jpg
Requested by: Host: cover.box3.net
URL: https://cover.box3.net/index.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 88.212.29.3 Košice, Slovakia, ASN42841 (ANTIK, SK),
Reverse DNS: nat-88-212-29-3.antik.sk
Software: Apache/2.4.52 (Debian) /
Resource Hash: 90e83d96519530127784a65db3eb92ee95bd158719dbd35ed018806b56de291f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cover.box3.net/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 02:06:06 GMT
Last-Modified: Thu, 03 Mar 2022 06:46:36 GMT
Server: Apache/2.4.52 (Debian)
ETag: "7a5-5d94ac2697c84"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1957

GET
H/1.1 200
OK th1644982547-front-cover.jpg
cover.box3.net/newsimg/dvdmov/ 2 KB
2 KB 80ms
35ms Image
image/jpeg 88.212.29.3
ANTIK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cover.box3.net/newsimg/dvdmov/th1644982547-front-cover.jpg
Requested by: Host: cover.box3.net
URL: https://cover.box3.net/index.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 88.212.29.3 Košice, Slovakia, ASN42841 (ANTIK, SK),
Reverse DNS: nat-88-212-29-3.antik.sk
Software: Apache/2.4.52 (Debian) /
Resource Hash: 522cbd772dd6a2a70507076c33e4246fabf7f4c88a70a8e3fc91e0140c6b72c6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cover.box3.net/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 02:06:06 GMT
Last-Modified: Wed, 16 Feb 2022 03:35:47 GMT
Server: Apache/2.4.52 (Debian)
ETag: "787-5d81a58613517"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 1927

GET
H/1.1 200
OK th1635495291-front-cover.jpg
cover.box3.net/newsimg/dvdmov/ 2 KB
2 KB 80ms
36ms Image
image/jpeg 88.212.29.3
ANTIK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cover.box3.net/newsimg/dvdmov/th1635495291-front-cover.jpg
Requested by: Host: cover.box3.net
URL: https://cover.box3.net/index.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 88.212.29.3 Košice, Slovakia, ASN42841 (ANTIK, SK),
Reverse DNS: nat-88-212-29-3.antik.sk
Software: Apache/2.4.52 (Debian) /
Resource Hash: 184117892ec351cdea51c2205e363aeaf465056068966657db4df9793efcf4a2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cover.box3.net/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 02:06:06 GMT
Last-Modified: Fri, 29 Oct 2021 08:14:51 GMT
Server: Apache/2.4.52 (Debian)
ETag: "73e-5cf796be4923c"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1854

GET
H/1.1 200
OK th1635478855-front-cover.jpg
cover.box3.net/newsimg/dvdmov/ 2 KB
2 KB 36ms
35ms Image
image/jpeg 88.212.29.3
ANTIK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cover.box3.net/newsimg/dvdmov/th1635478855-front-cover.jpg
Requested by: Host: cover.box3.net
URL: https://cover.box3.net/index.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 88.212.29.3 Košice, Slovakia, ASN42841 (ANTIK, SK),
Reverse DNS: nat-88-212-29-3.antik.sk
Software: Apache/2.4.52 (Debian) /
Resource Hash: 4ea2ace7a1ded2353ee5adbd79dfd131ebb004e54e932b6f103b43e3bae23499

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cover.box3.net/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 02:06:06 GMT
Last-Modified: Fri, 29 Oct 2021 03:40:55 GMT
Server: Apache/2.4.52 (Debian)
ETag: "839-5cf759837aeb3"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2105

GET
H/1.1 200
OK th1632666838-front-cover.jpg
cover.box3.net/newsimg/dvdmov/ 2 KB
2 KB 33ms
32ms Image
image/jpeg 88.212.29.3
ANTIK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cover.box3.net/newsimg/dvdmov/th1632666838-front-cover.jpg
Requested by: Host: cover.box3.net
URL: https://cover.box3.net/index.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 88.212.29.3 Košice, Slovakia, ASN42841 (ANTIK, SK),
Reverse DNS: nat-88-212-29-3.antik.sk
Software: Apache/2.4.52 (Debian) /
Resource Hash: d8de527623347db0ba4896b7be5665c691780bceac4eade2ecf0724f271479a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cover.box3.net/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 02:06:06 GMT
Last-Modified: Sun, 26 Sep 2021 14:33:58 GMT
Server: Apache/2.4.52 (Debian)
ETag: "703-5cce6def06d34"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1795

GET
H/1.1 200
OK th1643120256-front-cover.jpg
cover.box3.net/newsimg/dvdmov/ 2 KB
2 KB 34ms
34ms Image
image/jpeg 88.212.29.3
ANTIK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cover.box3.net/newsimg/dvdmov/th1643120256-front-cover.jpg
Requested by: Host: cover.box3.net
URL: https://cover.box3.net/index.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 88.212.29.3 Košice, Slovakia, ASN42841 (ANTIK, SK),
Reverse DNS: nat-88-212-29-3.antik.sk
Software: Apache/2.4.52 (Debian) /
Resource Hash: 5a48cecff62315bdba1d15da3d724b9042a536a1384f3696e47428dd3ee2c037

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cover.box3.net/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 02:06:06 GMT
Last-Modified: Tue, 25 Jan 2022 14:17:36 GMT
Server: Apache/2.4.52 (Debian)
ETag: "763-5d668bf35f7e1"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1891

GET
H/1.1 200
OK th1638985577-front-cover.jpg
cover.box3.net/newsimg/dvdmov/ 2 KB
2 KB 34ms
34ms Image
image/jpeg 88.212.29.3
ANTIK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cover.box3.net/newsimg/dvdmov/th1638985577-front-cover.jpg
Requested by: Host: cover.box3.net
URL: https://cover.box3.net/index.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 88.212.29.3 Košice, Slovakia, ASN42841 (ANTIK, SK),
Reverse DNS: nat-88-212-29-3.antik.sk
Software: Apache/2.4.52 (Debian) /
Resource Hash: 424476ef90ebe0817a697e5bceb3bb28ae43f6d70237f767bde7c4c858bea55a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cover.box3.net/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 02:06:06 GMT
Last-Modified: Wed, 08 Dec 2021 17:46:17 GMT
Server: Apache/2.4.52 (Debian)
ETag: "710-5d2a611219bd3"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1808

GET
H/1.1 200
OK th1630056305-front-cover.jpg
cover.box3.net/newsimg/dvdmov/ 2 KB
2 KB 36ms
36ms Image
image/jpeg 88.212.29.3
ANTIK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cover.box3.net/newsimg/dvdmov/th1630056305-front-cover.jpg
Requested by: Host: cover.box3.net
URL: https://cover.box3.net/index.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 88.212.29.3 Košice, Slovakia, ASN42841 (ANTIK, SK),
Reverse DNS: nat-88-212-29-3.antik.sk
Software: Apache/2.4.52 (Debian) /
Resource Hash: d6aaab2a83b2ac2e82dd58559ff7d24d0a4fefc67d51ad4ba10df9109c64be0b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cover.box3.net/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 02:06:06 GMT
Last-Modified: Fri, 27 Aug 2021 09:25:07 GMT
Server: Apache/2.4.52 (Debian)
ETag: "87c-5ca870f2f8519"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 2172

GET
H/1.1 200
OK th1630055963-front-cover.jpg
cover.box3.net/newsimg/dvdmov/ 2 KB
2 KB 35ms
35ms Image
image/jpeg 88.212.29.3
ANTIK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cover.box3.net/newsimg/dvdmov/th1630055963-front-cover.jpg
Requested by: Host: cover.box3.net
URL: https://cover.box3.net/index.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 88.212.29.3 Košice, Slovakia, ASN42841 (ANTIK, SK),
Reverse DNS: nat-88-212-29-3.antik.sk
Software: Apache/2.4.52 (Debian) /
Resource Hash: cf183733b51b59a8928b7a2ab4e19f7bf5bc0137dfa7ae4e2ca2cc68f857fd20

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cover.box3.net/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 02:06:06 GMT
Last-Modified: Fri, 27 Aug 2021 09:19:26 GMT
Server: Apache/2.4.52 (Debian)
ETag: "8b2-5ca86fad28767"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 2226

GET
H/1.1 200
OK main_back.jpg
cover.box3.net/pics/ 539 B
824 B 59ms
35ms Image
image/jpeg 88.212.29.3
ANTIK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cover.box3.net/pics/main_back.jpg
Requested by: Host: cover.box3.net
URL: https://cover.box3.net/my.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 88.212.29.3 Košice, Slovakia, ASN42841 (ANTIK, SK),
Reverse DNS: nat-88-212-29-3.antik.sk
Software: Apache/2.4.52 (Debian) /
Resource Hash: 83abf48ae433cf670ab35054e110c3aeb7cb354a0e3670f8f9f8f33d113522d6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cover.box3.net/my.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 02:06:06 GMT
Last-Modified: Tue, 07 Sep 2004 08:23:10 GMT
Server: Apache/2.4.52 (Debian)
ETag: "21b-3e37bb5295780"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 539

GET
H/1.1 200
OK main_back2.jpg
cover.box3.net/pics/ 344 B
629 B 60ms
35ms Image
image/jpeg 88.212.29.3
ANTIK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cover.box3.net/pics/main_back2.jpg
Requested by: Host: cover.box3.net
URL: https://cover.box3.net/my.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 88.212.29.3 Košice, Slovakia, ASN42841 (ANTIK, SK),
Reverse DNS: nat-88-212-29-3.antik.sk
Software: Apache/2.4.52 (Debian) /
Resource Hash: 04861d6e075e670da56d904b8952789408e745b887b25fd0e11575d427daca87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cover.box3.net/my.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 02:06:06 GMT
Last-Modified: Tue, 07 Sep 2004 11:37:54 GMT
Server: Apache/2.4.52 (Debian)
ETag: "158-3e37e6d950880"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 344

GET
H/1.1 200
OK logo_main.jpg
cover.box3.net/pics/ 4 KB
5 KB 86ms
33ms Image
image/jpeg 88.212.29.3
ANTIK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cover.box3.net/pics/logo_main.jpg
Requested by: Host: cover.box3.net
URL: https://cover.box3.net/my.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 88.212.29.3 Košice, Slovakia, ASN42841 (ANTIK, SK),
Reverse DNS: nat-88-212-29-3.antik.sk
Software: Apache/2.4.52 (Debian) /
Resource Hash: 9011dfa02d496feb2a5bfc3a84321a44dc4c357d04904ac9f59987a869062dd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cover.box3.net/my.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 02:06:06 GMT
Last-Modified: Wed, 07 Jul 2004 11:43:26 GMT
Server: Apache/2.4.52 (Debian)
ETag: "11fc-3de9f4735b380"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 4604

GET
H/1.1 200
OK logo_main2.gif
cover.box3.net/pics/ 1 KB
2 KB 86ms
33ms Image
image/gif 88.212.29.3
ANTIK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cover.box3.net/pics/logo_main2.gif
Requested by: Host: cover.box3.net
URL: https://cover.box3.net/my.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 88.212.29.3 Košice, Slovakia, ASN42841 (ANTIK, SK),
Reverse DNS: nat-88-212-29-3.antik.sk
Software: Apache/2.4.52 (Debian) /
Resource Hash: fe6fa38bdcad0846cb66678fbe4c2d54543c7a883cc46a84d5908bb5c029be06

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cover.box3.net/my.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 02:06:06 GMT
Last-Modified: Tue, 23 May 2006 14:01:08 GMT
Server: Apache/2.4.52 (Debian)
ETag: "5f0-414750cf5b100"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1520

GET
H/1.1 200
OK covertop_02.gif
cover.box3.net/pics/ 347 B
632 B 95ms
34ms Image
image/gif 88.212.29.3
ANTIK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cover.box3.net/pics/covertop_02.gif
Requested by: Host: cover.box3.net
URL: https://cover.box3.net/my.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 88.212.29.3 Košice, Slovakia, ASN42841 (ANTIK, SK),
Reverse DNS: nat-88-212-29-3.antik.sk
Software: Apache/2.4.52 (Debian) /
Resource Hash: c5d1851f7882a6a79b8cc8a0432607df50d1ac2e9e617763d4ac2c8c61204a8e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cover.box3.net/my.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 02:06:06 GMT
Last-Modified: Fri, 09 Jul 2004 10:49:09 GMT
Server: Apache/2.4.52 (Debian)
ETag: "15b-3dec6c0c29340"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 347

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 124ms
36ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cover.box3.net
URL: https://cover.box3.net/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cover.box3.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 74
date: Fri, 04 Mar 2022 02:04:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 04 Mar 2022 04:04:52 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
206 B 47ms
46ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2144191766&t=pageview&_s=1&dl=https%3A%2F%2Fcover.box3.net%2Findex.php&ul=en-us&de=UTF-8&dt=COVERS.BOX.SK%20-%20high%20quality%20DVD%20%2F%20Blueray%20%2F%20Movie&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1382074720&gjid=1236246215&cid=1777689329.1646359566&tid=UA-3401039-5&_gid=491645737.1646359566&_r=1&_slc=1&z=233201705

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cover.box3.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Mar 2022 02:06:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cover.box3.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202280101/ 291 KB
105 KB 69ms
68ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202280101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2612646834689859&plah=cover.box3.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9056f089c4c55beff6a4c0fe7a33e08b6eb83b0954952231567660f763fd5fca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cover.box3.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 02:06:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 107221
x-xss-protection: 0
server: cafe
etag: 13565773829967287199
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 04 Mar 2022 02:06:06 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220302/r20190131/ Frame 1E50 10 KB
5 KB 126ms
40ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220302/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cover.box3.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Thu, 03 Mar 2022 04:18:02 GMT
expires: Thu, 17 Mar 2022 04:18:02 GMT
cache-control: public, max-age=1209600
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
age: 78484
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 212 B
642 B 135ms
47ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=cover.box3.net&callback=_gfp_s_&client=ca-pub-2612646834689859

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202280101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2612646834689859&plah=cover.box3.net

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e2431940a325aa9239b7f28e9f1fa2123ecbc536ad5be1a5fa58290a330bd6dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cover.box3.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 02:06:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 197
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 135ms
48ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=cover.box3.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cover.box3.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Mar 2022 02:06:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 133ms
45ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cover.box3.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cover.box3.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Mar 2022 02:06:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EAE4 70 KB
28 KB 247ms
199ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2612646834689859&output=html&h=600&slotname=3239060328&adk=659777109&adf=2901631502&pi=t.ma~as.3239060328&w=160&fwrn=4&fwrnh=100&lmt=1646359566&rafmt=1&psa=0&format=160x600&url=https%3A%2F%2Fcover.box3.net%2Findex.php&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646359566209&bpp=8&bdt=273&idt=138&shv=r20220302&mjsv=m202202280101&ptt=9&saldr=aa&abxe=1&correlator=2429559766634&frm=20&pv=2&ga_vid=1777689329.1646359566&ga_sid=1646359566&ga_hid=2144191766&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=216&ady=650&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C21066430&oid=2&pvsid=3581939701936144&pem=916&tmod=1125180866&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CapeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=mUoRkNnNhB&p=https%3A//cover.box3.net&dtd=157

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4641a74bd87395f98c3f3ab7eeadd01ad6de177fc6d48bd3655dd094a8881184

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cover.box3.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 04 Mar 2022 02:06:06 GMT
server: cafe
content-length: 28798
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 04 Mar 2022 02:06:06 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A7A2 78 KB
29 KB 571ms
542ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2612646834689859&output=html&h=280&slotname=6012589442&adk=2661501742&adf=3100471964&pi=t.ma~as.6012589442&w=660&fwrn=4&fwrnh=100&lmt=1646359566&rafmt=1&psa=0&format=660x280&url=https%3A%2F%2Fcover.box3.net%2Findex.php&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646359566217&bpp=1&bdt=281&idt=165&shv=r20220302&mjsv=m202202280101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&correlator=2429559766634&frm=20&pv=1&ga_vid=1777689329.1646359566&ga_sid=1646359566&ga_hid=2144191766&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=394&ady=143&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C21066430&oid=2&pvsid=3581939701936144&pem=916&tmod=1125180866&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CapeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=HvwCyjOmME&p=https%3A//cover.box3.net&dtd=169

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f88d50072687517cc0e2408b746d43e03a1e06c6a4b775a6fa6dbb46ed160a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cover.box3.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 04 Mar 2022 02:06:06 GMT
server: cafe
content-length: 30105
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 04 Mar 2022 02:06:06 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8BA0 94 KB
32 KB 392ms
369ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2612646834689859&output=html&h=90&slotname=7130229994&adk=1834998291&adf=3689938709&pi=t.ma~as.7130229994&w=660&lmt=1646359566&rafmt=11&psa=0&format=660x90&url=https%3A%2F%2Fcover.box3.net%2Findex.php&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646359566218&bpp=2&bdt=282&idt=171&shv=r20220302&mjsv=m202202280101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C660x280&correlator=2429559766634&frm=20&pv=1&ga_vid=1777689329.1646359566&ga_sid=1646359566&ga_hid=2144191766&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=394&ady=915&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C21066430&oid=2&pvsid=3581939701936144&pem=916&tmod=1125180866&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CapeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=DHE3m7YNdZ&p=https%3A//cover.box3.net&dtd=174

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a59e270c2dcd30012ef1e00f2b372c306a08937f8ca59c21f3ce854dd7be7e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cover.box3.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 04 Mar 2022 02:06:06 GMT
server: cafe
content-length: 33187
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 04 Mar 2022 02:06:06 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1388 222 KB
62 KB 538ms
525ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2612646834689859&output=html&adk=1812271804&adf=3025194257&lmt=1646359566&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fcover.box3.net%2Findex.php&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646359566229&bpp=1&bdt=293&idt=167&shv=r20220302&mjsv=m202202280101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C660x280%2C660x90&nras=1&correlator=2429559766634&frm=20&pv=1&ga_vid=1777689329.1646359566&ga_sid=1646359566&ga_hid=2144191766&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C21066430&oid=2&pvsid=3581939701936144&pem=916&tmod=1125180866&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=172

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f254f3fc33373058cb660f618926b06f84d4ecbdbcbf2a9c31683d02e6b703

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cover.box3.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 04 Mar 2022 02:06:06 GMT
server: cafe
content-length: 63013
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 04 Mar 2022 02:06:06 GMT
cache-control: private

GET
H2 200 15622243453476488046
tpc.googlesyndication.com/daca_images/simgad/ Frame EAE4 65 KB
65 KB 190ms
81ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/15622243453476488046

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2612646834689859&output=html&h=600&slotname=3239060328&adk=659777109&adf=2901631502&pi=t.ma~as.3239060328&w=160&fwrn=4&fwrnh=100&lmt=1646359566&rafmt=1&psa=0&format=160x600&url=https%3A%2F%2Fcover.box3.net%2Findex.php&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646359566209&bpp=8&bdt=273&idt=138&shv=r20220302&mjsv=m202202280101&ptt=9&saldr=aa&abxe=1&correlator=2429559766634&frm=20&pv=2&ga_vid=1777689329.1646359566&ga_sid=1646359566&ga_hid=2144191766&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=216&ady=650&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C21066430&oid=2&pvsid=3581939701936144&pem=916&tmod=1125180866&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CapeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=mUoRkNnNhB&p=https%3A//cover.box3.net&dtd=157

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16673bf02d24dc2c07dca443a4fcb875437b7007da78c320661b7af39e14aa74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 22:51:31 GMT
x-content-type-options: nosniff
age: 11675
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66465
x-xss-protection: 0
last-modified: Thu, 03 Mar 2022 07:46:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 03 Mar 2023 22:51:31 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220301/r20110914/ Frame EAE4 19 KB
8 KB 147ms
39ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220301/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d67c6a30bbb9f841e5fc883687b07ecbd33f0292c148b0b6edf499de0e742a6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 01:25:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2448
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7872
x-xss-protection: 0
server: cafe
etag: 15461303091586157378
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Mar 2022 01:25:18 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220301/r20110914/client/ Frame EAE4 2 KB
1 KB 183ms
79ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220301/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 00:36:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5351
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Mar 2022 00:36:55 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EAE4 124 KB
38 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ded445534230fe3d1274bd48ed100b17ea890a65d5c0250172369a5b522f3ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 02:06:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38860
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646224922100600"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 04 Mar 2022 02:06:06 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220301/r20110914/client/ Frame EAE4 15 KB
6 KB 148ms
44ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220301/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d054377044014c1069958d9c610330164f05edbf091b2be9b6be60dc4f043494

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 02:00:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 318
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6417
x-xss-protection: 0
server: cafe
etag: 10598556267281433416
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Mar 2022 02:00:48 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220301/r20110914/client/ Frame EAE4 28 KB
12 KB 151ms
48ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220301/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f4b04166b6e23095feb89427b395cff80036ef313d35ca34e3b4d2ca6c5ef32d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 20:11:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21260
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11811
x-xss-protection: 0
server: cafe
etag: 8908131998612474304
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 17 Mar 2022 20:11:46 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame EAE4 0
0 85ms
84ms Fetch
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C44aDDnQhYq3pGuHO7_UPnqOv2AOk4dTfaMXum67QD7ia9_WODhABIPDAtgdgleKQgqAHoAHGwf6TA8gBAqgDAcgDyQSqBNABT9DGIhAM1AePR_grIaOz7kDKUa1Jt_EOK8l5wiLuY65G0SJAYAvw-h0FOzhxRknzqiMggp1IyKWGVRMereOorTxUUFfAYnAmyM0Ef66dnQUxqbaZaVz4M4PQnirOiROiDF4N815Z3zbMUtFtMIlW786eWtjzXeOTrf3lA25P303Tptb4QSpcY9S7RPPu3BGjIE19eRNmHgUSyoF0cSIhG8xKIy_EVeYvUv9HtMLyllKZWfF0FGbMzuvPHKNa1Ha0btcDAD9f_E9ZRRV2JT-4FcAEzsG1v_YDkgUECAQYAZIFBAgFGASgBgKAB6K-gWyoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHAxCQNdIICQiA4YAQEAEYH4AKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi0yNjEyNjQ2ODM0Njg5ODU5GAA&sigh=jiB-f_rAirI&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2612646834689859&output=html&h=600&slotname=3239060328&adk=659777109&adf=2901631502&pi=t.ma~as.3239060328&w=160&fwrn=4&fwrnh=100&lmt=1646359566&rafmt=1&psa=0&format=160x600&url=https%3A%2F%2Fcover.box3.net%2Findex.php&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646359566209&bpp=8&bdt=273&idt=138&shv=r20220302&mjsv=m202202280101&ptt=9&saldr=aa&abxe=1&correlator=2429559766634&frm=20&pv=2&ga_vid=1777689329.1646359566&ga_sid=1646359566&ga_hid=2144191766&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=216&ady=650&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C21066430&oid=2&pvsid=3581939701936144&pem=916&tmod=1125180866&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CapeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=mUoRkNnNhB&p=https%3A//cover.box3.net&dtd=157
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 04 Mar 2022 02:06:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 04 Mar 2022 02:06:06 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8FF4 143 B
163 B 40ms
39ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2612646834689859&output=html&h=600&slotname=3239060328&adk=659777109&adf=2901631502&pi=t.ma~as.3239060328&w=160&fwrn=4&fwrnh=100&lmt=1646359566&rafmt=1&psa=0&format=160x600&url=https%3A%2F%2Fcover.box3.net%2Findex.php&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646359566209&bpp=8&bdt=273&idt=138&shv=r20220302&mjsv=m202202280101&ptt=9&saldr=aa&abxe=1&correlator=2429559766634&frm=20&pv=2&ga_vid=1777689329.1646359566&ga_sid=1646359566&ga_hid=2144191766&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=216&ady=650&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C21066430&oid=2&pvsid=3581939701936144&pem=916&tmod=1125180866&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CapeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=mUoRkNnNhB&p=https%3A//cover.box3.net&dtd=157

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Fri, 04 Mar 2022 02:04:58 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 68
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 redir.html Show response
p4-fvyzqhgdvu72k-pgt2ut47hyagldsh-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 2256 247 B
964 B 164ms
53ms Document
text/html 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-fvyzqhgdvu72k-pgt2ut47hyagldsh-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

31fdd34f52c70d486d0c852bf86aaa35cbfd2def11920af03188d7fb7447b14c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy-report-only: script-src 'nonce-ZWBiQL8YUDGbyCjHRjIlvw' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 205
date: Fri, 04 Mar 2022 02:06:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Mon, 02 Dec 2019 20:15:00 GMT
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 css
fonts.googleapis.com/ Frame 8BA0 2 KB
1 KB 139ms
52ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400&lang=de

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2612646834689859&output=html&h=90&slotname=7130229994&adk=1834998291&adf=3689938709&pi=t.ma~as.7130229994&w=660&lmt=1646359566&rafmt=11&psa=0&format=660x90&url=https%3A%2F%2Fcover.box3.net%2Findex.php&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646359566218&bpp=2&bdt=282&idt=171&shv=r20220302&mjsv=m202202280101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C660x280&correlator=2429559766634&frm=20&pv=1&ga_vid=1777689329.1646359566&ga_sid=1646359566&ga_hid=2144191766&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=394&ady=915&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C21066430&oid=2&pvsid=3581939701936144&pem=916&tmod=1125180866&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CapeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=DHE3m7YNdZ&p=https%3A//cover.box3.net&dtd=174

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 01:20:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 04 Mar 2022 02:06:06 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 04 Mar 2022 02:06:06 GMT

GET
H3 200 m_js_controller_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220301/r20110914/client/ Frame 8BA0 32 KB
13 KB 82ms
36ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220301/r20110914/client/m_js_controller_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bed9b4262d2ff6c062498919f5b33aa10d8b66eb940e14e8e439cbeeda5fcf4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 00:10:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6943
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13100
x-xss-protection: 0
server: cafe
etag: 1410534053808292774
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Mar 2022 00:10:23 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/11950583257619981906/ Frame 8BA0 2 KB
2 KB 74ms
74ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11950583257619981906/downsize_200k_v1?w=128&h=128

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

050852539dc0c7186b0d275e3078a7bd631eb9f4024997a0106dc26565e614fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 02:06:07 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1735
x-xss-protection: 0
last-modified: Mon, 28 Feb 2022 17:43:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 04 Mar 2023 02:06:07 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220301/r20110914/ Frame 8BA0 19 KB
8 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220301/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d67c6a30bbb9f841e5fc883687b07ecbd33f0292c148b0b6edf499de0e742a6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 01:25:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2448
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7872
x-xss-protection: 0
server: cafe
etag: 15461303091586157378
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Mar 2022 01:25:18 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220301/r20110914/client/ Frame 8BA0 2 KB
1 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220301/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 00:36:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5351
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Mar 2022 00:36:55 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8BA0 124 KB
38 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ded445534230fe3d1274bd48ed100b17ea890a65d5c0250172369a5b522f3ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 02:06:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38860
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646224922100600"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 04 Mar 2022 02:06:06 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220301/r20110914/client/ Frame 8BA0 15 KB
6 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220301/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d054377044014c1069958d9c610330164f05edbf091b2be9b6be60dc4f043494

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 00:37:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5310
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6417
x-xss-protection: 0
server: cafe
etag: 10598556267281433416
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Mar 2022 00:37:36 GMT

GET
DATA 200
OK truncated
/ Frame EAE4 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dbac531ceb8f9d06b7dc4130dc22e559bea25184532a625c1425a12a5bbdbb3b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8FF4
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

65ms
60ms

Document
text/html

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 04 Mar 2022 02:06:07 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 04 Mar 2022 02:06:07 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 04 Mar 2022 02:06:06 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 iframe.html Show response
p4-fvyzqhgdvu72k-pgt2ut47hyagldsh-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 2256 4 KB
2 KB 94ms
47ms Document
text/html 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-fvyzqhgdvu72k-pgt2ut47hyagldsh-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html

Requested by

Host: p4-fvyzqhgdvu72k-pgt2ut47hyagldsh-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-fvyzqhgdvu72k-pgt2ut47hyagldsh-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

33e0f071d15b93f6a6a4e588a0c6a07765ce2558f1bb4ea8a846e278bee4065a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://p4-fvyzqhgdvu72k-pgt2ut47hyagldsh-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy-report-only: script-src 'nonce-MAYNgbVOB5pz3pw4r5lLpA' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1860
date: Fri, 04 Mar 2022 02:06:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Thu, 29 Apr 2021 21:38:00 GMT
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 css
fonts.googleapis.com/ Frame A7A2 4 KB
619 B 97ms
50ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2612646834689859&output=html&h=280&slotname=6012589442&adk=2661501742&adf=3100471964&pi=t.ma~as.6012589442&w=660&fwrn=4&fwrnh=100&lmt=1646359566&rafmt=1&psa=0&format=660x280&url=https%3A%2F%2Fcover.box3.net%2Findex.php&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646359566217&bpp=1&bdt=281&idt=165&shv=r20220302&mjsv=m202202280101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&correlator=2429559766634&frm=20&pv=1&ga_vid=1777689329.1646359566&ga_sid=1646359566&ga_hid=2144191766&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=394&ady=143&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C21066430&oid=2&pvsid=3581939701936144&pem=916&tmod=1125180866&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CapeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=HvwCyjOmME&p=https%3A//cover.box3.net&dtd=169

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8aed12b8b95a1d49011f3e134dc8e71804a3576818d1d1334145aaa96d71aa5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 02:05:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 04 Mar 2022 02:06:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 04 Mar 2022 02:06:07 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8BA0 0
0 83ms
82ms Fetch
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CjFo7DnQhYvTvGv-Q7_UPvNuz6AKN_evdaKCmiIH4D5CSyePCARABIPDAtgdgleKQgqAHoAGR5KTNAsgBBqkCGLj8xduPsj6oAwHIA8sEqgTQAU_QIw0jQ7_5kiC9125U4Yn2JNOHj6J6ZgtsG84I5AeDARjTOMqffDHs3UYZvCH_qe0WtgXy8oriAA-wHk4wROEeH-qFaB6rSuHWyqkEo7XKMfLa4cv9ovBsz29CsSOaF3CLVK3Z4x7mPXQtNnmQ0mrXPU7-D7oDn0iTWPX2Me2ezsg2oyfJ3ma7Kwiq2XQ4s_xlbt-i8RWJFsAUVpRjJwTj8MEr14nnq30jh9lXIE8m5k51xUSH4TTfqWygODDUuVmpZ784p3vdNCj8UQifkC_ABMmWpYfrA5IFBAgEGAGSBQQIBRgEoAY3gAe3957FAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEJr9AtIICQiA4YAQEAEYH4AKAcgLAdgTAtAVAYAXAbIXHAoaCAASFHB1Yi0yNjEyNjQ2ODM0Njg5ODU5GAA&sigh=a54uV0_BuQg&uach_m=[UACH]&template_id=492

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2612646834689859&output=html&h=90&slotname=7130229994&adk=1834998291&adf=3689938709&pi=t.ma~as.7130229994&w=660&lmt=1646359566&rafmt=11&psa=0&format=660x90&url=https%3A%2F%2Fcover.box3.net%2Findex.php&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646359566218&bpp=2&bdt=282&idt=171&shv=r20220302&mjsv=m202202280101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C660x280&correlator=2429559766634&frm=20&pv=1&ga_vid=1777689329.1646359566&ga_sid=1646359566&ga_hid=2144191766&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=394&ady=915&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C21066430&oid=2&pvsid=3581939701936144&pem=916&tmod=1125180866&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CapeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=DHE3m7YNdZ&p=https%3A//cover.box3.net&dtd=174
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 04 Mar 2022 02:06:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9570 143 B
163 B 42ms
41ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2612646834689859&output=html&h=90&slotname=7130229994&adk=1834998291&adf=3689938709&pi=t.ma~as.7130229994&w=660&lmt=1646359566&rafmt=11&psa=0&format=660x90&url=https%3A%2F%2Fcover.box3.net%2Findex.php&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646359566218&bpp=2&bdt=282&idt=171&shv=r20220302&mjsv=m202202280101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C660x280&correlator=2429559766634&frm=20&pv=1&ga_vid=1777689329.1646359566&ga_sid=1646359566&ga_hid=2144191766&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=394&ady=915&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C21066430&oid=2&pvsid=3581939701936144&pem=916&tmod=1125180866&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CapeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=DHE3m7YNdZ&p=https%3A//cover.box3.net&dtd=174

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Fri, 04 Mar 2022 02:04:58 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 68
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 8BA0 15 KB
16 KB 154ms
36ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400&lang=de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 18:59:49 GMT
x-content-type-options: nosniff
age: 198378
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 01 Mar 2023 18:59:49 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220301/r20110914/client/ Frame A7A2 2 KB
904 B 39ms
39ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220301/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 01:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 965
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Mar 2022 01:50:02 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A7A2 0
0 95ms
94ms Fetch
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=COfoRDnQhYoP7GuSK7_UP44aewAv6xPDdY-Sq5LTsDbD0lJhDEAEg8MC2B2CV4pCCoAegAefQj4oDyAEJqQJKaRKsb5GyPqgDAcgDywSqBOMBT9BiyWzXqfBNdjZ4oSo9ytBD87j4SlqqB-Var_bPNASXids2J3LYhqZY976bCs8dGTyJd3vuHNQ-tzNyu3YpEARNFOHs_rxokI0YhZXo5hpNATGpSQe5sm9xGXAYWesSHQyErM4YPhzRQ9bM7I1Wq9OQhr28fyd7Dc1Ln10QNVn_PCqgKhEX95IO9MBQSg40p_IcqwzPorttLKNVELc_MaAzr41btSaYPw8oB5zQdKzRe6lb_E66geCS-O4EBKLyCkTm3dGYvBkiLkT2nuHWQ6jkSfAH3Puz-HbaYYkjeSIVFebABPbCqPXLA5IFBAgEGAGSBQQIBRgEoAYugAeBr_B1qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQy58R0ggJCIDhgBAQARgfgAoByAsB2BMNiBQB0BUBgBcBshccChoIABIUcHViLTI2MTI2NDY4MzQ2ODk4NTkYAA&sigh=326E9UQU5-Y&uach_m=[UACH]&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2612646834689859&output=html&h=280&slotname=6012589442&adk=2661501742&adf=3100471964&pi=t.ma~as.6012589442&w=660&fwrn=4&fwrnh=100&lmt=1646359566&rafmt=1&psa=0&format=660x280&url=https%3A%2F%2Fcover.box3.net%2Findex.php&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1646359566217&bpp=1&bdt=281&idt=165&shv=r20220302&mjsv=m202202280101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&correlator=2429559766634&frm=20&pv=1&ga_vid=1777689329.1646359566&ga_sid=1646359566&ga_hid=2144191766&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=394&ady=143&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531397%2C44750773%2C21066430&oid=2&pvsid=3581939701936144&pem=916&tmod=1125180866&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CapeE%7C&abl=CA&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=HvwCyjOmME&p=https%3A//cover.box3.net&dtd=169
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 04 Mar 2022 02:06:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220301/r20110914/ Frame A7A2 19 KB
8 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220301/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d67c6a30bbb9f841e5fc883687b07ecbd33f0292c148b0b6edf499de0e742a6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 01:25:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2449
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7872
x-xss-protection: 0
server: cafe
etag: 15461303091586157378
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Mar 2022 01:25:18 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220301/r20110914/client/ Frame A7A2 2 KB
1 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220301/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 00:36:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5352
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Mar 2022 00:36:55 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A7A2 124 KB
38 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ded445534230fe3d1274bd48ed100b17ea890a65d5c0250172369a5b522f3ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 02:06:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38860
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646224922100600"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 04 Mar 2022 02:06:07 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220301/r20110914/client/ Frame A7A2 15 KB
6 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220301/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d054377044014c1069958d9c610330164f05edbf091b2be9b6be60dc4f043494

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 00:37:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5311
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6417
x-xss-protection: 0
server: cafe
etag: 10598556267281433416
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Mar 2022 00:37:36 GMT

GET
H2 200 1983f1322954a331c3caffc9609329fe.js Show response
www.gstatic.com/mysidia/ Frame A7A2 28 KB
12 KB 143ms
41ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1983f1322954a331c3caffc9609329fe.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e467a852274fd7613b82065c6c7bf66198fe3a8629d1a40ad9a58ea69dc0dc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 06:25:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 157262
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11765
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 01:32:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 31 May 2022 06:25:05 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/17791321846751189640/ Frame A7A2 4 KB
4 KB 41ms
40ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17791321846751189640/downsize_200k_v1?w=200&h=200

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0cf384f995c01973bc7d989d70bbea2610ec7aefb4c3434cc7473df36d716bbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 23:03:57 GMT
x-content-type-options: nosniff
age: 270130
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4398
x-xss-protection: 0
last-modified: Mon, 25 Jan 2021 21:55:04 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 28 Feb 2023 23:03:57 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/11978677748569839347/ Frame A7A2 11 KB
11 KB 44ms
43ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11978677748569839347/downsize_200k_v1?w=600&h=314

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

030c4e3248fa3423bbb9fe14597eb57709f01771fcb1ab5a2b60e2a343aadf6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 23:03:53 GMT
x-content-type-options: nosniff
age: 270134
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11440
x-xss-protection: 0
last-modified: Mon, 29 Mar 2021 18:08:58 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 28 Feb 2023 23:03:53 GMT

GET
DATA 200
OK truncated
/ Frame A7A2 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202280101/ 151 KB
54 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202280101/reactive_library_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

570a8cd6bf08f0f74084758fe0c71d3fa0d52c4d6dbf44cfcf18fc243f95687a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cover.box3.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 02:06:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55065
x-xss-protection: 0
server: cafe
etag: 1745213629130049695
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 04 Mar 2022 02:06:07 GMT

GET
DATA 200
OK truncated
/ Frame 8BA0 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7f6df14924c6ba912758e873cd48fd23eded4f48016be2ec89a409f170e91768

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9570
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

56ms
55ms

Document
text/html

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 04 Mar 2022 02:06:07 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 04 Mar 2022 02:06:07 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 04 Mar 2022 02:06:07 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 99ms
49ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=cover.box3.net

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cover.box3.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Mar 2022 02:06:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 99ms
49ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cover.box3.net

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cover.box3.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Mar 2022 02:06:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/ Frame 4611 10 KB
4 KB 40ms
39ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cover.box3.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Thu, 03 Mar 2022 04:07:23 GMT
expires: Thu, 17 Mar 2022 04:07:23 GMT
cache-control: public, max-age=1209600
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
age: 79124
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/ Frame 6B23 10 KB
4 KB 39ms
38ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cover.box3.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Thu, 03 Mar 2022 04:07:23 GMT
expires: Thu, 17 Mar 2022 04:07:23 GMT
cache-control: public, max-age=1209600
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
age: 79124
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame A7A2 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0dc12c7909967516c62f1fa5dbe1469b88f9222733bd94f8d1c427c77fbc1f55

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame A7A2 15 KB
15 KB 84ms
39ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 20:07:55 GMT
x-content-type-options: nosniff
age: 194292
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 01 Mar 2023 20:07:55 GMT

GET
H3 200 nqw9n8Q7ZgUQXaeEyqlQgfSoiWvYVLzKil4oLL1-OrQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 2AD8 35 KB
13 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/nqw9n8Q7ZgUQXaeEyqlQgfSoiWvYVLzKil4oLL1-OrQ.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9eac3d9fc43b6605105da784caa95081f4a8896bd854bcca8a5e282cbd7e3ab4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 20:26:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20406
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13737
x-xss-protection: 0
last-modified: Thu, 24 Feb 2022 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 Mar 2023 20:26:01 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame 4611 4 KB
634 B 51ms
50ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 00:09:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 04 Mar 2022 02:06:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 04 Mar 2022 02:06:07 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4611 205 B
229 B 95ms
46ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 01:46:11 GMT
x-content-type-options: nosniff
age: 1196
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 04 Mar 2023 01:46:11 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4611 604 B
628 B 94ms
46ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 17:19:11 GMT
x-content-type-options: nosniff
age: 31616
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 03 Mar 2023 17:19:11 GMT

GET
H3 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220301/r20110914/elements/html/ Frame 4611 19 KB
8 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220301/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a25197dc637fcb41e8d3133cfed0573116c8a1618922454e6c13833754a161e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 01:21:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2651
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8378
x-xss-protection: 0
server: cafe
etag: 16647736096342315519
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Mar 2022 01:21:56 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6B23 0
0 166ms
62ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuJ8BlGObLp781cy4n1oyUhWxuREyn4jmzJ_Nf3ooJzTqaNe56hbS2PZ18JLgqAP59_4c7lPvVjyt_kJxSDLmQ6QmDpxbMxoQvsOvAStxURRdPtUANBOKco2D2t-7g5LUBL6_2aI2r2aIBMKFY0yLbDf-KOjFq0fxhchFBHv5XSV4T-I4VA440y2ZtBh_pFM59XQi5NkL63Fz0OtZP12O6ZaZH3780rlo7uW_hJ4ExWpToSpqkv9y4yJtv0Yqbb9qXA_0Neb6yy1SeNQLnH0pKDPJzT0eX5T5HF_Uf-rFUhtVIrcAjy3Jarg2icJW6ziTyZh_Epjg-W4jPQOj-d9YSIjZelL_YxdqhX9xnZeNHq2v7Ok3nJj8wA9-x9qLkdEvR1OiPAHPmvHdjP6CJJgEE8WffmHSEhXuc1X23EZsFC7E3tBgnFU0buATYairN6qe_YFiq2K7y9Rzb9JSH9_6W54iHBxH7KFbRdxeyYKFwodvBFzC16E-uS-zye9mwPxb4l-uxDXYTddg1Djy9XMQYvEehl26Y7F2bxTWhuvYHK6Cr1BBrIt1pfVjHN7LrK_j07wboCdSEP_p5ApClpny_3BUshKMVxzNrD_SMcG-fNagSgVz3fRi4aCEWVOGggspGoDgzPi3Pq9wR8FI-q8bZvrEVUGI4PthU4RmgM7YtGlrF5AwoqSiGGXJSvrV6C60CS-n8ugV703THp3s7IXBz-9xaICzSUsPjA3h7t_6YRY8dSryIQLHiSEGpnwSlEn-Y63swcnftCvYoFw5xmSDd0ezJxs0G0mo-qPCM-CrJW342eXBN7j8_FYoga0RwSGDUc6FbZoKddQwhmsYAK3nTMu-RJW17KXX7_c-Kz3TwNUwG6YW5ApPH_tfgyq6fsdmqTcqQ_7rn089oBZ6-VQihaWKKeiPYFfayzQE2pmBZGA6mgUvUxkeTTNpPWym669Z8LB2_0OkC3FjrzncBP_HNReMqTVyQijZDcA8dv4Ijsca_6&sai=AMfl-YTKRTUPnlFUjsnuMBqcIoKIu2ffodxTX3FVntU0yWHWJzySxH0yMDcjnQ&sig=Cg0ArKJSzOLgNVEQFggXEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=

Requested by

Host: cover.box3.net
URL: https://cover.box3.net/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Fri, 04 Mar 2022 02:06:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 6B23 41 KB
15 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: cover.box3.net
URL: https://cover.box3.net/index.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 16:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35812
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Mar 2023 16:09:15 GMT

GET
H3 200 m_js_controller_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220301/r20110914/client/ Frame 6B23 32 KB
13 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220301/r20110914/client/m_js_controller_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bed9b4262d2ff6c062498919f5b33aa10d8b66eb940e14e8e439cbeeda5fcf4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 00:10:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6944
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13100
x-xss-protection: 0
server: cafe
etag: 1410534053808292774
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Mar 2022 00:10:23 GMT

GET
H2 200 6203344233233535073
s0.2mdn.net/simgad/ Frame 6B23 12 KB
13 KB 174ms
38ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/6203344233233535073

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4f2f49549fbb5721574523e7861740eac3ce89da67816caeac20aa96ff84ee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 06:27:00 GMT
x-content-type-options: nosniff
age: 502747
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12298
x-xss-protection: 0
last-modified: Tue, 03 Aug 2021 22:12:28 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 26 Feb 2023 06:27:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220301/r20110914/client/ Frame 6B23 2 KB
1 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220301/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 00:36:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5352
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Mar 2022 00:36:55 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6B23 124 KB
38 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ded445534230fe3d1274bd48ed100b17ea890a65d5c0250172369a5b522f3ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 02:06:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38860
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646224922100600"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 04 Mar 2022 02:06:07 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220301/r20110914/client/ Frame 6B23 15 KB
6 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220301/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d054377044014c1069958d9c610330164f05edbf091b2be9b6be60dc4f043494

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 00:37:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5311
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6417
x-xss-protection: 0
server: cafe
etag: 10598556267281433416
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Mar 2022 00:37:36 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220301/r20110914/ Frame 6B23 19 KB
8 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220301/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d67c6a30bbb9f841e5fc883687b07ecbd33f0292c148b0b6edf499de0e742a6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 01:25:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2449
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7872
x-xss-protection: 0
server: cafe
etag: 15461303091586157378
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Mar 2022 01:25:18 GMT

GET
H3 200 nqw9n8Q7ZgUQXaeEyqlQgfSoiWvYVLzKil4oLL1-OrQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 31A0 35 KB
13 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/nqw9n8Q7ZgUQXaeEyqlQgfSoiWvYVLzKil4oLL1-OrQ.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9eac3d9fc43b6605105da784caa95081f4a8896bd854bcca8a5e282cbd7e3ab4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 20:26:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20406
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13737
x-xss-protection: 0
last-modified: Thu, 24 Feb 2022 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 Mar 2023 20:26:01 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 4525 8 KB
892 B 49ms
49ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 02:04:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 04 Mar 2022 02:06:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 04 Mar 2022 02:06:07 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220301/r20110914/client/ Frame 4525 2 KB
904 B 37ms
36ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220301/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 01:50:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 965
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Mar 2022 01:50:02 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220301/r20110914/ Frame 4525 19 KB
8 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220301/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d67c6a30bbb9f841e5fc883687b07ecbd33f0292c148b0b6edf499de0e742a6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 01:25:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2449
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7872
x-xss-protection: 0
server: cafe
etag: 15461303091586157378
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Mar 2022 01:25:18 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220301/r20110914/client/ Frame 4525 2 KB
1 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220301/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 00:36:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5352
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Mar 2022 00:36:55 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4525 124 KB
38 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ded445534230fe3d1274bd48ed100b17ea890a65d5c0250172369a5b522f3ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 02:06:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38860
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646224922100600"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 04 Mar 2022 02:06:07 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220301/r20110914/client/ Frame 4525 15 KB
6 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220301/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d054377044014c1069958d9c610330164f05edbf091b2be9b6be60dc4f043494

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 00:37:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5311
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6417
x-xss-protection: 0
server: cafe
etag: 10598556267281433416
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Mar 2022 00:37:36 GMT

GET
H3 200 35849274faa25b88196bf3c3ff2d72d2.js Show response
www.gstatic.com/mysidia/ Frame 4525 28 KB
12 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/35849274faa25b88196bf3c3ff2d72d2.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e4b4d396700e065d5d37bde974840cf2bf19565f8450785f0a869079b86bce9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 10:13:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57157
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11831
x-xss-protection: 0
last-modified: Thu, 03 Mar 2022 10:04:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 01 Jun 2022 10:13:30 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 5F37 22 KB
8 KB 37ms
37ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Mar 2022 16:09:16 GMT
expires: Fri, 03 Mar 2023 16:09:16 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 35811
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 6B23 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ed660a598bae01981adf6a51f58f7d495f5484f62cbadfb118736e4daa311bb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 nqw9n8Q7ZgUQXaeEyqlQgfSoiWvYVLzKil4oLL1-OrQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 7AD0 35 KB
13 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/nqw9n8Q7ZgUQXaeEyqlQgfSoiWvYVLzKil4oLL1-OrQ.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9eac3d9fc43b6605105da784caa95081f4a8896bd854bcca8a5e282cbd7e3ab4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 20:26:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20406
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13737
x-xss-protection: 0
last-modified: Thu, 24 Feb 2022 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 Mar 2023 20:26:01 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FEB7 143 B
163 B 39ms
39ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Fri, 04 Mar 2022 02:04:58 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 69
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 nqw9n8Q7ZgUQXaeEyqlQgfSoiWvYVLzKil4oLL1-OrQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 5F37 35 KB
13 KB 39ms
36ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/nqw9n8Q7ZgUQXaeEyqlQgfSoiWvYVLzKil4oLL1-OrQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9eac3d9fc43b6605105da784caa95081f4a8896bd854bcca8a5e282cbd7e3ab4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 20:26:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20406
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13737
x-xss-protection: 0
last-modified: Thu, 24 Feb 2022 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 Mar 2023 20:26:01 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
10 KB 103ms
56ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220302&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1af99553c6a9614ee2f476fea82aead45004414ec8c22630582bb655e12a495f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cover.box3.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Mar 2022 02:06:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10491
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FEB7
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

66ms
66ms

Document
text/html

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220302/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 04 Mar 2022 02:06:07 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 04 Mar 2022 02:06:07 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 04 Mar 2022 02:06:07 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 nqw9n8Q7ZgUQXaeEyqlQgfSoiWvYVLzKil4oLL1-OrQ.js Show response
pagead2.googlesyndication.com/bg/ Frame D2D8 35 KB
13 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/nqw9n8Q7ZgUQXaeEyqlQgfSoiWvYVLzKil4oLL1-OrQ.js

Requested by

Host: cover.box3.net
URL: https://cover.box3.net/index.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9eac3d9fc43b6605105da784caa95081f4a8896bd854bcca8a5e282cbd7e3ab4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 20:26:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20406
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13737
x-xss-protection: 0
last-modified: Thu, 24 Feb 2022 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 Mar 2023 20:26:01 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cover.box3.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 02:06:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 04 Mar 2022 02:06:07 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C542 13 KB
5 KB 37ms
36ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cover.box3.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Mar 2022 23:25:04 GMT
expires: Fri, 03 Mar 2023 23:25:04 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 9663
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame FA05 783 B
533 B 49ms
49ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7a51274c710a4c0dc84dfe33eb2581624e48a92babe7ba927ac527868e477445

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-le0e6nEV/DFSucnqbZ8/Ew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cover.box3.net/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 04 Mar 2022 02:06:07 GMT
date: Fri, 04 Mar 2022 02:06:07 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-le0e6nEV/DFSucnqbZ8/Ew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5F37 0
20 B 75ms
74ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BWUbcDnQhYt7vGr-K7_UP1N-ugAMAAAAAOAHgBAI&bg=!CAulC0_NAAYFuXAgBbk7ACkAdvg8Wof8Rgv3uCxuVYacL0nJ990oPd_NQXRi_H31nZe5UU-UIPtSFQIAAACfUgAAAANoAQcKAJrZTzOKxVeaQZPe9CZJ2l9vBp4XT19uTcuX7iN7lmqco0Lmae8rNan6Sphyw873UxGAo1WD5nOjZrNHwljCe9yftoM0hz6A-xAg-RxBTwKa5DPaHQn39z6BxyJPftPNV2B7asETIN8evfKMjhz9DUN30hM7AmeBO2iDdWKyR9PlxlsuwpugPua-mW9geof-3bTDNLDs2XjzIiYbmQLTyV94eikk0ecwOxVT-oMy1JgTHorrOTRchC9t_6r60gLG8C21jBMOKLpMKksyJcQD2ksUp8ApLNVJN94DZvMNmAA_angrBwGbXVzp4YneSUalPy8X8qfeyoXQoM1Bb0NE2SQJO7jOKgNrAP2fbq2Y0ZP4hL5s-uBtrItteGH2aCG0DNlHEwapbEum5ynp8wzoRd2Y4_0HkG__cyvR9gRpEZCzJgAsXbTHJmww0Za8ZpZghRxCrKxtma3ooRgV__ZGEtVQS2dOzXnk6eeonnL1YJvorf2XXE6q7q6rI1yVjJSxm4phNlYNZs0Icv7QeZYYDb-7U8tfyxcrqrLQBZNdGdtC0R3bodJveHgJvj_qFun_i-8Zxq3lYqsvqrl0ExyMgBanl4VrRNauVVYRo_VYuWfswk9vhOrm4gW0FSVJGkzcbMT94DuKx8NYe70AbKUJveG-b8mDZ-4NLDG5iHjuuqNwp2FulS2BCEJ8tf4AlYIc72rSkNd0f0jFnWQV81sP5jWnaeIdCbC07-8DvGuHE8MPGTT3Jxdj-3s3dYQdNx91onQOP9dbWwihZKprL8vYLp8GYfa3pgoydJ-jdvHSWzfDr0ERyMUclEXVVMNciiB6CjbhsT2jnWFd0k9ZaMIboSrMcOZJ9mblKc-86uNoZGGkJltoN2CXcljwGz-aTigdoxrdf94DyN6B_oVdRAto8KBVTQ6NHGe0ZNt-kiRhDPGkUPlVLJDZex-7YY9VQ_vzz2fCO0fsa31F49KsM5fkaEu1G27T5SU_ZGmYc5wy-yUxqV2OGSuuvVvq1j1qIg6rJ47iu1kjk_wdTgqNEMdqDxSmPdLaMo6gRFM_6E3hDV_lQ4eTTYCMFKnPlHNp2190QisOW4MvG_4MR9ThstP91D_Nsa91fqiCr1Q3sMQj0gQ1gDJeh_CasO6OnaAQsnfuiWNdIyOhw1et2x-6pupebFKg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Mar 2022 02:06:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 wpnNdEHEE-H-HWkGYo82vcEULjX7WQfOj--jYhPbLdo.js Show response
pagead2.googlesyndication.com/bg/ Frame C542 35 KB
13 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wpnNdEHEE-H-HWkGYo82vcEULjX7WQfOj--jYhPbLdo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c299cd7441c413e1fe1d6906628f36bdc1142e35fb5907ce8fefa36213db2dda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 21:00:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 104760
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13712
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 21:00:07 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame FA05 0
0 55ms
55ms Image
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220302&jk=3581939701936144&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EAE4 42 B
64 B 75ms
74ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsumx4N8GtUuJU658y_Mn_FTDhbzTaeXb9Qu4sfGHe5Lt2veSWNQe1QmgPhlD3oYzEvPObhPjrF_3EX4R0f1um5JOIZI7J0Oog2YAHn5FfH17jJ8IfiwtA&sai=AMfl-YTgTICLYSHxY5eoArvSNGwItE3HbVUx7_zZmN-Ajw-OOLrCQCAqVa147uhdHlMzh3zxhxhORdsBZYwe&sig=Cg0ArKJSzH4Yl0cy_BkCEAE&id=lidar2&mcvt=1001&p=0,0,600,160&mtos=0,1001,1001,1001,1001&tos=0,1001,0,0,0&v=20220302&bin=7&avms=nio&bs=0,0&mc=0.92&if=1&app=0&itpl=4&adk=659777109&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1646359566368&rpt=496&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Mar 2022 02:06:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C542 0
9 B 36ms
36ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?8eSxWQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 02:06:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8BA0 42 B
64 B 75ms
75ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsts1rki9UHdhI_CfzyEYCYywRuPCkyMqnBXjLYDq-pl_phvmhlHdK-gdFMyMnuN_XjS-LTZ_gOftFHY7fPjmJITyrEMBWT4wazc8o4AWYeBfo0Jpgv1pw&sai=AMfl-YSZUtaWfqYz5j6WnDSMK1pDEhaYKRIbSaUokGNhIaYK1iJkVhwrS0kQDd4aTQPotj0QDUt2ocU6Lqdy&sig=Cg0ArKJSzNx-EcBjRYFMEAE&id=lidar2&mcvt=1000&p=0,0,180,660&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20220302&bin=7&avms=nio&bs=0,0&mc=0.5&if=1&app=0&itpl=14&adk=1834998291&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1646359566393&rpt=659&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Mar 2022 02:06:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A7A2 42 B
64 B 75ms
75ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssgAtK-ZRjCSbh3ZEYitEtDLOitHdc0gMuC6ExgVHoXPMa9IPGIWVxa3k0dd-MwviTcKO63skrmDh-QL45wCbS23qkLQT-grE7FJ56ZceUgc2-5ZA-k_Q&sai=AMfl-YTCeq6T9BRh40BjdIdDlWyhn6q6oB4QbpjPSb2vwQQgfurzQHMB8TKPwjDUX7kvMvq92c4RGOExGIr-&sig=Cg0ArKJSzGtyJn7n5_IzEAE&id=lidar2&mcvt=1001&p=0,0,280,660&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220302&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=2661501742&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1646359566387&rpt=949&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Mar 2022 02:06:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 76ms
75ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220302&jk=3581939701936144&bg=!DwylDEjNAAb7UztL-1M7ACkAdvg8WpzyEAXQXteN3EEEoRACjnE4KiYcmSCnVgCjSafF1yWtGXC8twIAAABXUgAAAANoAQcKALdhGZI7k60RJFMAyE6ww717CLgoEbKcxGZGQ_4i1GAVeciAt6EPbr-GGsGFY4aRASN4KiXvi7bu1vrqlRrBctGfAtOmNcENMRzTmPfki_3Zw3-M-Sb9DbEDU2gDP06RBYYfr6VuswW9J-UQtpg60CeRcCwNwLntdhmafkNbb9SVbYJvkeQumas4FBJCrjsuSOXw2shU3GBBVv0AEJl7BmNjJ7I1a_0sy_XZl35aO9DMoE5UCe9YiOGZApoNiOizU1M1eAPZHB97Smz2EqDGbZKZ9pzEo87nMjq_wyKSYWm2-9Kz789FI-tTEzOQ1dj_OiNrzJ2VCPyaNZxev9sc1Pd_6XtYcw_YxDJvsFC8ey1woaSMr8uZIo6S8Xkm0Xa3hu0NSQ39yTEzt9uTevlPT2yhANX-_dQ7t3bwEJgMlvgai_CoGTzhnd5U20Ehz7h6GUwPOlOYXUYhoXG1KfxKQaLrOdgvye3Z8_NpsayRYZtBJkLxeJZ2XyeBftWvn7x0fl5Z3W0XKjsUdn0LtlTiqX-gKkO1BcUW5PUOA7s-eX22fVocRCID6J0lYpm-KukvlhupQyBO3iuTH5twgRIXhbQj-aSOwWl_eW3ykFJ1YHZLB9h5Teh9W2oKKL4jXf-CdX-zyu1Vlj4hfAOUe_-P4OljN1FRcpRjSh3_OimfsHYJwi_E8fK3lSOKW9WJQvwR_lRhM_zbBUvtLkYQ4Tv2sCuLwWU7Lu2wj8zjh9RgSguJ34fnaGxowwz8z-ZCjxxK3T138appFI1gLjIu-WvFoqRrpY5fpCTLwrcestqEL2SbXL_Ltce5eA5iPRbWOOD5jatvylGuayiXvAYfQrYgHn4Ho3nutbrP6VKb4QPOTWMmGFaeLuK0kMjyAFnSdN25ds28G8-Nb6CQgCVhsgP59jU45dTDer21NJQ0Ym3C1qFdgQsfCCGHziIWwxQDgRJrgaOxoje1tktsjLI1BFjIw_opD3FsGczy7MY7wUWArep8ButGKD5kZr0UhAABRffn3HOGhmv8d_kVPjeN6tX-0T5074nnLySeo-xG_sRQuH61LZwCwu6gLNbt9op4h-a0nSXnDAy_CbYaxc_tFu3aITHBU5XdKUmlr7bOQP3ChwlxaqvOulI

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cover.box3.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Mar 2022 02:06:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6B23 42 B
64 B 73ms
73ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssjA8EEgKcWgqURjvuTsE5CUqbwsw62OCjUoujxpVrLc7Sh0g0QbiCbLwOuKC2UypCIU7wAF78YTGmR4ZKTPwbjfrARuiK-R2DYDT0BjmNc92aV_XpQKRJPn8pb-PjqwdKuOWbgCar-So2AlawjvKbW4E6EHJuIYFGGW_9PDtSIjg&sai=AMfl-YQ-KAer2oxQxto7T26mCuL1WDGQIfD9ylsH6zCeRzbm7LFIad0L9aHiuN_7RAHLtbGQKUdw5B0o98GE&sig=Cg0ArKJSzJidW-iRoDwqEAE&id=lidar2&mcvt=1000&p=0,1,124.25,1006&mtos=0,780,1000,1160,1160&tos=0,780,220,160,0&v=20220302&bin=7&avms=nio&bs=0,0&mc=0.76&if=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1646359567143&rpt=262&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Mar 2022 02:06:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
cover.box3.net/	1969-12-31 23:59:59	Name: easydat Value: 1646359565
.box3.net/	1970-01-20 18:50:31	Name: _ga Value: GA1.2.1777689329.1646359566
.box3.net/	1970-01-20 01:20:45	Name: _gid Value: GA1.2.491645737.1646359566
.box3.net/	1970-01-20 01:19:19	Name: _gat Value: 1
.box3.net/	1970-01-20 10:40:55	Name: __gads Value: ID=d07c855893cc4135-22ce5d6953cd0041:T=1646359566:RT=1646359566:S=ALNI_MbY5AmOeTS4uBhiKby1cFhSEwtE6w
.doubleclick.net/	1970-01-20 10:40:55	Name: IDE Value: AHWqTUkNXM7HlPjhppQKYk89W2mi5RbKN9Y61vRD4Mm08tMjSWnjtn0xPIHc3UcsSjc
.doubleclick.net/	1970-01-20 01:19:23	Name: DSID Value: NO_DATA

32 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://cover.box3.net/index.php Message: Mixed Content: The page at 'https://cover.box3.net/index.php' was loaded over HTTPS, but requested an insecure element 'http://cover.box3.net/newsimg/dvdmov/th1646299422-front-cover.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://cover.box3.net/index.php Message: Mixed Content: The page at 'https://cover.box3.net/index.php' was loaded over HTTPS, but requested an insecure element 'http://cover.box3.net/newsimg/dvdmov/th1646294829-front-cover.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://cover.box3.net/index.php Message: Mixed Content: The page at 'https://cover.box3.net/index.php' was loaded over HTTPS, but requested an insecure element 'http://cover.box3.net/newsimg/dvdmov/th1646294807-front-cover.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://cover.box3.net/index.php Message: Mixed Content: The page at 'https://cover.box3.net/index.php' was loaded over HTTPS, but requested an insecure element 'http://cover.box3.net/newsimg/dvdmov/th1646293807-front-cover.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://cover.box3.net/index.php Message: Mixed Content: The page at 'https://cover.box3.net/index.php' was loaded over HTTPS, but requested an insecure element 'http://cover.box3.net/newsimg/dvdmov/th1646342637-front-cover.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://cover.box3.net/index.php Message: Mixed Content: The page at 'https://cover.box3.net/index.php' was loaded over HTTPS, but requested an insecure element 'http://cover.box3.net/newsimg/dvdmov/th1646290161-front-cover.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://cover.box3.net/index.php Message: Mixed Content: The page at 'https://cover.box3.net/index.php' was loaded over HTTPS, but requested an insecure element 'http://cover.box3.net/newsimg/dvdmov/th1646290075-front-cover.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://cover.box3.net/index.php Message: Mixed Content: The page at 'https://cover.box3.net/index.php' was loaded over HTTPS, but requested an insecure element 'http://cover.box3.net/newsimg/dvdmov/th1646289995-front-cover.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://cover.box3.net/index.php Message: Mixed Content: The page at 'https://cover.box3.net/index.php' was loaded over HTTPS, but requested an insecure element 'http://cover.box3.net/newsimg/dvdmov/th1644982547-front-cover.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://cover.box3.net/index.php Message: Mixed Content: The page at 'https://cover.box3.net/index.php' was loaded over HTTPS, but requested an insecure element 'http://cover.box3.net/newsimg/dvdmov/th1635495291-front-cover.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://cover.box3.net/index.php Message: Mixed Content: The page at 'https://cover.box3.net/index.php' was loaded over HTTPS, but requested an insecure element 'http://cover.box3.net/newsimg/dvdmov/th1635478855-front-cover.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://cover.box3.net/index.php Message: Mixed Content: The page at 'https://cover.box3.net/index.php' was loaded over HTTPS, but requested an insecure element 'http://cover.box3.net/newsimg/dvdmov/th1632666838-front-cover.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://cover.box3.net/index.php Message: Mixed Content: The page at 'https://cover.box3.net/index.php' was loaded over HTTPS, but requested an insecure element 'http://cover.box3.net/newsimg/dvdmov/th1643120256-front-cover.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://cover.box3.net/index.php Message: Mixed Content: The page at 'https://cover.box3.net/index.php' was loaded over HTTPS, but requested an insecure element 'http://cover.box3.net/newsimg/dvdmov/th1638985577-front-cover.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://cover.box3.net/index.php Message: Mixed Content: The page at 'https://cover.box3.net/index.php' was loaded over HTTPS, but requested an insecure element 'http://cover.box3.net/newsimg/dvdmov/th1630056305-front-cover.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://cover.box3.net/index.php Message: Mixed Content: The page at 'https://cover.box3.net/index.php' was loaded over HTTPS, but requested an insecure element 'http://cover.box3.net/newsimg/dvdmov/th1630055963-front-cover.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://cover.box3.net/index.php(Line 156) Message: Mixed Content: The page at 'https://cover.box3.net/index.php' was loaded over HTTPS, but requested an insecure element 'http://cover.box3.net/newsimg/dvdmov/th1646299422-front-cover.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://cover.box3.net/index.php(Line 156) Message: Mixed Content: The page at 'https://cover.box3.net/index.php' was loaded over HTTPS, but requested an insecure element 'http://cover.box3.net/newsimg/dvdmov/th1646294829-front-cover.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://cover.box3.net/index.php(Line 156) Message: Mixed Content: The page at 'https://cover.box3.net/index.php' was loaded over HTTPS, but requested an insecure element 'http://cover.box3.net/newsimg/dvdmov/th1646294807-front-cover.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://cover.box3.net/index.php(Line 156) Message: Mixed Content: The page at 'https://cover.box3.net/index.php' was loaded over HTTPS, but requested an insecure element 'http://cover.box3.net/newsimg/dvdmov/th1646293807-front-cover.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://cover.box3.net/index.php(Line 168) Message: Mixed Content: The page at 'https://cover.box3.net/index.php' was loaded over HTTPS, but requested an insecure element 'http://cover.box3.net/newsimg/dvdmov/th1646342637-front-cover.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://cover.box3.net/index.php(Line 168) Message: Mixed Content: The page at 'https://cover.box3.net/index.php' was loaded over HTTPS, but requested an insecure element 'http://cover.box3.net/newsimg/dvdmov/th1646290161-front-cover.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://cover.box3.net/index.php(Line 180) Message: Mixed Content: The page at 'https://cover.box3.net/index.php' was loaded over HTTPS, but requested an insecure element 'http://cover.box3.net/newsimg/dvdmov/th1646290075-front-cover.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://cover.box3.net/index.php(Line 180) Message: Mixed Content: The page at 'https://cover.box3.net/index.php' was loaded over HTTPS, but requested an insecure element 'http://cover.box3.net/newsimg/dvdmov/th1646289995-front-cover.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://cover.box3.net/index.php(Line 180) Message: Mixed Content: The page at 'https://cover.box3.net/index.php' was loaded over HTTPS, but requested an insecure element 'http://cover.box3.net/newsimg/dvdmov/th1644982547-front-cover.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://cover.box3.net/index.php(Line 180) Message: Mixed Content: The page at 'https://cover.box3.net/index.php' was loaded over HTTPS, but requested an insecure element 'http://cover.box3.net/newsimg/dvdmov/th1635495291-front-cover.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://cover.box3.net/index.php(Line 180) Message: Mixed Content: The page at 'https://cover.box3.net/index.php' was loaded over HTTPS, but requested an insecure element 'http://cover.box3.net/newsimg/dvdmov/th1635478855-front-cover.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://cover.box3.net/index.php(Line 180) Message: Mixed Content: The page at 'https://cover.box3.net/index.php' was loaded over HTTPS, but requested an insecure element 'http://cover.box3.net/newsimg/dvdmov/th1632666838-front-cover.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://cover.box3.net/index.php(Line 180) Message: Mixed Content: The page at 'https://cover.box3.net/index.php' was loaded over HTTPS, but requested an insecure element 'http://cover.box3.net/newsimg/dvdmov/th1643120256-front-cover.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://cover.box3.net/index.php(Line 180) Message: Mixed Content: The page at 'https://cover.box3.net/index.php' was loaded over HTTPS, but requested an insecure element 'http://cover.box3.net/newsimg/dvdmov/th1638985577-front-cover.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://cover.box3.net/index.php(Line 309) Message: Mixed Content: The page at 'https://cover.box3.net/index.php' was loaded over HTTPS, but requested an insecure element 'http://cover.box3.net/newsimg/dvdmov/th1630056305-front-cover.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://cover.box3.net/index.php(Line 309) Message: Mixed Content: The page at 'https://cover.box3.net/index.php' was loaded over HTTPS, but requested an insecure element 'http://cover.box3.net/newsimg/dvdmov/th1630055963-front-cover.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cover.box3.net
covers.box3.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
p4-fvyzqhgdvu72k-pgt2ut47hyagldsh-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
s0.2mdn.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
142.250.184.226
142.250.186.66
142.250.186.67
2a00:1450:4001:800::2002
2a00:1450:4001:808::2002
2a00:1450:4001:808::200e
2a00:1450:4001:810::2003
2a00:1450:4001:827::2003
2a00:1450:4001:829::2006
2a00:1450:4001:82a::2001
2a00:1450:4001:830::2002
2a00:1450:4001:830::200a
2a00:1450:4001:831::2002
2a00:1450:4001:831::2004
88.212.29.3
030c4e3248fa3423bbb9fe14597eb57709f01771fcb1ab5a2b60e2a343aadf6f
04861d6e075e670da56d904b8952789408e745b887b25fd0e11575d427daca87
050852539dc0c7186b0d275e3078a7bd631eb9f4024997a0106dc26565e614fc
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
0cf384f995c01973bc7d989d70bbea2610ec7aefb4c3434cc7473df36d716bbd
0d38b0fffa609e84a2b79651d38ee8262d6d552cdaf276d448fc43df28c4cff6
0dc12c7909967516c62f1fa5dbe1469b88f9222733bd94f8d1c427c77fbc1f55
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0ed660a598bae01981adf6a51f58f7d495f5484f62cbadfb118736e4daa311bb
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
15111ec003884a1081261bed747e563999872f0ed00d8253e155992189a0f25c
16673bf02d24dc2c07dca443a4fcb875437b7007da78c320661b7af39e14aa74
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18197854e41c5e9933f4385d1bf312f74c2a137ae4c26db50f7cef461e253fe7
184117892ec351cdea51c2205e363aeaf465056068966657db4df9793efcf4a2
1af99553c6a9614ee2f476fea82aead45004414ec8c22630582bb655e12a495f
1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726
23ab8152f996d10c8c4c05221f0fb6085e56c521d0a902c41d9c161b5700a72a
31fdd34f52c70d486d0c852bf86aaa35cbfd2def11920af03188d7fb7447b14c
33e0f071d15b93f6a6a4e588a0c6a07765ce2558f1bb4ea8a846e278bee4065a
3e4b4d396700e065d5d37bde974840cf2bf19565f8450785f0a869079b86bce9
424476ef90ebe0817a697e5bceb3bb28ae43f6d70237f767bde7c4c858bea55a
42e5e65ae9b6a0d95ecb7e01b3a0f9ab3f34e4dd785d6a5290279b44574f9c51
45e394a76ea282a012520e69a90f9d18ae4fd1077e8bac475b7f1258ed49b29b
4641a74bd87395f98c3f3ab7eeadd01ad6de177fc6d48bd3655dd094a8881184
4a59e270c2dcd30012ef1e00f2b372c306a08937f8ca59c21f3ce854dd7be7e7
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4ea2ace7a1ded2353ee5adbd79dfd131ebb004e54e932b6f103b43e3bae23499
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
522cbd772dd6a2a70507076c33e4246fabf7f4c88a70a8e3fc91e0140c6b72c6
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
570a8cd6bf08f0f74084758fe0c71d3fa0d52c4d6dbf44cfcf18fc243f95687a
5a48cecff62315bdba1d15da3d724b9042a536a1384f3696e47428dd3ee2c037
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
6ded445534230fe3d1274bd48ed100b17ea890a65d5c0250172369a5b522f3ba
7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7a51274c710a4c0dc84dfe33eb2581624e48a92babe7ba927ac527868e477445
7e467a852274fd7613b82065c6c7bf66198fe3a8629d1a40ad9a58ea69dc0dc4
7f6df14924c6ba912758e873cd48fd23eded4f48016be2ec89a409f170e91768
82df5178bd43b2abdb6acdc77da7e8d5dcf12c5ab192bf7aa1a7d57e95bec235
83abf48ae433cf670ab35054e110c3aeb7cb354a0e3670f8f9f8f33d113522d6
89d44cd7fa51c7804f5e43ed9eb6d80920d2390331703a749e2eac4751d2d762
8aed12b8b95a1d49011f3e134dc8e71804a3576818d1d1334145aaa96d71aa5e
9011dfa02d496feb2a5bfc3a84321a44dc4c357d04904ac9f59987a869062dd7
9056f089c4c55beff6a4c0fe7a33e08b6eb83b0954952231567660f763fd5fca
90e83d96519530127784a65db3eb92ee95bd158719dbd35ed018806b56de291f
9eac3d9fc43b6605105da784caa95081f4a8896bd854bcca8a5e282cbd7e3ab4
a02a569f5573bd082ad90d16774540fe529f759d5ed4f94c779c67e1720c4051
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a25197dc637fcb41e8d3133cfed0573116c8a1618922454e6c13833754a161e5
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4f2f49549fbb5721574523e7861740eac3ce89da67816caeac20aa96ff84ee9
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
b5a39beec63314b7359a69eed95be1c4b451c16382a97771e67294595fcf5077
b6f254f3fc33373058cb660f618926b06f84d4ecbdbcbf2a9c31683d02e6b703
bed9b4262d2ff6c062498919f5b33aa10d8b66eb940e14e8e439cbeeda5fcf4f
c299cd7441c413e1fe1d6906628f36bdc1142e35fb5907ce8fefa36213db2dda
c5d1851f7882a6a79b8cc8a0432607df50d1ac2e9e617763d4ac2c8c61204a8e
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cf183733b51b59a8928b7a2ab4e19f7bf5bc0137dfa7ae4e2ca2cc68f857fd20
d054377044014c1069958d9c610330164f05edbf091b2be9b6be60dc4f043494
d67c6a30bbb9f841e5fc883687b07ecbd33f0292c148b0b6edf499de0e742a6b
d6aaab2a83b2ac2e82dd58559ff7d24d0a4fefc67d51ad4ba10df9109c64be0b
d8de527623347db0ba4896b7be5665c691780bceac4eade2ecf0724f271479a3
dbac531ceb8f9d06b7dc4130dc22e559bea25184532a625c1425a12a5bbdbb3b
e2431940a325aa9239b7f28e9f1fa2123ecbc536ad5be1a5fa58290a330bd6dd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2bd1967455d002cfe26a5d61cffe7a69c2981d1354ae4fdf930aaa329ee433a
f4b04166b6e23095feb89427b395cff80036ef313d35ca34e3b4d2ca6c5ef32d
f88d50072687517cc0e2408b746d43e03a1e06c6a4b775a6fa6dbb46ed160a10
fe6fa38bdcad0846cb66678fbe4c2d54543c7a883cc46a84d5908bb5c029be06

cover.box3.net Open in urlscan Pro 88.212.29.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

114 Requests

100 %HTTPS

73 %IPv6

11 Domains

17 Subdomains

16 IPs

3 Countries

1050 kBTransfer

2656 kBSize

7 Cookies

0 Outgoing links

Page URL History

Redirected requests

114 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

cover.box3.net Open in urlscan Pro
88.212.29.3 Public Scan

Screenshot
Live screenshot

Full Image

114
Requests

100 %
HTTPS

73 %
IPv6

11
Domains

17
Subdomains

16
IPs

3
Countries

1050 kB
Transfer

2656 kB
Size

7
Cookies

114 HTTP transactions
5 data transactions