scanurl.net Open in urlscan Pro
104.193.110.123 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://scanurl.net/
Submission: On October 07 via manual (October 7th 2022, 10:43:21 am UTC) from RO — Scanned from DE

Summary HTTP 135 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 29 IPs in 5 countries across 27 domains to perform 135 HTTP transactions. The main IP is 104.193.110.123, located in United States and belongs to PRIVATESYSTEMS, US. The main domain is scanurl.net.
TLS certificate: Issued by cPanel, Inc. Certification Authority on September 23rd 2022. Valid for: 3 months.

This is the only time scanurl.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	104.193.110.123 104.193.110.123	63410 (PRIVATESY...) (PRIVATESYSTEMS)
5	142.250.185.170 142.250.185.170	15169 (GOOGLE) (GOOGLE)
20	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
2	142.250.186.142 142.250.186.142	15169 (GOOGLE) (GOOGLE)
2	172.217.18.3 172.217.18.3	15169 (GOOGLE) (GOOGLE)
16	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
3	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
3	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
24	172.217.16.193 172.217.16.193	15169 (GOOGLE) (GOOGLE)
8	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
12	142.250.186.35 142.250.186.35	15169 (GOOGLE) (GOOGLE)
6	172.217.18.6 172.217.18.6	15169 (GOOGLE) (GOOGLE)
1	34.95.89.54 34.95.89.54	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
12	172.67.74.129 172.67.74.129	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	142.250.186.164 142.250.186.164	15169 (GOOGLE) (GOOGLE)
1	91.228.74.251 91.228.74.251	16509 (AMAZON-02) (AMAZON-02)
1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1	3.11.254.218 3.11.254.218	16509 (AMAZON-02) (AMAZON-02)
1	104.26.7.27 104.26.7.27	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.26.10.209 104.26.10.209	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 3	23.203.81.208 23.203.81.208	16625 (AKAMAI-AS) (AKAMAI-AS)
1	148.251.139.77 148.251.139.77	24940 (HETZNER-AS) (HETZNER-AS)
1	104.18.126.5 104.18.126.5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.169.7.120 18.169.7.120	16509 (AMAZON-02) (AMAZON-02)
1	18.66.147.98 18.66.147.98	16509 (AMAZON-02) (AMAZON-02)
1	18.66.147.59 18.66.147.59	16509 (AMAZON-02) (AMAZON-02)
2	18.134.23.117 18.134.23.117	() ()
135	29

3 104.193.110.123 (United States)

ASN63410 (PRIVATESYSTEMS, US)
PTR: host.onlinelinkscan.com

scanurl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.3 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 172.217.16.193 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.18.6 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f6.1e100.net

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.89.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.89.95.34.bc.googleusercontent.com

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 172.67.74.129 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.164 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.228.74.251 (United Kingdom)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.11.254.218 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-11-254-218.eu-west-2.compute.amazonaws.com

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.7.27 (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.26.10.209 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.203.81.208 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-81-208.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.zenaps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.251.139.77 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.77.139.251.148.clients.your-server.de

banner.congstar.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.126.5 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

www.conrad.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.169.7.120 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-169-7-120.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-98.fra60.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-59.fra60.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.134.23.117 (None, )

ASN- ()

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 131 tpc.googlesyndication.com — Cisco Umbrella Rank: 170	510 KB
19	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 68 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 390 cm.g.doubleclick.net — Cisco Umbrella Rank: 304	151 KB
14	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 25287 ad4m.at — Cisco Umbrella Rank: 8491 assets.ad4m.at — Cisco Umbrella Rank: 32877	730 KB
14	gstatic.com fonts.gstatic.com www.gstatic.com	121 KB
7	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 136 www.google.com — Cisco Umbrella Rank: 19	2 KB
6	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 364	97 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 228	221 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 118	4 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 20711 api.webgains.io	31 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 5221	1 KB
3	scanurl.net scanurl.net	24 KB
2	awin1.com 2 redirects www.awin1.com — Cisco Umbrella Rank: 15064	1 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 703	2 KB
2	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 112563 static-de.ad4mat.net — Cisco Umbrella Rank: 165577	4 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 94	20 KB
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 55047	85 KB
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 39142	2 KB
1	conrad.de www.conrad.de — Cisco Umbrella Rank: 63758	654 B
1	zenaps.com 1 redirects www.zenaps.com — Cisco Umbrella Rank: 20790	696 B
1	congstar.de banner.congstar.de — Cisco Umbrella Rank: 58701	518 B
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 2279	297 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 493	461 B
1	pubmatic.com image6.pubmatic.com — Cisco Umbrella Rank: 915	166 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 2302	352 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 1504	464 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1003	644 B
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
135	27

	Domain	Requested by
24	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
20	pagead2.googlesyndication.com	scanurl.net pagead2.googlesyndication.com googleads.g.doubleclick.net www.gstatic.com tpc.googlesyndication.com www.googletagservices.com
15	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net scanurl.net
12	www.gstatic.com	googleads.g.doubleclick.net
6	assets.ad4m.at	as.ad4m.at
6	s0.2mdn.net	googleads.g.doubleclick.net s0.2mdn.net
5	www.googletagservices.com	googleads.g.doubleclick.net
5	fonts.googleapis.com	scanurl.net googleads.g.doubleclick.net
4	ad4m.at	as.ad4m.at ad4m.at
4	www.google.com	2 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
4	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
3	cm.g.doubleclick.net	googleads.g.doubleclick.net
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
3	scanurl.net	scanurl.net
2	api.webgains.io	analytics.webgains.io
2	www.awin1.com	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	fonts.gstatic.com	fonts.googleapis.com
2	www.google-analytics.com	scanurl.net www.google-analytics.com
1	cdn.track.production.webgains.team	as.ad4m.at
1	analytics.webgains.io	track.webgains.com
1	track.webgains.com	as.ad4m.at
1	www.conrad.de	as.ad4m.at
1	www.zenaps.com	1 redirects
1	banner.congstar.de	as.ad4m.at
1	static-de.ad4mat.net	as.ad4m.at
1	ag.innovid.com	googleads.g.doubleclick.net
1	pixel.rubiconproject.com	1 redirects
1	image6.pubmatic.com	googleads.g.doubleclick.net
1	rtb.openx.net	googleads.g.doubleclick.net
1	cms.quantserve.com	googleads.g.doubleclick.net
1	prod-rtb.ad4mat.net	scanurl.net
1	googleads4.g.doubleclick.net	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
135	36

This site contains links to these domains. Also see Links.

Domain
www.google.com
www.stopbadware.org
www.phishtank.com

Subject Issuer	Validity	Valid
scanurl.net cPanel, Inc. Certification Authority	`2022-09-23` - `2022-12-22`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2022-08-16` - `2022-11-14`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-07` - `2023-06-06`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh
*.webgains.com Amazon	`2022-06-14` - `2023-07-13`	a year	crt.sh
*.webgains.io Amazon	`2022-08-23` - `2023-09-21`	a year	crt.sh
cdn.track.production.webgains.team Amazon	`2022-09-29` - `2023-10-28`	a year	crt.sh

This page contains 24 frames:

Primary Page: https://scanurl.net/
Frame ID: 6E7B7D0FA38AEAEF41B045755E50D52A
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20190131/zrt_lookup.html
Frame ID: 2E51528BC083F3FBE3C8A894FE659C9F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8461867512759166&output=html&adk=1812271804&adf=3025194257&lmt=1665139395&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fscanurl.net%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665139395304&bpp=8&bdt=773&idt=112&shv=r20221003&mjsv=m202210030101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8267815838484&frm=20&pv=2&ga_vid=1235290233.1665139395&ga_sid=1665139395&ga_hid=733147286&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070102%2C31068921&oid=2&pvsid=4138105946784769&tmod=1682621173&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&ifi=1&uci=a!1&fsb=1&dtd=129
Frame ID: 352F3D483579EB73E502B588F448A31B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8461867512759166&output=html&h=250&slotname=9049922196&adk=300508382&adf=1934854494&pi=t.ma~as.9049922196&w=300&lmt=1665139395&format=300x250&url=https%3A%2F%2Fscanurl.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665139395312&bpp=2&bdt=780&idt=126&shv=r20221003&mjsv=m202210030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8267815838484&frm=20&pv=1&ga_vid=1235290233.1665139395&ga_sid=1665139395&ga_hid=733147286&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=665&ady=387&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070102%2C31068921&oid=2&pvsid=4138105946784769&tmod=1682621173&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cp&abl=XS&pfx=0&fu=1024&bc=31&ifi=2&uci=a!2&fsb=1&xpc=yd0esxzRG5&p=https%3A//scanurl.net&dtd=133
Frame ID: B894E81CE5F0C96703AE648E4A0EF30A
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8461867512759166&output=html&h=60&slotname=8361068198&adk=3421289187&adf=4021755624&pi=t.ma~as.8361068198&w=468&lmt=1665139395&format=468x60&url=https%3A%2F%2Fscanurl.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665139395314&bpp=1&bdt=782&idt=135&shv=r20221003&mjsv=m202210030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=8267815838484&frm=20&pv=1&ga_vid=1235290233.1665139395&ga_sid=1665139395&ga_hid=733147286&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=761&ady=918&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070102%2C31068921&oid=2&pvsid=4138105946784769&tmod=1682621173&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=1024&bc=31&ifi=3&uci=a!3&fsb=1&xpc=9PaCi9ZMuR&p=https%3A//scanurl.net&dtd=139
Frame ID: CE1BCC1BAC57148A27C36CCE225275EE
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8461867512759166&output=html&h=280&adk=196531977&adf=1653495995&pi=t.aa~a.3974924148~i.3~rp.4&w=819&fwrn=4&fwrnh=100&lmt=1665139396&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9519448499&ad_type=text_image&format=819x280&url=https%3A%2F%2Fscanurl.net%2F&fwr=0&pra=3&rh=200&rw=818&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665139396208&bpp=2&bdt=1676&idt=-M&shv=r20221003&mjsv=m202210030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6cc74fc0a7ee7254-2226746b3cce0061%3AT%3D1665139395%3ART%3D1665139395%3AS%3DALNI_Magk5f6Bt7oS1pEtfqXiUVrKIjISw&prev_fmts=0x0%2C300x250%2C468x60&nras=2&correlator=8267815838484&frm=20&pv=1&ga_vid=1235290233.1665139395&ga_sid=1665139395&ga_hid=733147286&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=389&ady=1607&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070102%2C31068921&oid=2&pvsid=4138105946784769&tmod=1682621173&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=FRFRfViDXP&p=https%3A//scanurl.net&dtd=12
Frame ID: FD68C69DA6C662466D659D3CAAD0CA8E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8461867512759166&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1665139396&rafmt=1&to=qs&pwprc=9519448499&format=1200x90&url=https%3A%2F%2Fscanurl.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665139396208&bpp=1&bdt=1676&idt=1&shv=r20221003&mjsv=m202210030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6cc74fc0a7ee7254-2226746b3cce0061%3AT%3D1665139395%3ART%3D1665139395%3AS%3DALNI_Magk5f6Bt7oS1pEtfqXiUVrKIjISw&prev_fmts=0x0%2C300x250%2C468x60%2C819x280&nras=3&correlator=8267815838484&frm=20&pv=1&ga_vid=1235290233.1665139395&ga_sid=1665139395&ga_hid=733147286&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=208&ady=2628&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070102%2C31068921&oid=2&pvsid=4138105946784769&tmod=1682621173&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=eoBkGW745L&p=https%3A//scanurl.net&dtd=18
Frame ID: F885B8E1CEFE9CD0346A27BF0145DC6F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1
Frame ID: 2022B94E1F168DEA9B11025262D94CA9
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1
Frame ID: FAA100297AB2355E05CE8EF1EA16E950
Requests: 17 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/cc2fa6f05f6b7ab36f626f2501931c3a.js?tag=client_fast_engine_2019
Frame ID: C2E6EF1A429AA85642B0CBCE1E7671DB
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A66EF26FEEE4DC2F4ECE57D5E91A6E76
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=C2zPHxAJAY5qYENmIxdwP0fa6uAyQ4YGEXLaoworwAsCNtwEQASAAYJXSo4KwB4IBF2NhLXB1Yi04NDYxODY3NTEyNzU5MTY2yAEJqQIj0McHP2-wPqgDAaoEvQFP0EWW8tbac_kv4aQrIT1mQUm6p5fD6ZFOSEvUbXszJMEFG89QEPPR31qMtdZXd2fg_317WpBBYik-dCb_UxEGvWH1nK3p6SDs-4m09YuNCZ6pBgFtnjE6GAcNub7ThUNDY7jMYFk8oVXew2qMU2rS7yQkrj2KD5X22cVZkZ89RgKJ_3Pcg00ZX_KIzF-6NHgcWr9r3jBkNlYzFPuVKaoqAWZlgGNRqhWHvLHkFQbA_mkVjGf1z6kiHrTHXeyABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItODQ2MTg2NzUxMjc1OTE2NhgA&sigh=_jakPOM9ZFc&uach_m=[UACH]&cid=CAQSOwCsnQUxtOAYIN7qQeGFyGfXQfHXbZ1UfZTvQtzB7LSqfuLIv9oUrhfT9zlwDH0aXjGK0mgI_JA_ElcVGAEgEw
Frame ID: 742A9DEE2AA9FBACDCC3E1E1F1AA22D2
Requests: 7 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1ga2833rf8avqtbr3d0kk88249v14mbr2q5jv3810phg83csbmeackwrja2ss4jyxc5tbd0vxkj880xn61x7v6jr1n0z32jnswt3e8c6p104st4p3pn8v40rsvacr645q710rs95cxc8p0hfngehfef8sgzda27nr8adnzr4ff8bs9j14fcywz7w95ms9g46m36b4qjpj21r3ek40rc84e8jxkaktz6qyzk9gmgbb313qjvj552hzfq8thz07cw39640em25xt09ass3t110z13hx02d5te4qvtwdvds2bxmk7anww1pc0zft4yz7dv7tw380sctnwn9q2dxr5r3c192y4vv4bn6mcqd6pc6waj7a3hq1az1frg28xp54y2ywft4njv6kss9jqs8jx8wmfrzncw7gv1e&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmmrtxAJAY5qYENmIxdwP0fa6uAyQ4YGEXLaoworwAsCNtwEQASAAYJXSo4KwB4IBF2NhLXB1Yi04NDYxODY3NTEyNzU5MTY2yAEJqQIj0McHP2-wPqgDAaoEwAFP0EWW8tbac_kv4aQrIT1mQUm6p5fD6ZFOSEvUbXszJMEFG89QEPPR31qMtdZXd2fg_317WpBBYik-dCb_UxEGvWH1nK3p6SDs-4m09YuNCZ6pBgFtnjE6GAcNub7ThUNDY7jMYFk8oVXew2qMU2rS7yQkrj2KD5X22cVZkZ89RgKJ_3Pcg00ZX_KIzF-6NHgcWr9r3jBkdFQShixsrurihi7zWirDWCyTthzuOx4dfqtcHp9h0YU6y2hYHSSjC-6ABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1UEFyRXkbfOWNkbgOURdzqoSByiQ%26client%3Dca-pub-8461867512759166%26adurl%3D
Frame ID: E8B07E8B3043A06062B9FAE22D0E89D8
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5EA20624C59AE4CB8801AE7E77333DA8
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 74332857CB83B69B4E7ADC36D95F9D55
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: AEBACA1AEF005FD77936B208A960A07C
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4432276832174944504/MAR432-emailSearch-PL-newSite-300x250-v1/index.html
Frame ID: FC614F3340C44D18AEEF6A94B8254BDC
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js
Frame ID: E2D6F96948C1CFFE88096D3586EB7735
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js
Frame ID: 8AEB523A8C87637664E4AC4329E8BF24
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js
Frame ID: 152E19E1B63634C501E9116E053EF02D
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: BBDB6D48C7116A5338BD49275A6CB4DE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E3193B6AB2CA206A213DD79042757468
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4150BC54C25AE10C6BAFB1B53091D25E
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C14019&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=6e3184dbbdb0bcc52ac064125221ba7a%2F12266327316882637105&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1665139398896&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jcpb31kw8yqz2mmv5jr3cbv34t4mbmvbykmdbyesbmrka1rb32swyr3xf4ha1htkb0mmk2kv3awbk2rthtprfz2x64nekf3ycbs8qg1mtr1w81t4h100znzw71amxepd4ypw0b8y6bexb6ag6c978e7cw0aswwxyneazyj1y8gj4engwn521kknk0e1txpmnc5yeksdhm8zm430xcvfsefbdxnk51ff8efatnehq016thqbjsvnezzctsgt0f5vmfhtkgqt1bdk8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmmrtxAJAY5qYENmIxdwP0fa6uAyQ4YGEXLaoworwAsCNtwEQASAAYJXSo4KwB4IBF2NhLXB1Yi04NDYxODY3NTEyNzU5MTY2yAEJqQIj0McHP2-wPqgDAaoEwAFP0EWW8tbac_kv4aQrIT1mQUm6p5fD6ZFOSEvUbXszJMEFG89QEPPR31qMtdZXd2fg_317WpBBYik-dCb_UxEGvWH1nK3p6SDs-4m09YuNCZ6pBgFtnjE6GAcNub7ThUNDY7jMYFk8oVXew2qMU2rS7yQkrj2KD5X22cVZkZ89RgKJ_3Pcg00ZX_KIzF-6NHgcWr9r3jBkdFQShixsrurihi7zWirDWCyTthzuOx4dfqtcHp9h0YU6y2hYHSSjC-6ABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1UEFyRXkbfOWNkbgOURdzqoSByiQ%2526client%253Dca-pub-8461867512759166%2526adurl%253D&y=1&s=&z=0
Frame ID: D02030C842D25D7DE9938E801EBE9AFD
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Website/URL/Link Scanner Safety Check for Phishing, Malware, Viruses - ScanURL.net

Detected technologies

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

Page Statistics

135
Requests

96 %
HTTPS

0 %
IPv6

27
Domains

36
Subdomains

29
IPs

5
Countries

2007 kB
Transfer

4129 kB
Size

22
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.google.com/safebrowsing/report_phish/?continue=http%3A%2F%2Fwww.google.com%2Ftools%2Ffirefox%2Ftoolbar%2FFT2%2Fintl%2Fen%2Fsubmit_success.html
Title: Report a phishing URL

Search URL Search Domain Scan URL

URL: https://www.google.com/safebrowsing/report_error/?continue=http%3A%2F%2Fwww.google.com%2Ftools%2Ffirefox%2Ftoolbar%2FFT2%2Fintl%2Fen%2Fsubmit_success.html
Title: on their phishing list in error

Search URL Search Domain Scan URL

URL: https://www.google.com/safebrowsing/report_badware/
Title: Report malware

Search URL Search Domain Scan URL

URL: http://www.stopbadware.org/home/reviewinfo
Title: on their malware list in error

Search URL Search Domain Scan URL

URL: http://www.phishtank.com/faq.php#whydoihavetoregister
Title: Report a suspected phishing URL

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 82

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 89

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFgYrCB4Kfuai9P1F762q-g&google_cver=1&google_push=AZmPxg9RYI7mnvr2CRzeVKRzNw-sCV4LHq-uXjGqyYLRCWQ2Tny_EJTGN3VhPS9zl-2FZxRUUoI-O7ivq4nKTvDEpXumOc1rdOSQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhZRDA1S0ktMUQtOVQ0Wg==&google_push=AZmPxg9RYI7mnvr2CRzeVKRzNw-sCV4LHq-uXjGqyYLRCWQ2Tny_EJTGN3VhPS9zl-2FZxRUUoI-O7ivq4nKTvDEpXumOc1rdOSQ

Request Chain 90

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEB_65T_UkUs0ohpoErjqxfE&google_cver=1&google_push=AZmPxg_MJMgfKttZN9do5gU7kgC1RVDo2dL3HcNquiAVi_W_0G_fqwG61gFw9kdkeYSeSN1SzaZ8scyEQ-p-tiVi7ZGDSi2SWMsn HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEB_65T_UkUs0ohpoErjqxfE&google_push=AZmPxg_MJMgfKttZN9do5gU7kgC1RVDo2dL3HcNquiAVi_W_0G_fqwG61gFw9kdkeYSeSN1SzaZ8scyEQ-p-tiVi7ZGDSi2SWMsn&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEB_65T_UkUs0ohpoErjqxfE&google_hm=Y0ACxQfRvRGLZTHe0y0u8QAABKUAAAAB&google_nid=index&google_push=AZmPxg_MJMgfKttZN9do5gU7kgC1RVDo2dL3HcNquiAVi_W_0G_fqwG61gFw9kdkeYSeSN1SzaZ8scyEQ-p-tiVi7ZGDSi2SWMsn

Request Chain 95

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 125

https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=pv_oneidGjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tEoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1665139399_db86e6f0-462c-11ed-a733-2235c9b4021a

Request Chain 130

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7oneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.zenaps.com/cshow.php?pvr=db8400c0-462c-11ed-b2b2-2232e0b3d466&v=11354&r=412871&q=377129&s=2470185&viewref3=oneidRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7oneid__dc_reach_suite02wkz&pv=1&gdpr=0&gdpr_consent= HTTP 302
https://www.conrad.de/ztpv.php?awc=11354_412871_1665139399_db8400c0-462c-11ed-b2b2-2232e0b3d466&insert=AW&&gdpr=0&gdpr_consent=

135 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
scanurl.net/ 17 KB
6 KB 540ms
320ms Document
text/html 104.193.110.123
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL: https://scanurl.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.193.110.123 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS: host.onlinelinkscan.com
Software: Apache /
Resource Hash: e5e5c85497f1eacdeecc3bf982cb75bf5a4535906157e1896cb0044c4144e577

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 5706
Content-Type: text/html; charset=UTF-8
Date: Fri, 07 Oct 2022 10:43:14 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=100
P3P: CP="NOI NID CURa ADMa DEVa OUR IND NAV" , policyref="/w3c/p3p.xml"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 368ms
26ms Stylesheet
text/css 142.250.185.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Arimo:b,n

Requested by

Host: scanurl.net
URL: https://scanurl.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f10.1e100.net

Software

ESF /

Resource Hash

3da48afbe47fc124def22b7f1998aaf96a0d8d5d5652232fdd545cd550135794

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scanurl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 07 Oct 2022 10:43:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 07 Oct 2022 10:43:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 07 Oct 2022 10:43:14 GMT

GET
H/1.1 200
OK cssss.css
scanurl.net/ 9 KB
2 KB 105ms
105ms Stylesheet
text/css 104.193.110.123
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL: https://scanurl.net/cssss.css
Requested by: Host: scanurl.net
URL: https://scanurl.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.193.110.123 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS: host.onlinelinkscan.com
Software: Apache /
Resource Hash: a22f68901d9b1c24d067ee7bc03e726f65efb7da1547a0d5da5ed212dc30a60b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scanurl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 10:43:14 GMT
Content-Encoding: gzip
Last-Modified: Tue, 09 May 2017 08:27:22 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=14400
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1913
Expires: Fri, 07 Oct 2022 14:43:14 GMT

GET
H/1.1 200
OK sun-logo-1.jpg
scanurl.net/images/ 15 KB
15 KB 105ms
104ms Image
image/jpeg 104.193.110.123
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scanurl.net/images/sun-logo-1.jpg
Requested by: Host: scanurl.net
URL: https://scanurl.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.193.110.123 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS: host.onlinelinkscan.com
Software: Apache /
Resource Hash: edf297b6b68e2f6f35e31793aaa4efe7786f7658039718249f5c0f43ae78cd67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scanurl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Fri, 07 Oct 2022 10:43:14 GMT
Last-Modified: Thu, 16 Mar 2017 14:42:41 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: max-age=86400
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 15371
Expires: Sat, 08 Oct 2022 10:43:14 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 162 KB
54 KB 388ms
43ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8461867512759166

Requested by

Host: scanurl.net
URL: https://scanurl.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

73f7254d9165529ff0900751efcf8322b97f2819bdf3ceeb101e497210150e77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://scanurl.net/
Origin: https://scanurl.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 10:43:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54490
x-xss-protection: 0
server: cafe
etag: 4750352565390345626
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 07 Oct 2022 10:43:15 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 162 KB
54 KB 402ms
68ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: scanurl.net
URL: https://scanurl.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

564fbb1b1d49025b23a4d77a8543176cf55d547a4d21b46bed567af3a4f0b85f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scanurl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 10:43:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54647
x-xss-protection: 0
server: cafe
etag: 13027152623775641090
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 07 Oct 2022 10:43:15 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 355ms
13ms Script
text/javascript 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: scanurl.net
URL: https://scanurl.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scanurl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 07 Oct 2022 09:15:57 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 5238
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Fri, 07 Oct 2022 11:15:57 GMT

GET
H2 200 P5sMzZCDf9_T_10ZxCE.woff2
fonts.gstatic.com/s/arimo/v27/ 18 KB
18 KB 385ms
23ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/arimo/v27/P5sMzZCDf9_T_10ZxCE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Arimo:b,n

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f3.1e100.net

Software

sffe /

Resource Hash

1ff84f1e03eb15dedc4668f0817372b734934076bc936e12c5c0bd3944dab0c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://scanurl.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 16:55:16 GMT
x-content-type-options: nosniff
age: 150479
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18260
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 21:03:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Oct 2023 16:55:16 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210030101/ 351 KB
116 KB 63ms
63ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8461867512759166&plah=scanurl.net&bust=31070102

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8461867512759166

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1c1fcf9728b691ac7400d08dc2010ebb5a57031c71ef3acee1b93122d2579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scanurl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 10:43:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118073
x-xss-protection: 0
server: cafe
etag: 15356778761713125731
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 07 Oct 2022 10:43:15 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221003/r20190131/ Frame 2E51 10 KB
5 KB 394ms
23ms Document
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221003/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8461867512759166

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://scanurl.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 4711
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 09:24:44 GMT
etag: 9671129459699598864
expires: Fri, 21 Oct 2022 09:24:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
204 B 21ms
20ms XHR
text/plain 142.250.186.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=733147286&t=pageview&_s=1&dl=https%3A%2F%2Fscanurl.net%2F&ul=en-us&de=UTF-8&dt=Website%2FURL%2FLink%20Scanner%20Safety%20Check%20for%20Phishing%2C%20Malware%2C%20Viruses%20-%20ScanURL.net&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=15814684&gjid=2012932281&cid=1235290233.1665139395&tid=UA-92171149-1&_gid=691001102.1665139395&_r=1&_slc=1&z=536086872

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://scanurl.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 07 Oct 2022 10:43:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://scanurl.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 215 B
644 B 359ms
22ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=scanurl.net&callback=_gfp_s_&client=ca-pub-8461867512759166

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8461867512759166&plah=scanurl.net&bust=31070102

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

23b5c1186602b1deb37c6b0f0f49b7f83b9ec923758e601555540560b158b86f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scanurl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 10:43:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 200
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 378ms
22ms Script
application/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=scanurl.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scanurl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 10:43:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 363ms
22ms Script
application/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=scanurl.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scanurl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 10:43:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 352F 258 KB
65 KB 704ms
434ms Document
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8461867512759166&output=html&adk=1812271804&adf=3025194257&lmt=1665139395&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fscanurl.net%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665139395304&bpp=8&bdt=773&idt=112&shv=r20221003&mjsv=m202210030101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8267815838484&frm=20&pv=2&ga_vid=1235290233.1665139395&ga_sid=1665139395&ga_hid=733147286&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070102%2C31068921&oid=2&pvsid=4138105946784769&tmod=1682621173&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=31&ifi=1&uci=a!1&fsb=1&dtd=129

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

4b272c6b2d4da51ffa551d8043f4c55d0aa40e64d6a818332dbec7de56dc124d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://scanurl.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 66757
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 10:43:16 GMT
expires: Fri, 07 Oct 2022 10:43:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B894 63 KB
29 KB 770ms
513ms Document
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8461867512759166&output=html&h=250&slotname=9049922196&adk=300508382&adf=1934854494&pi=t.ma~as.9049922196&w=300&lmt=1665139395&format=300x250&url=https%3A%2F%2Fscanurl.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665139395312&bpp=2&bdt=780&idt=126&shv=r20221003&mjsv=m202210030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8267815838484&frm=20&pv=1&ga_vid=1235290233.1665139395&ga_sid=1665139395&ga_hid=733147286&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=665&ady=387&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070102%2C31068921&oid=2&pvsid=4138105946784769&tmod=1682621173&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cp&abl=XS&pfx=0&fu=1024&bc=31&ifi=2&uci=a!2&fsb=1&xpc=yd0esxzRG5&p=https%3A//scanurl.net&dtd=133

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

ab63cfcecd7190094757bc211b69d95a3e9c205b9284b47a2f89a0e53c66f7c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://scanurl.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 29574
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 10:43:16 GMT
expires: Fri, 07 Oct 2022 10:43:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CE1B 77 KB
29 KB 691ms
441ms Document
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8461867512759166&output=html&h=60&slotname=8361068198&adk=3421289187&adf=4021755624&pi=t.ma~as.8361068198&w=468&lmt=1665139395&format=468x60&url=https%3A%2F%2Fscanurl.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665139395314&bpp=1&bdt=782&idt=135&shv=r20221003&mjsv=m202210030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=8267815838484&frm=20&pv=1&ga_vid=1235290233.1665139395&ga_sid=1665139395&ga_hid=733147286&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=761&ady=918&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070102%2C31068921&oid=2&pvsid=4138105946784769&tmod=1682621173&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=1024&bc=31&ifi=3&uci=a!3&fsb=1&xpc=9PaCi9ZMuR&p=https%3A//scanurl.net&dtd=139

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

c7e2beb3e760403cfca09c5a419c3371983224c9f91e45077e4b96882069e4b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://scanurl.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 29583
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 10:43:16 GMT
expires: Fri, 07 Oct 2022 10:43:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame CE1B 8 KB
991 B 27ms
26ms Stylesheet
text/css 142.250.185.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8461867512759166&output=html&h=60&slotname=8361068198&adk=3421289187&adf=4021755624&pi=t.ma~as.8361068198&w=468&lmt=1665139395&format=468x60&url=https%3A%2F%2Fscanurl.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665139395314&bpp=1&bdt=782&idt=135&shv=r20221003&mjsv=m202210030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=8267815838484&frm=20&pv=1&ga_vid=1235290233.1665139395&ga_sid=1665139395&ga_hid=733147286&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=761&ady=918&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070102%2C31068921&oid=2&pvsid=4138105946784769&tmod=1682621173&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=1024&bc=31&ifi=3&uci=a!3&fsb=1&xpc=9PaCi9ZMuR&p=https%3A//scanurl.net&dtd=139

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f10.1e100.net

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 07 Oct 2022 10:43:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 07 Oct 2022 10:09:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 07 Oct 2022 10:43:16 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame CE1B 2 KB
983 B 395ms
43ms Script
text/javascript 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f1.1e100.net

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 10:38:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 268
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Oct 2022 10:38:48 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame CE1B 0
0 61ms
60ms Fetch
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C_0M7wwJAY-WjLcmXxdwP0bGnqAXvvofpbPyd0_SrDqe8t-PjKBABIIKN7wVgldKjgrAHoAGf_LeYAcgBAakCofwFWXRsqD6oAwHIA8sEqgTTAU_QV3zwH4_O5wXio5QXUsJtnOMBTwflHO3rBgMtT_mAlv3OCmnokPnpROa-Gawc2-8y86rIoGHVHhWJQ2_0vRFF8n-7FG9-nu3OYaywCWSSUTERVFq4pHOV1sC1P1BHTnuLFVugTEbducMjVPZXeaKzPnRid4uByrsBscIkGh2jGO_ONIiIxcEIs2MfINd2DaqjRipuC9nHPJjwQQx5C5fPd27rD1Ixt0cY2DwTrVACYbD-PqIUz_u5mrFLKy2o2ow3yfmb2Pan9EIasUGU9HiVCyXABLHIlL_VA5IFBAgEGAGSBQQIBRgEgAfJg8jnAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEOHzB9IIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMKiBQC0BUBgBcBshccChoIABIUcHViLTg0NjE4Njc1MTI3NTkxNjYYAA&sigh=l1dXk3QQTXs&uach_m=[UACH]

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8461867512759166&output=html&h=60&slotname=8361068198&adk=3421289187&adf=4021755624&pi=t.ma~as.8361068198&w=468&lmt=1665139395&format=468x60&url=https%3A%2F%2Fscanurl.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665139395314&bpp=1&bdt=782&idt=135&shv=r20221003&mjsv=m202210030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=8267815838484&frm=20&pv=1&ga_vid=1235290233.1665139395&ga_sid=1665139395&ga_hid=733147286&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=761&ady=918&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070102%2C31068921&oid=2&pvsid=4138105946784769&tmod=1682621173&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=1024&bc=31&ifi=3&uci=a!3&fsb=1&xpc=9PaCi9ZMuR&p=https%3A//scanurl.net&dtd=139
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 07 Oct 2022 10:43:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 07 Oct 2022 10:43:16 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/ Frame CE1B 23 KB
10 KB 362ms
12ms Script
text/javascript 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f1.1e100.net

Software

cafe /

Resource Hash

7a2c6856e8437c3183ec517c59fc9724eb82cac59f685970113a7fb15ecd272c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 10:40:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 144
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9540
x-xss-protection: 0
server: cafe
etag: 6580860447119072478
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Oct 2022 10:40:52 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame CE1B 3 KB
1 KB 394ms
45ms Script
text/javascript 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f1.1e100.net

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 10:11:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1931
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Oct 2022 10:11:05 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame CE1B 17 KB
7 KB 363ms
14ms Script
text/javascript 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f1.1e100.net

Software

cafe /

Resource Hash

65f4e452b96ef3e5e3a4631d99c63dd7239dcbcb88de679ac74ac30d3d4988cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 10:07:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2128
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7528
x-xss-protection: 0
server: cafe
etag: 13775775994264215463
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Oct 2022 10:07:48 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CE1B 142 KB
45 KB 384ms
33ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

sffe /

Resource Hash

ba29faf5efe544ed157bbf56aafd0555a22103b36514708d7fcd196fc361c2f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 10:43:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45072
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664970042070988"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 07 Oct 2022 10:43:16 GMT

GET
H2 200 ff28bd887d5918000d85a256eb9567a4.js Show response
www.gstatic.com/mysidia/ Frame CE1B 32 KB
14 KB 365ms
29ms Script
text/javascript 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ff28bd887d5918000d85a256eb9567a4.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

9a61fe6e2743a18f977ac18a2f805735e8dccf115b16dbbbd2e3864ae98d4c33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 10:33:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 173413
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13740
x-xss-protection: 0
last-modified: Fri, 30 Sep 2022 21:54:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 03 Jan 2023 10:33:03 GMT

GET
H2 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210030101/ 151 KB
54 KB 30ms
30ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210030101/reactive_library_fy2021.js?bust=31070102

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

dcde3d3ac6821996f4d31f314ab2a97a558cfd359de203015e03660fa08b3902

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scanurl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 10:43:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55031
x-xss-protection: 0
server: cafe
etag: 3454813419547958341
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 07 Oct 2022 10:43:16 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 26ms
22ms Script
application/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=scanurl.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scanurl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 10:43:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 25ms
22ms Script
application/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=scanurl.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scanurl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 10:43:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FD68 430 B
502 B 507ms
505ms Document
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8461867512759166&output=html&h=280&adk=196531977&adf=1653495995&pi=t.aa~a.3974924148~i.3~rp.4&w=819&fwrn=4&fwrnh=100&lmt=1665139396&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=9519448499&ad_type=text_image&format=819x280&url=https%3A%2F%2Fscanurl.net%2F&fwr=0&pra=3&rh=200&rw=818&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665139396208&bpp=2&bdt=1676&idt=-M&shv=r20221003&mjsv=m202210030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6cc74fc0a7ee7254-2226746b3cce0061%3AT%3D1665139395%3ART%3D1665139395%3AS%3DALNI_Magk5f6Bt7oS1pEtfqXiUVrKIjISw&prev_fmts=0x0%2C300x250%2C468x60&nras=2&correlator=8267815838484&frm=20&pv=1&ga_vid=1235290233.1665139395&ga_sid=1665139395&ga_hid=733147286&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=389&ady=1607&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070102%2C31068921&oid=2&pvsid=4138105946784769&tmod=1682621173&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=FRFRfViDXP&p=https%3A//scanurl.net&dtd=12

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

987107953e9eec851d560f8fd299646f27e25bcc234e76dacb6206121dac9db0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://scanurl.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 207
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 10:43:16 GMT
expires: Fri, 07 Oct 2022 10:43:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F885 31 KB
13 KB 363ms
363ms Document
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8461867512759166&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1665139396&rafmt=1&to=qs&pwprc=9519448499&format=1200x90&url=https%3A%2F%2Fscanurl.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665139396208&bpp=1&bdt=1676&idt=1&shv=r20221003&mjsv=m202210030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6cc74fc0a7ee7254-2226746b3cce0061%3AT%3D1665139395%3ART%3D1665139395%3AS%3DALNI_Magk5f6Bt7oS1pEtfqXiUVrKIjISw&prev_fmts=0x0%2C300x250%2C468x60%2C819x280&nras=3&correlator=8267815838484&frm=20&pv=1&ga_vid=1235290233.1665139395&ga_sid=1665139395&ga_hid=733147286&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=208&ady=2628&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070102%2C31068921&oid=2&pvsid=4138105946784769&tmod=1682621173&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=eoBkGW745L&p=https%3A//scanurl.net&dtd=18

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

f5f64b070f20b7a39cad82a8faec57e66049cafbc1fdf15e3db28f84b4292ec9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://scanurl.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 12544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 10:43:16 GMT
expires: Fri, 07 Oct 2022 10:43:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame B894 35 KB
14 KB 316ms
31ms Script
text/javascript 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/m_js_controller_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8461867512759166&output=html&h=250&slotname=9049922196&adk=300508382&adf=1934854494&pi=t.ma~as.9049922196&w=300&lmt=1665139395&format=300x250&url=https%3A%2F%2Fscanurl.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665139395312&bpp=2&bdt=780&idt=126&shv=r20221003&mjsv=m202210030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8267815838484&frm=20&pv=1&ga_vid=1235290233.1665139395&ga_sid=1665139395&ga_hid=733147286&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=665&ady=387&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070102%2C31068921&oid=2&pvsid=4138105946784769&tmod=1682621173&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cp&abl=XS&pfx=0&fu=1024&bc=31&ifi=2&uci=a!2&fsb=1&xpc=yd0esxzRG5&p=https%3A//scanurl.net&dtd=133

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f1.1e100.net

Software

cafe /

Resource Hash

1de33fafa47a9ed9f2c59b42da324f4135a43a142ad10bdd365c8279ab968de6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 09:12:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5426
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14211
x-xss-protection: 0
server: cafe
etag: 6957495301636067003
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Oct 2022 09:12:50 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame B894 3 KB
1 KB 325ms
41ms Script
text/javascript 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f1.1e100.net

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 10:11:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1931
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Oct 2022 10:11:05 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame B894 17 KB
7 KB 299ms
15ms Script
text/javascript 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f1.1e100.net

Software

cafe /

Resource Hash

65f4e452b96ef3e5e3a4631d99c63dd7239dcbcb88de679ac74ac30d3d4988cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 10:07:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2128
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7528
x-xss-protection: 0
server: cafe
etag: 13775775994264215463
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Oct 2022 10:07:48 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B894 142 KB
44 KB 347ms
61ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

sffe /

Resource Hash

ba29faf5efe544ed157bbf56aafd0555a22103b36514708d7fcd196fc361c2f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 10:43:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45072
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664970042070988"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 07 Oct 2022 10:43:16 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/ Frame B894 23 KB
9 KB 310ms
26ms Script
text/javascript 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f1.1e100.net

Software

cafe /

Resource Hash

7a2c6856e8437c3183ec517c59fc9724eb82cac59f685970113a7fb15ecd272c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 10:40:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 144
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9540
x-xss-protection: 0
server: cafe
etag: 6580860447119072478
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Oct 2022 10:40:52 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame B894 0
0 71ms
56ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst86cpr1TISrAJtfuscxgprZ7id3wV2TwqUSM_Vx8-A2DBkPuwiztcdfXdr21AR5yMtoMraTZJoCw5oiIjXEMHEdWDDNrJSdDifklKPHA9NUfx_V_FC2HPVLgW06CA1fAb0O9sC61xK37KQ4Yq5a8z7M1LJOY9nyzIPF0nvK_vJ-o-qsEixPI9mPI3_NQ_GZpt7fNQTSMHISU0JmpKHQSTkrSfn4e0l4Mz5yJKSy9Oxj4d1evj2QGPzrZOlDf_zIXqPtv5znPccENYtdEvJIrt1_kiAoVCkxEMIVaNtL-QJOypwJ9hK81LIAl8LWo8JMm2t9dAc9plLJTPuG7ptccydfxAX2Xsjj0djZx7BmYLfSbvTvLBpkUcSN0z9CQxK8lZLXuMpZo3oMfmNA8lujjVotnE1Fe4x1FzOYmrzBNBHopZe3NAzFjTjMn0NehbAkbaLm4Vcv8LYZrpXcuD-H5KwYLPKtyivNNgze9b9G_2h7w0SeG96pAEcEe3w-ow16cpCRVp_NHzmNsIfShHej1adXRb2V6aC9IiP_XAouxS8du88UCPhXcptD2DL7qMXjryqLUEJXd7Jc2KRbAiaLPAZiBBwGM-sunVjMDt4mMNbXvaCgx8BOP1eg_nx97cbFf9W3070gDde_1pFrwUgXH9X8mso30l0EG6pajgNpAeU8crIgqqYyDbdirVgV4QgNuA4KRbC7gN4SNnnWivtaWYV5AHFXAqw7uNzNJJNxIRL5o_wvdKkw0eo7xpD3Q-LDGNfHELQ7szKy6tU8eqCA9eNw67PgaaF_3CuIK2ROb6vv8roKCziRC8YvgISF5I8AGOwB9lhXQivQb66BXPf7OAbQ-mGAk4fzS_w-HmqccnD0hGGR4Snw1FTOjgOBaBiq8lb3HoMZkmXfFGC2eV8XcycFitIQ2HvZulcGs0Mq07FWpJczYSgws38Tsu-iS7dJjQqTPlbOeWF&sai=AMfl-YSLss2U9DTPXqoDJdmvXZvJZGyAgw7y5gGpIyq2mwX7K44EWW8rN6k1VGKt3IyZ5si-dtYuZZmpDX3Jb7WoTltbSQn6-d24dI0ODAelIyL12LL5&sig=Cg0ArKJSzBQKpGmqqSMfEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 07 Oct 2022 10:43:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame B894 106 KB
38 KB 375ms
13ms Script
text/javascript 172.217.18.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f6.1e100.net

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 10:24:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1114
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 08 Oct 2022 10:24:42 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame B894 41 KB
15 KB 317ms
42ms Script
text/javascript 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 10:22:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 87647
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Oct 2023 10:22:29 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 23ms
22ms Script
application/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=scanurl.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scanurl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 10:43:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 23ms
23ms Script
application/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=scanurl.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scanurl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 10:43:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/ Frame 2022 10 KB
4 KB 15ms
15ms Document
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://scanurl.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 30584
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 02:13:32 GMT
etag: 9671129459699598864
expires: Fri, 21 Oct 2022 02:13:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/ Frame FAA1 10 KB
4 KB 14ms
14ms Document
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://scanurl.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 30584
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 02:13:32 GMT
etag: 9671129459699598864
expires: Fri, 21 Oct 2022 02:13:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 2022 4 KB
709 B 25ms
25ms Stylesheet
text/css 142.250.185.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f10.1e100.net

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 07 Oct 2022 10:43:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 07 Oct 2022 09:52:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 07 Oct 2022 10:43:16 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2022 205 B
293 B 246ms
36ms Image
image/png 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 10:42:52 GMT
x-content-type-options: nosniff
age: 24
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 07 Oct 2023 10:42:52 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2022 604 B
918 B 245ms
36ms Image
image/png 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 10:28:38 GMT
x-content-type-options: nosniff
age: 878
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 07 Oct 2023 10:28:38 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/elements/html/ Frame 2022 19 KB
8 KB 250ms
30ms Script
text/javascript 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f1.1e100.net

Software

cafe /

Resource Hash

6efff8ce63d77eba89e9cc15af6dbccc657068130e89225fc662a0c580cea9b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 10:34:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 553
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8224
x-xss-protection: 0
server: cafe
etag: 17584738254627026664
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Oct 2022 10:34:03 GMT

GET
H2 200 cc2fa6f05f6b7ab36f626f2501931c3a.js Show response
www.gstatic.com/mysidia/ Frame FAA1 10 KB
5 KB 221ms
16ms Script
text/javascript 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/cc2fa6f05f6b7ab36f626f2501931c3a.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

b5b7440eb01b4db530c8b12650e39b4a3bfb1b49b7518c76b08bb6e8b8434a2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 06:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15691
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4312
x-xss-protection: 0
last-modified: Fri, 07 Oct 2022 06:02:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 06:21:45 GMT

GET
H2 200 9a8178d18d321307744a4c8ce46adea2.js Show response
www.gstatic.com/mysidia/ Frame FAA1 10 KB
4 KB 230ms
24ms Script
text/javascript 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9a8178d18d321307744a4c8ce46adea2.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

311d6e0a623475d73c35b2a61232ef0621db876a120cf7069721cb04f06ad003

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 07:10:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12787
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4293
x-xss-protection: 0
last-modified: Fri, 07 Oct 2022 06:02:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 07:10:09 GMT

GET
H2 200 bca10ddd16af34d21051a380f937ccd2.js Show response
www.gstatic.com/mysidia/ Frame FAA1 18 KB
8 KB 222ms
17ms Script
text/javascript 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/bca10ddd16af34d21051a380f937ccd2.js?tag=pingback

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

781435863bd553fd2673b10b1dda8faad16ba7f9113560d4a9815615b8ddf5cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 07:39:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11028
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7723
x-xss-protection: 0
last-modified: Fri, 07 Oct 2022 06:02:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 07:39:28 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame FAA1 8 KB
968 B 25ms
23ms Stylesheet
text/css 142.250.185.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f10.1e100.net

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 07 Oct 2022 10:43:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 07 Oct 2022 09:59:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 07 Oct 2022 10:43:16 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame FAA1 2 KB
936 B 260ms
45ms Script
text/javascript 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f1.1e100.net

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 10:38:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 268
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Oct 2022 10:38:48 GMT

GET
H2 200 1c8b28b3f1e45bd861fb75f2fad01d8e.js Show response
www.gstatic.com/mysidia/ Frame FAA1 6 KB
2 KB 238ms
35ms Script
text/javascript 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1c8b28b3f1e45bd861fb75f2fad01d8e.js?tag=analytics_pingback_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

87cdc9a4af3ce62dc6e491a4a393307f40a3c90bbac8ada4baafff7390775b8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 06:29:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15226
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2262
x-xss-protection: 0
last-modified: Thu, 29 Sep 2022 20:53:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 06:29:30 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/ Frame FAA1 23 KB
9 KB 254ms
40ms Script
text/javascript 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f1.1e100.net

Software

cafe /

Resource Hash

7a2c6856e8437c3183ec517c59fc9724eb82cac59f685970113a7fb15ecd272c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 10:40:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 144
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9540
x-xss-protection: 0
server: cafe
etag: 6580860447119072478
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Oct 2022 10:40:52 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame FAA1 3 KB
1 KB 256ms
41ms Script
text/javascript 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f1.1e100.net

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 10:11:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1931
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Oct 2022 10:11:05 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame FAA1 17 KB
7 KB 241ms
27ms Script
text/javascript 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f1.1e100.net

Software

cafe /

Resource Hash

65f4e452b96ef3e5e3a4631d99c63dd7239dcbcb88de679ac74ac30d3d4988cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 10:07:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2128
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7528
x-xss-protection: 0
server: cafe
etag: 13775775994264215463
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Oct 2022 10:07:48 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FAA1 142 KB
44 KB 299ms
83ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

sffe /

Resource Hash

ba29faf5efe544ed157bbf56aafd0555a22103b36514708d7fcd196fc361c2f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 10:43:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45072
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664970042070988"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 07 Oct 2022 10:43:16 GMT

GET
H2 200 1d54d8cacad5994e062108e03542c880.js Show response
www.gstatic.com/mysidia/ Frame FAA1 33 KB
14 KB 242ms
40ms Script
text/javascript 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1d54d8cacad5994e062108e03542c880.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

39ea310e86ee5d4b745f48121268b8848ebbc92d2b9a1a791c36c7a03512b101

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 06:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15691
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13786
x-xss-protection: 0
last-modified: Fri, 07 Oct 2022 06:02:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 06:21:45 GMT

GET
H2 200 cc2fa6f05f6b7ab36f626f2501931c3a.js Show response
www.gstatic.com/mysidia/ Frame C2E6 10 KB
4 KB 189ms
17ms Script
text/javascript 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/cc2fa6f05f6b7ab36f626f2501931c3a.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

b5b7440eb01b4db530c8b12650e39b4a3bfb1b49b7518c76b08bb6e8b8434a2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 06:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15691
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4312
x-xss-protection: 0
last-modified: Fri, 07 Oct 2022 06:02:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 06:21:45 GMT

GET
H2 200 bca10ddd16af34d21051a380f937ccd2.js Show response
www.gstatic.com/mysidia/ Frame C2E6 18 KB
8 KB 203ms
32ms Script
text/javascript 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/bca10ddd16af34d21051a380f937ccd2.js?tag=pingback

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

781435863bd553fd2673b10b1dda8faad16ba7f9113560d4a9815615b8ddf5cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 07:39:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11028
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7723
x-xss-protection: 0
last-modified: Fri, 07 Oct 2022 06:02:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 07:39:28 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame C2E6 6 KB
745 B 30ms
28ms Stylesheet
text/css 142.250.185.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f10.1e100.net

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 07 Oct 2022 10:43:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 07 Oct 2022 10:07:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 07 Oct 2022 10:43:16 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame C2E6 2 KB
936 B 226ms
44ms Script
text/javascript 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f1.1e100.net

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 10:38:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 268
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Oct 2022 10:38:48 GMT

GET
H2 200 1c8b28b3f1e45bd861fb75f2fad01d8e.js Show response
www.gstatic.com/mysidia/ Frame C2E6 6 KB
2 KB 194ms
24ms Script
text/javascript 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1c8b28b3f1e45bd861fb75f2fad01d8e.js?tag=analytics_pingback_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

87cdc9a4af3ce62dc6e491a4a393307f40a3c90bbac8ada4baafff7390775b8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 06:29:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15226
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2262
x-xss-protection: 0
last-modified: Thu, 29 Sep 2022 20:53:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 06:29:30 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/ Frame C2E6 23 KB
9 KB 220ms
38ms Script
text/javascript 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f1.1e100.net

Software

cafe /

Resource Hash

7a2c6856e8437c3183ec517c59fc9724eb82cac59f685970113a7fb15ecd272c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 10:40:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 144
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9540
x-xss-protection: 0
server: cafe
etag: 6580860447119072478
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Oct 2022 10:40:52 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame C2E6 3 KB
1 KB 225ms
44ms Script
text/javascript 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f1.1e100.net

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 10:11:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1931
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Oct 2022 10:11:05 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame C2E6 17 KB
7 KB 210ms
29ms Script
text/javascript 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f1.1e100.net

Software

cafe /

Resource Hash

65f4e452b96ef3e5e3a4631d99c63dd7239dcbcb88de679ac74ac30d3d4988cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 10:07:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2128
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7528
x-xss-protection: 0
server: cafe
etag: 13775775994264215463
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Oct 2022 10:07:48 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C2E6 142 KB
44 KB 276ms
93ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

sffe /

Resource Hash

ba29faf5efe544ed157bbf56aafd0555a22103b36514708d7fcd196fc361c2f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 10:43:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45072
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664970042070988"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 07 Oct 2022 10:43:16 GMT

GET
H2 200 1d54d8cacad5994e062108e03542c880.js Show response
www.gstatic.com/mysidia/ Frame C2E6 33 KB
14 KB 206ms
37ms Script
text/javascript 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1d54d8cacad5994e062108e03542c880.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

39ea310e86ee5d4b745f48121268b8848ebbc92d2b9a1a791c36c7a03512b101

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 06:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15691
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13786
x-xss-protection: 0
last-modified: Fri, 07 Oct 2022 06:02:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 06:21:45 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A66E 143 B
224 B 18ms
15ms Document
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8461867512759166&output=html&h=60&slotname=8361068198&adk=3421289187&adf=4021755624&pi=t.ma~as.8361068198&w=468&lmt=1665139395&format=468x60&url=https%3A%2F%2Fscanurl.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665139395314&bpp=1&bdt=782&idt=135&shv=r20221003&mjsv=m202210030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=8267815838484&frm=20&pv=1&ga_vid=1235290233.1665139395&ga_sid=1665139395&ga_hid=733147286&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=761&ady=918&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070102%2C31068921&oid=2&pvsid=4138105946784769&tmod=1682621173&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7Cn&abl=XS&pfx=0&fu=1024&bc=31&ifi=3&uci=a!3&fsb=1&xpc=9PaCi9ZMuR&p=https%3A//scanurl.net&dtd=139
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1674
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 10:15:22 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame CE1B 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9528f6e9b65fbf5f3b6c9d546c1f4aed4e43f327fb1646bfc83ebd80be7a6243

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 742A 0
0 59ms
58ms Fetch
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C2zPHxAJAY5qYENmIxdwP0fa6uAyQ4YGEXLaoworwAsCNtwEQASAAYJXSo4KwB4IBF2NhLXB1Yi04NDYxODY3NTEyNzU5MTY2yAEJqQIj0McHP2-wPqgDAaoEvQFP0EWW8tbac_kv4aQrIT1mQUm6p5fD6ZFOSEvUbXszJMEFG89QEPPR31qMtdZXd2fg_317WpBBYik-dCb_UxEGvWH1nK3p6SDs-4m09YuNCZ6pBgFtnjE6GAcNub7ThUNDY7jMYFk8oVXew2qMU2rS7yQkrj2KD5X22cVZkZ89RgKJ_3Pcg00ZX_KIzF-6NHgcWr9r3jBkNlYzFPuVKaoqAWZlgGNRqhWHvLHkFQbA_mkVjGf1z6kiHrTHXeyABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItODQ2MTg2NzUxMjc1OTE2NhgA&sigh=_jakPOM9ZFc&uach_m=[UACH]&cid=CAQSOwCsnQUxtOAYIN7qQeGFyGfXQfHXbZ1UfZTvQtzB7LSqfuLIv9oUrhfT9zlwDH0aXjGK0mgI_JA_ElcVGAEgEw

Requested by

Host: scanurl.net
URL: https://scanurl.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8461867512759166&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1665139396&rafmt=1&to=qs&pwprc=9519448499&format=1200x90&url=https%3A%2F%2Fscanurl.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665139396208&bpp=1&bdt=1676&idt=1&shv=r20221003&mjsv=m202210030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6cc74fc0a7ee7254-2226746b3cce0061%3AT%3D1665139395%3ART%3D1665139395%3AS%3DALNI_Magk5f6Bt7oS1pEtfqXiUVrKIjISw&prev_fmts=0x0%2C300x250%2C468x60%2C819x280&nras=3&correlator=8267815838484&frm=20&pv=1&ga_vid=1235290233.1665139395&ga_sid=1665139395&ga_hid=733147286&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=208&ady=2628&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070102%2C31068921&oid=2&pvsid=4138105946784769&tmod=1682621173&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=eoBkGW745L&p=https%3A//scanurl.net&dtd=18
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 07 Oct 2022 10:43:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 742A 0
0 365ms
22ms Fetch
image/gif 34.95.89.54
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1kvc24rfc8dg4bv85e5rv8ra32sksp244wz9d3yy6vqnxfs0nwp8bkbsfzmba7e6h8b98zxg2k1tdqy2hsty89mpv2gnc1yja1h5g101h3wvwbchwqh7dk607msem64staq4avac03s5305rgav43x8qnb8bqs1e709j64bk1bvpc4y8hrcx3vbrzh9yqxn6fwwp3cmke5wgk7cjr3yfspx1sa8w87wg97f4qkh7byygh47pnv4knyz9eyr91neqxpkysnq9tfjwr2e6c5a75725sw2axycqr5f7243z5pq9h51maxq4vyvfb1wvfnfvp22vp29f09pmatwee0ng93w9tm21f7q0ag99erzv4c3sr292d9qddpy531ydhxm84edbnvzxpcyphh83fz1evme68c&b=Y0ACxAAEDBoFkURZAA67UezcD4lv8bRyIdXcvQ
Requested by: Host: scanurl.net
URL: https://scanurl.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.89.54 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 54.89.95.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 07 Oct 2022 10:43:17 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame E8B0 2 KB
2 KB 396ms
53ms Document
text/html 172.67.74.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1ga2833rf8avqtbr3d0kk88249v14mbr2q5jv3810phg83csbmeackwrja2ss4jyxc5tbd0vxkj880xn61x7v6jr1n0z32jnswt3e8c6p104st4p3pn8v40rsvacr645q710rs95cxc8p0hfngehfef8sgzda27nr8adnzr4ff8bs9j14fcywz7w95ms9g46m36b4qjpj21r3ek40rc84e8jxkaktz6qyzk9gmgbb313qjvj552hzfq8thz07cw39640em25xt09ass3t110z13hx02d5te4qvtwdvds2bxmk7anww1pc0zft4yz7dv7tw380sctnwn9q2dxr5r3c192y4vv4bn6mcqd6pc6waj7a3hq1az1frg28xp54y2ywft4njv6kss9jqs8jx8wmfrzncw7gv1e&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmmrtxAJAY5qYENmIxdwP0fa6uAyQ4YGEXLaoworwAsCNtwEQASAAYJXSo4KwB4IBF2NhLXB1Yi04NDYxODY3NTEyNzU5MTY2yAEJqQIj0McHP2-wPqgDAaoEwAFP0EWW8tbac_kv4aQrIT1mQUm6p5fD6ZFOSEvUbXszJMEFG89QEPPR31qMtdZXd2fg_317WpBBYik-dCb_UxEGvWH1nK3p6SDs-4m09YuNCZ6pBgFtnjE6GAcNub7ThUNDY7jMYFk8oVXew2qMU2rS7yQkrj2KD5X22cVZkZ89RgKJ_3Pcg00ZX_KIzF-6NHgcWr9r3jBkdFQShixsrurihi7zWirDWCyTthzuOx4dfqtcHp9h0YU6y2hYHSSjC-6ABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1UEFyRXkbfOWNkbgOURdzqoSByiQ%26client%3Dca-pub-8461867512759166%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8461867512759166&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1665139396&rafmt=1&to=qs&pwprc=9519448499&format=1200x90&url=https%3A%2F%2Fscanurl.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665139396208&bpp=1&bdt=1676&idt=1&shv=r20221003&mjsv=m202210030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6cc74fc0a7ee7254-2226746b3cce0061%3AT%3D1665139395%3ART%3D1665139395%3AS%3DALNI_Magk5f6Bt7oS1pEtfqXiUVrKIjISw&prev_fmts=0x0%2C300x250%2C468x60%2C819x280&nras=3&correlator=8267815838484&frm=20&pv=1&ga_vid=1235290233.1665139395&ga_sid=1665139395&ga_hid=733147286&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=208&ady=2628&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070102%2C31068921&oid=2&pvsid=4138105946784769&tmod=1682621173&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=eoBkGW745L&p=https%3A//scanurl.net&dtd=18

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ded584cb1732a8fe245f1425f7ec13460fe502f5704d46ad1d8598049b76d7ae

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 756608ef7fd4bbad-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 10:43:17 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame 742A 3 KB
1 KB 13ms
12ms Script
text/javascript 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f1.1e100.net

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 10:11:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1931
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Oct 2022 10:11:05 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5EA2 1 KB
758 B 30ms
13ms Document
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 62286
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 06 Oct 2022 17:25:10 GMT
etag: 48472445140208031
expires: Fri, 07 Oct 2022 17:25:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame 742A 17 KB
7 KB 14ms
12ms Script
text/javascript 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f1.1e100.net

Software

cafe /

Resource Hash

65f4e452b96ef3e5e3a4631d99c63dd7239dcbcb88de679ac74ac30d3d4988cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 10:07:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2128
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7528
x-xss-protection: 0
server: cafe
etag: 13775775994264215463
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 Oct 2022 10:07:48 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 742A 0
0 367ms
24ms Image
text/html 142.250.186.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTRAoagzNV_H1sRocqqRlY5XzY237oKWrqLGHTuvisqfo-8Gl-2Kf3GJWIXKfApc3iYWeSmjl_EavMcubINMRSMisve5Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8461867512759166&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1665139396&rafmt=1&to=qs&pwprc=9519448499&format=1200x90&url=https%3A%2F%2Fscanurl.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665139396208&bpp=1&bdt=1676&idt=1&shv=r20221003&mjsv=m202210030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6cc74fc0a7ee7254-2226746b3cce0061%3AT%3D1665139395%3ART%3D1665139395%3AS%3DALNI_Magk5f6Bt7oS1pEtfqXiUVrKIjISw&prev_fmts=0x0%2C300x250%2C468x60%2C819x280&nras=3&correlator=8267815838484&frm=20&pv=1&ga_vid=1235290233.1665139395&ga_sid=1665139395&ga_hid=733147286&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=208&ady=2628&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070102%2C31068921&oid=2&pvsid=4138105946784769&tmod=1682621173&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=eoBkGW745L&p=https%3A//scanurl.net&dtd=18
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 742A 142 KB
44 KB 35ms
34ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

sffe /

Resource Hash

ba29faf5efe544ed157bbf56aafd0555a22103b36514708d7fcd196fc361c2f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 10:43:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45072
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664970042070988"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 07 Oct 2022 10:43:16 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FAA1 0
121 B 49ms
48ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/bca10ddd16af34d21051a380f937ccd2.js?tag=pingback

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Oct 2022 10:43:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame FAA1 0
0 59ms
59ms Fetch
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CxR9_wwJAY8XFLISD9fgPlrSo6A-c4YbTbLOxmrWgDquU9P0IEAEggo3vBWCV0qOCsAegAY3s5NkCyAEBqQLRNbWCRm6oPqgDAcgDywSqBMsBT9DoilGYNd4fX16F7IGsSn739L409zB_hF2jk0o5G1YIRzpn7hTQ3oKVYmLwXs-6Qmn2phsjcibVL1DEwMB_UQOYM1lwl9xukN0WvRVHBQZ2dvz_XW1nXttU9oj1ZPBDUHqTe4j_KTt0xsZLjtXu1nOlj56gIkhwxraI1oxC22PyLxIOL99tvyTEtA5NewYS_kkKCua9zoGIIiweaHxOZFkpjCNKRMFhu3VGQjfc237R-cZPATEqQh8u9saFVNqCrkO48UVF3RZtN_PABKDAnczmA5IFBAgEGAGSBQQIBRgEgAfbk5umAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEL3wA9IIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMNiBQK0BUBgBcBshccChoIABIUcHViLTg0NjE4Njc1MTI3NTkxNjYYAA&sigh=--LOwWlQb24&uach_m=[UACH]

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 07 Oct 2022 10:43:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7433 143 B
200 B 14ms
13ms Document
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1674
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 10:15:22 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame AEBA 22 KB
8 KB 13ms
12ms Document
text/html 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 12908
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 07:08:08 GMT
expires: Sat, 07 Oct 2023 07:08:08 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame B894 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c30fd5981e891534b1af1ad758f5e6964a8aaac24f940763310b5bd235cdebb5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame FAA1 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fcff2aef4ff8749540ffa43ccd0c7814fec118268e19c2a36407701e371ae91c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A66E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
168 B

338ms
36ms

Document
text/html

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 10:43:17 GMT
expires: Fri, 07 Oct 2022 10:43:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 10:43:17 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 index.html Show response
s0.2mdn.net/sadbundle/4432276832174944504/MAR432-emailSearch-PL-newSite-300x250-v1/ Frame FC61 4 KB
2 KB 348ms
14ms Document
text/html 172.217.18.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4432276832174944504/MAR432-emailSearch-PL-newSite-300x250-v1/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f6.1e100.net

Software

sffe /

Resource Hash

f3c935cd389da1c520983bc6bd066db9040e370bf8e996b07a9b248e042e8530

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 347988
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1580
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 03 Oct 2022 10:03:29 GMT
expires: Tue, 03 Oct 2023 10:03:29 GMT
last-modified: Tue, 17 May 2022 23:27:34 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame CE1B 28 KB
28 KB 14ms
14ms Font
font/woff2 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f3.1e100.net

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 22:13:37 GMT
x-content-type-options: nosniff
age: 304179
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Oct 2023 22:13:37 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C2E6 0
56 B 48ms
48ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChQIByoQd2ViX2ludGVyc3RpdGlhbAoHCAgqA2x0cgoKCAEqBnRvd2VyQQoKCAIqBnNlcnZlcgoxCAQqLW15c2lkaWFfYW5hbHl0aWNzX2V4cDMsbXlzaWRpYV9yZWxlYXNlX2NhbmFyeQoNECshAAAAAAAAFEAwBAoNEAMhAABAMzO7cUAwBAoNEA0hAAAAAAAAAAAwBAoJEB4qAzB4MDAECgkQGSoDMHgwMAQKDRArIQAAAAAAACBAMAQKDRAQIQAAAAAAAAAAMAQKDRARIQAAAACABdRAMAQKDRASIQAAAAAAACBAMAQKDRATIQAAAAAAABBAMAQKDRAXIQAAAAAA4H5AMAQKDRAUIQAAAACA8dRAMAQKDRAVIQAAAAAAACRAMAQKDRAWIQAAAAAAABRAMAQKDRAYIQAAwMzMhIBAMAQSGkNJU3p2TkgzemZvQ0ZZUkJIUWtkRmhvS19RIhxzY3JlYW0vdGhyb25lX2ltYWdlX2xvZ29fb2NoKBE=

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/bca10ddd16af34d21051a380f937ccd2.js?tag=pingback

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Oct 2022 10:43:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 5EA2 35 B
464 B 335ms
9ms Image
image/gif 91.228.74.251
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJJysnHQQl5mXc07gVndHMM&google_cver=1&google_push=AZmPxg_RdCo97WbIjFSNgh7HaPxUW7eIIHCFC663VFrmpU8tkbBAQTvGmigKwoa_59KSNhecTDHqSMx5NrAKjDcf3YLSnBTYzEE

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.251 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Oct 2022 10:43:17 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 5EA2 43 B
352 B 65ms
21ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEC7G_XatiC4galZSVtBf1eA&google_cver=1&google_push=AZmPxg8CSq8cbSZ8CE9V1_luzolnyabSDs1Wua2nkjfYuqsvcMwebCsdpnHRefXlXmpBIwCn1QDgx7Ein7I7AhBJbNJCLey0Js9X
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8461867512759166&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1665139396&rafmt=1&to=qs&pwprc=9519448499&format=1200x90&url=https%3A%2F%2Fscanurl.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665139396208&bpp=1&bdt=1676&idt=1&shv=r20221003&mjsv=m202210030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6cc74fc0a7ee7254-2226746b3cce0061%3AT%3D1665139395%3ART%3D1665139395%3AS%3DALNI_Magk5f6Bt7oS1pEtfqXiUVrKIjISw&prev_fmts=0x0%2C300x250%2C468x60%2C819x280&nras=3&correlator=8267815838484&frm=20&pv=1&ga_vid=1235290233.1665139395&ga_sid=1665139395&ga_hid=733147286&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=208&ady=2628&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070102%2C31068921&oid=2&pvsid=4138105946784769&tmod=1682621173&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=eoBkGW745L&p=https%3A//scanurl.net&dtd=18
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Oct 2022 10:43:16 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 1kf987dt6dvt3b0d04bkjgkjk0dblpgg

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 5EA2 0
166 B 107ms
19ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEPpaZmpUUDeczMIuRNZU7J4&google_cver=1&google_push=AZmPxg_nPUguCNVZNBItsQozK6mpYF32OT_njwjU_96Ok3zvsLDWXPELS8pPRebEShhF6D0IHyxovpnx4EYM_qxc9uVFK27cdIRq
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8461867512759166&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1665139396&rafmt=1&to=qs&pwprc=9519448499&format=1200x90&url=https%3A%2F%2Fscanurl.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665139396208&bpp=1&bdt=1676&idt=1&shv=r20221003&mjsv=m202210030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6cc74fc0a7ee7254-2226746b3cce0061%3AT%3D1665139395%3ART%3D1665139395%3AS%3DALNI_Magk5f6Bt7oS1pEtfqXiUVrKIjISw&prev_fmts=0x0%2C300x250%2C468x60%2C819x280&nras=3&correlator=8267815838484&frm=20&pv=1&ga_vid=1235290233.1665139395&ga_sid=1665139395&ga_hid=733147286&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=208&ady=2628&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070102%2C31068921&oid=2&pvsid=4138105946784769&tmod=1682621173&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=eoBkGW745L&p=https%3A//scanurl.net&dtd=18
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Fri, 07 Oct 2022 10:43:16 GMT
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5EA2
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFgYrCB4Kfuai9P1F762q-g&google_cver=1&google_push=AZmPxg9RYI7mnvr2CRzeVKRzNw-sCV4LHq-uXjGqyYLRCWQ2Tny_EJTGN3VhPS9zl-2FZxRUUoI...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhZRDA1S0ktMUQtOVQ0Wg==&google_push=AZmPxg9RYI7mnvr2CRzeVKRzNw-sCV4LHq-uXjGqyYLRCWQ2Tny_EJTGN3VhPS9zl-2FZxRUUoI-O7ivq4nKTvDEpXumOc1rdOSQ

170 B
329 B

34ms
34ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhZRDA1S0ktMUQtOVQ0Wg==&google_push=AZmPxg9RYI7mnvr2CRzeVKRzNw-sCV4LHq-uXjGqyYLRCWQ2Tny_EJTGN3VhPS9zl-2FZxRUUoI-O7ivq4nKTvDEpXumOc1rdOSQ

Requested by

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Oct 2022 10:43:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhZRDA1S0ktMUQtOVQ0Wg==&google_push=AZmPxg9RYI7mnvr2CRzeVKRzNw-sCV4LHq-uXjGqyYLRCWQ2Tny_EJTGN3VhPS9zl-2FZxRUUoI-O7ivq4nKTvDEpXumOc1rdOSQ
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5EA2
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEB_65T_UkUs0ohpoErjqxfE&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEB_65T_UkUs0ohpoErjqxfE&google_push=AZ...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEB_65T_UkUs0ohpoErjqxfE&google_hm=Y0ACxQfRvRGLZTHe0y0u8QAABKUAAAAB&google_nid=index&google_push=AZmPxg_MJMgfKttZN9do5gU7kgC1RVDo2dL3H...

170 B
188 B

24ms
23ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEB_65T_UkUs0ohpoErjqxfE&google_hm=Y0ACxQfRvRGLZTHe0y0u8QAABKUAAAAB&google_nid=index&google_push=AZmPxg_MJMgfKttZN9do5gU7kgC1RVDo2dL3HcNquiAVi_W_0G_fqwG61gFw9kdkeYSeSN1SzaZ8scyEQ-p-tiVi7ZGDSi2SWMsn

Requested by

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Oct 2022 10:43:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 07 Oct 2022 10:43:17 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEB_65T_UkUs0ohpoErjqxfE&google_hm=Y0ACxQfRvRGLZTHe0y0u8QAABKUAAAAB&google_nid=index&google_push=AZmPxg_MJMgfKttZN9do5gU7kgC1RVDo2dL3HcNquiAVi_W_0G_fqwG61gFw9kdkeYSeSN1SzaZ8scyEQ-p-tiVi7ZGDSi2SWMsn
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H2 200 trk
ag.innovid.com/ Frame 5EA2 43 B
297 B 466ms
21ms Image
image/gif 3.11.254.218
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESECF0OD9byt2H6zuVaJYNlGg&google_cver=1&google_push=AZmPxg_VnijmhYOxEl4aXl7iOe0LpJMVG-LhrIv1onk5FbgTmL_XzSKujiIbwSFnBT2hXbSuSsrbTg_1_YaFyVRhiCh0QMj92lIM
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8461867512759166&output=html&h=90&adk=2743202993&adf=1839787983&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1665139396&rafmt=1&to=qs&pwprc=9519448499&format=1200x90&url=https%3A%2F%2Fscanurl.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665139396208&bpp=1&bdt=1676&idt=1&shv=r20221003&mjsv=m202210030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6cc74fc0a7ee7254-2226746b3cce0061%3AT%3D1665139395%3ART%3D1665139395%3AS%3DALNI_Magk5f6Bt7oS1pEtfqXiUVrKIjISw&prev_fmts=0x0%2C300x250%2C468x60%2C819x280&nras=3&correlator=8267815838484&frm=20&pv=1&ga_vid=1235290233.1665139395&ga_sid=1665139395&ga_hid=733147286&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=208&ady=2628&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531706%2C31070102%2C31068921&oid=2&pvsid=4138105946784769&tmod=1682621173&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=1152&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=eoBkGW745L&p=https%3A//scanurl.net&dtd=18
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.11.254.218 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-11-254-218.eu-west-2.compute.amazonaws.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 07 Oct 2022 10:43:17 GMT
cache-control: no-cache
content-length: 43
request-time: 0
expires: -1

GET googleredir
googlecm.hit.gemius.pl/ Frame 5EA2 0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 5EA2 0
78 B 52ms
32ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IPm5Edyc-E2SXRrhYzNnO1EQ2lkWT_XpO0TioyHb0thNSMSAiDIXl3SkITRWbSZYZDn4ppeA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 10:43:16 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js Show response
pagead2.googlesyndication.com/bg/ Frame E2D6 36 KB
16 KB 13ms
13ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

8272ed99c2fe9a7e77a6af842513173821400a3a597748aa888bfcd284de29ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 07:52:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 269445
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16010
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Oct 2023 07:52:31 GMT

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7433
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
145 B

342ms
40ms

Document
text/html

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 10:43:17 GMT
expires: Fri, 07 Oct 2022 10:43:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 10:43:17 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 742A 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 02b0828e85ebe8a2f9546ad400455eb44b75f080afec13500f72a9ec2b4fb3fb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js Show response
pagead2.googlesyndication.com/bg/ Frame 8AEB 36 KB
16 KB 13ms
13ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

8272ed99c2fe9a7e77a6af842513173821400a3a597748aa888bfcd284de29ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 07:52:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 269445
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16010
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Oct 2023 07:52:31 GMT

GET
H2 200 gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js Show response
pagead2.googlesyndication.com/bg/ Frame AEBA 36 KB
16 KB 13ms
13ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

8272ed99c2fe9a7e77a6af842513173821400a3a597748aa888bfcd284de29ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 07:52:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 269445
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16010
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Oct 2023 07:52:31 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FAA1 0
56 B 48ms
48ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoSCAEqDmJhbm5lci12YW5pbGxhCgoIAioGc2VydmVyCjEIBCotbXlzaWRpYV9hbmFseXRpY3NfZXhwMyxteXNpZGlhX3JlbGVhc2VfY2FuYXJ5Cg0QCiEAAADAzMz8PzAECg0QDSEAAAAAAAAAADAECg4QHioIMTAwNXgxMjQwBAoOEBkqCDEwMDV4MTI0MAQKDRAOIQAAAACcmbk_MAQKDRAEIQAAAAAAIHtAMAQKDRAPIQAAAAAAAAAAMAQKDRArIQAAAAAAYGVAMAQKDRAFIQAAwMzMJHtAMAQKDRAQIQAAAAAAcLJAMAQKDRARIQAAAACABdRAMAQKDRASIQAAAAAAACBAMAQKDRATIQAAAAAAABBAMAQKDRAXIQAAAAAAKH9AMAQKDRAUIQAAAACA49VAMAQKDRAVIQAAAAAAACpAMAQKDRAWIQAAAAAAABhAMAQKDRAYIQAAwMzMCINAMAQKDRAyIQAAAACamck_MAQKDRAzIQAAAACamck_MAQKDRA0IQAAAACamck_MAQKDRA1IQAAAACamck_MAQKDRA2IQAAAACamck_MAQKDRA3IQAAAACamck_MAQKDRA4IQAAAAAAAPg_MAQKDRA5IQAAAJiZmS5AMAQKDRA6IQAAAAAAADBAMAQKDRA7IQAAAAAAIH9AMAQKDRA8IQAAAAAAIH9AMAQKDRA9IQAAAAAAKH9AMAQKDRA-IQAAoJmZvYJAMAQKDRA_IQAAoJmZvYJAMAQKDRBAIQAAwMzMJINAMAQSGkNJV3p2TkgzemZvQ0ZZUkJIUWtkRmhvS19RIhZ0ZXh0L3ZhbmlsbGFfaGlnaGxpZ2h0KBU=

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/bca10ddd16af34d21051a380f937ccd2.js?tag=pingback

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Oct 2022 10:43:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.23/one-ad/ Frame E8B0 85 KB
10 KB 335ms
34ms Stylesheet
text/css 172.67.74.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.23/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1ga2833rf8avqtbr3d0kk88249v14mbr2q5jv3810phg83csbmeackwrja2ss4jyxc5tbd0vxkj880xn61x7v6jr1n0z32jnswt3e8c6p104st4p3pn8v40rsvacr645q710rs95cxc8p0hfngehfef8sgzda27nr8adnzr4ff8bs9j14fcywz7w95ms9g46m36b4qjpj21r3ek40rc84e8jxkaktz6qyzk9gmgbb313qjvj552hzfq8thz07cw39640em25xt09ass3t110z13hx02d5te4qvtwdvds2bxmk7anww1pc0zft4yz7dv7tw380sctnwn9q2dxr5r3c192y4vv4bn6mcqd6pc6waj7a3hq1az1frg28xp54y2ywft4njv6kss9jqs8jx8wmfrzncw7gv1e&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmmrtxAJAY5qYENmIxdwP0fa6uAyQ4YGEXLaoworwAsCNtwEQASAAYJXSo4KwB4IBF2NhLXB1Yi04NDYxODY3NTEyNzU5MTY2yAEJqQIj0McHP2-wPqgDAaoEwAFP0EWW8tbac_kv4aQrIT1mQUm6p5fD6ZFOSEvUbXszJMEFG89QEPPR31qMtdZXd2fg_317WpBBYik-dCb_UxEGvWH1nK3p6SDs-4m09YuNCZ6pBgFtnjE6GAcNub7ThUNDY7jMYFk8oVXew2qMU2rS7yQkrj2KD5X22cVZkZ89RgKJ_3Pcg00ZX_KIzF-6NHgcWr9r3jBkdFQShixsrurihi7zWirDWCyTthzuOx4dfqtcHp9h0YU6y2hYHSSjC-6ABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1UEFyRXkbfOWNkbgOURdzqoSByiQ%26client%3Dca-pub-8461867512759166%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34c3ae81cd958df09f8912557b0a7c53fea002cc24b4d6058d852da53811e414

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1ga2833rf8avqtbr3d0kk88249v14mbr2q5jv3810phg83csbmeackwrja2ss4jyxc5tbd0vxkj880xn61x7v6jr1n0z32jnswt3e8c6p104st4p3pn8v40rsvacr645q710rs95cxc8p0hfngehfef8sgzda27nr8adnzr4ff8bs9j14fcywz7w95ms9g46m36b4qjpj21r3ek40rc84e8jxkaktz6qyzk9gmgbb313qjvj552hzfq8thz07cw39640em25xt09ass3t110z13hx02d5te4qvtwdvds2bxmk7anww1pc0zft4yz7dv7tw380sctnwn9q2dxr5r3c192y4vv4bn6mcqd6pc6waj7a3hq1az1frg28xp54y2ywft4njv6kss9jqs8jx8wmfrzncw7gv1e&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmmrtxAJAY5qYENmIxdwP0fa6uAyQ4YGEXLaoworwAsCNtwEQASAAYJXSo4KwB4IBF2NhLXB1Yi04NDYxODY3NTEyNzU5MTY2yAEJqQIj0McHP2-wPqgDAaoEwAFP0EWW8tbac_kv4aQrIT1mQUm6p5fD6ZFOSEvUbXszJMEFG89QEPPR31qMtdZXd2fg_317WpBBYik-dCb_UxEGvWH1nK3p6SDs-4m09YuNCZ6pBgFtnjE6GAcNub7ThUNDY7jMYFk8oVXew2qMU2rS7yQkrj2KD5X22cVZkZ89RgKJ_3Pcg00ZX_KIzF-6NHgcWr9r3jBkdFQShixsrurihi7zWirDWCyTthzuOx4dfqtcHp9h0YU6y2hYHSSjC-6ABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1UEFyRXkbfOWNkbgOURdzqoSByiQ%26client%3Dca-pub-8461867512759166%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 10:43:17 GMT
strict-transport-security: max-age=86400; includeSubDomains; preload
via: 1.1 google
x-content-type-options: nosniff
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
cf-cache-status: HIT
age: 937560
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=86781
surrogate-control: no-store
content-encoding: br
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 26 Sep 2022 14:17:17 GMT
cross-origin-opener-policy: unsafe-none
server: cloudflare
x-download-options: noopen
vary: accept-encoding
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 756608f1cefbbbad-FRA
expires: 0

GET
H2 200 fxpcopuw.js Show response
ad4m.at/ Frame E8B0 36 KB
13 KB 56ms
46ms Script
application/javascript 172.67.74.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/fxpcopuw.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1ga2833rf8avqtbr3d0kk88249v14mbr2q5jv3810phg83csbmeackwrja2ss4jyxc5tbd0vxkj880xn61x7v6jr1n0z32jnswt3e8c6p104st4p3pn8v40rsvacr645q710rs95cxc8p0hfngehfef8sgzda27nr8adnzr4ff8bs9j14fcywz7w95ms9g46m36b4qjpj21r3ek40rc84e8jxkaktz6qyzk9gmgbb313qjvj552hzfq8thz07cw39640em25xt09ass3t110z13hx02d5te4qvtwdvds2bxmk7anww1pc0zft4yz7dv7tw380sctnwn9q2dxr5r3c192y4vv4bn6mcqd6pc6waj7a3hq1az1frg28xp54y2ywft4njv6kss9jqs8jx8wmfrzncw7gv1e&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmmrtxAJAY5qYENmIxdwP0fa6uAyQ4YGEXLaoworwAsCNtwEQASAAYJXSo4KwB4IBF2NhLXB1Yi04NDYxODY3NTEyNzU5MTY2yAEJqQIj0McHP2-wPqgDAaoEwAFP0EWW8tbac_kv4aQrIT1mQUm6p5fD6ZFOSEvUbXszJMEFG89QEPPR31qMtdZXd2fg_317WpBBYik-dCb_UxEGvWH1nK3p6SDs-4m09YuNCZ6pBgFtnjE6GAcNub7ThUNDY7jMYFk8oVXew2qMU2rS7yQkrj2KD5X22cVZkZ89RgKJ_3Pcg00ZX_KIzF-6NHgcWr9r3jBkdFQShixsrurihi7zWirDWCyTthzuOx4dfqtcHp9h0YU6y2hYHSSjC-6ABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1UEFyRXkbfOWNkbgOURdzqoSByiQ%26client%3Dca-pub-8461867512759166%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22cadce4f1aad2a4af3657f90efa02d4e3d32217fdf307ff69512771d1fb08ab

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 10:43:17 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 206861
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 27 Jul 2022 10:39:36 GMT
server: cloudflare
etag: W/"1a2552545a3303319c45b19addfd8947"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2O3KeWppP22KFlL%2BFl7IY4zAE4FuaErzdrsQY6qihq7Tt%2BxzWAPIeRaAKaU9rdo9j0WACBmMB%2BWLqpM4V1KoFyQiAUEla%2BSo7XgzCi4Kvi4FJQviHzrj%2FLM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 756608eff93fbbad-FRA
expires: Wed, 28 Sep 2022 13:12:18 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AEBA 0
56 B 351ms
50ms Image
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BEi_lwwJAY7_PLtiUygWF4ZXACAAAAAA4AeAEAg&bg=!pKelp-PNAAYQgTJdMIE7ACkAdvg8WtwKxkAA_DwuQHCeKtpbLn8Kpu4b87LBaqQHO1R-xsN67XHUCQIAAABnUgAAAAFoAQeZAvozOe1cxX7SALXO1uMHPAhVanMRwoXRfh5d6JK-40Suy98KrLbod9LsVh5bFHluaz4MiVFJHtZPCY3UHwFWkgpwwxT30FMxQoFewE81Bqko9KlcyWPsH4U2duSVqm4mWvt9_0ycjZXTMPuC3IsQ3e_GUdixm4KiFPdDlMIi3xS_bZ1PKqOr0HqZf4qtCtyF7Jqnqschm2_gQ9V6Kn_DDXJilaUf6-bG77OPgxiCQwRJOSb-l-d7vW4371DvZfbNPFe-AV3PLSiLXUOqVQNC8OtRDWL2oEZ3SWVTTN8HZWw13FeMd0KDPgF74l9OGMNyUeKfiK_K_kQSD4trIXwcTUnBJJDXXyIKnrIl5LniKl1wF7WsVk1wAhao6T8nHkXicdK9AvTEu-E3Ws7IHKm9edUeHpH2Y_EW_xbXqCihL9Ke9Tmu7TvOGwX2JGlbOiftw-K88l4AD2FEu3WXMwcHNbu2H8qytx0KGDU2lkHYAqAFR-99nTbPXhAcCzYLCph7IwAi1CrVJe68sNPEEus9-3Wmox2At3yqSt2VJbRx9ptS5Q90UDk5_my0l7SGHX3oweuXnjtcxpER1wa9uE5ALX1EWpuGKysOWh0VzhzFtRqXpQQXtKL3iwGhBYUzIyYNd5XNrkG6J54qxsVyKcgTiMHtlTWaXq7agnhUco_PonCDePbujSfyrJwepgkb2g3jhL2srRFqSIWrzUpuiimyWSRaCZ7599eQoVba4VDnWqoPF1p-9_YSTVegnPBCuXiorlAYMiudpzpPgx2hJOq8dz4-NGx9jOmMSPD3uXGCzolnaK9HlDHL3UVVj1yYhxwVFFlJhZ9qPpp_NuqYSmZ-sYE_ricIV1jPZ7JxHgJUOXRKSUq2TMyXuVFf49K64dhVOnGo_3z_b4HAuUuW4XKo02xPUf-5DqDgqQf1vRR0uUWNrjBovlvSx7iggmW2oM7smnbvLgqdamOJ208vK7roAOdvp_pNj-y15JEpZTWGjKx3tnUNx0gqNBvOGN0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Oct 2022 10:43:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 style.css
s0.2mdn.net/sadbundle/4432276832174944504/MAR432-emailSearch-PL-newSite-300x250-v1/styles/ Frame FC61 3 KB
1 KB 314ms
13ms Stylesheet
text/css 172.217.18.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4432276832174944504/MAR432-emailSearch-PL-newSite-300x250-v1/styles/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4432276832174944504/MAR432-emailSearch-PL-newSite-300x250-v1/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f6.1e100.net

Software

sffe /

Resource Hash

4d7fef468209aab016b6eeda74904223465bad41cd4fdbc652b4deda86d0667f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4432276832174944504/MAR432-emailSearch-PL-newSite-300x250-v1/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 06 Oct 2022 00:12:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 124267
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1116
x-xss-protection: 0
last-modified: Tue, 17 May 2022 23:27:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 06 Oct 2023 00:12:10 GMT

GET
H2 200 base64.js Show response
s0.2mdn.net/sadbundle/4432276832174944504/MAR432-emailSearch-PL-newSite-300x250-v1/scripts/ Frame FC61 5 KB
2 KB 316ms
15ms Script
application/x-javascript 172.217.18.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4432276832174944504/MAR432-emailSearch-PL-newSite-300x250-v1/scripts/base64.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4432276832174944504/MAR432-emailSearch-PL-newSite-300x250-v1/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f6.1e100.net

Software

sffe /

Resource Hash

d47b15f9ceed997958d2926eb66869594d088cbd2e0a9cb1903d8517ed32b86e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4432276832174944504/MAR432-emailSearch-PL-newSite-300x250-v1/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 23:31:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 299490
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1827
x-xss-protection: 0
last-modified: Tue, 17 May 2022 23:27:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 Oct 2023 23:31:47 GMT

GET
H2 200 script.js Show response
s0.2mdn.net/sadbundle/4432276832174944504/MAR432-emailSearch-PL-newSite-300x250-v1/scripts/ Frame FC61 2 KB
758 B 315ms
14ms Script
application/x-javascript 172.217.18.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4432276832174944504/MAR432-emailSearch-PL-newSite-300x250-v1/scripts/script.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4432276832174944504/MAR432-emailSearch-PL-newSite-300x250-v1/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f6.1e100.net

Software

sffe /

Resource Hash

3f8902b2ef1529cf29e51f884b2e620fe744652af24117c51bbd8e328af4059d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4432276832174944504/MAR432-emailSearch-PL-newSite-300x250-v1/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 12:08:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 254107
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 644
x-xss-protection: 0
last-modified: Tue, 17 May 2022 23:27:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Oct 2023 12:08:10 GMT

GET
H2 200 gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js Show response
pagead2.googlesyndication.com/bg/ Frame 152E 36 KB
16 KB 314ms
13ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

8272ed99c2fe9a7e77a6af842513173821400a3a597748aa888bfcd284de29ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 07:52:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 269446
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16010
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Oct 2023 07:52:31 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame E8B0 3 KB
4 KB 488ms
57ms Image
image/png 104.26.7.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.23/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.7.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 10:43:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 22043679
x-guploader-uploadid: ADPycdvwP-NwgXqNEbyI2qkcz3h5-Ehsvrbo1BzPr2w5R7YEx4A4494G82MbZGb67-CgTESrTtVZjLf5PX4N9CeItuw
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1623242114099744
content-type: image/png
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=31536000, immutable
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XF5Gk%2Bsqtd73pp2mRFaosGUyt10bJDDYG6kJ0VCnKbNw70MGTBTKzgYNMOj8oQ5KqnjiJQLLJOHGzArTa%2FvnmBZabBREBLsbkelBqyBsIS4gISTpUm2Q9e2CNX8HqXI0mKgrn2L%2B"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 756608f4fcd89079-FRA
expires: Wed, 25 Jan 2023 07:28:38 GMT

GET
H2 200 frame.html Show response
ad4m.at/ Frame BBDB 2 KB
1 KB 341ms
40ms Document
text/html 172.67.74.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1003085
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 756608f42d78bbad-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Fri, 07 Oct 2022 10:43:17 GMT
expires: Sun, 25 Sep 2022 21:03:20 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BQ5oSnbLi3PqDBaj02ERWp2HVXs7ep2PJ8eu7UG5OSZbY%2BRnV%2Bj3Gvl5JZtyKFqOb7CMMP%2BEo0xRbMrqgsCYwNwdU7JYsxnGvpogOkNVv%2Bobgry%2Fx%2F5veQQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 bg.jpg
s0.2mdn.net/sadbundle/4432276832174944504/MAR432-emailSearch-PL-newSite-300x250-v1/images/ Frame FC61 53 KB
53 KB 314ms
14ms Image
image/jpeg 172.217.18.6
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4432276832174944504/MAR432-emailSearch-PL-newSite-300x250-v1/images/bg.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4432276832174944504/MAR432-emailSearch-PL-newSite-300x250-v1/styles/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f6.1e100.net

Software

sffe /

Resource Hash

b985df1b23c337c5736a60b61762aee46767a86f38d25358e954b6c6a608d0db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4432276832174944504/MAR432-emailSearch-PL-newSite-300x250-v1/styles/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 19:42:49 GMT
x-content-type-options: nosniff
age: 140428
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54293
x-xss-protection: 0
last-modified: Tue, 17 May 2022 23:27:34 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 05 Oct 2023 19:42:49 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FAA1 42 B
174 B 354ms
53ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu5PUhH07HMytfu4b3qYLyshgIwir93BO5_T5-pVWnqGaaqLF0pPGs_inNidLYXstPVQdS6yE0V0pH4XUgCaestql7iPybIi8hyhUMGFXzrlKgCkChOu920dXXCyizkTO3nYnW-IQ&sai=AMfl-YQshBcMJurR84pbmZE-m704ZyfC2KLa8AspkP0VXBfCc94qLU8AcoLj1nbNZl84-mo1qj7NAoHacD0VvQA&sig=Cg0ArKJSzB_DMwG_fqrIEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=303,965,1000,1000,1000&tos=303,662,35,0,0&v=20221005&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1665139396282&rpt=609&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Oct 2022 10:43:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 rs Show response
ad4m.at/ Frame E8B0 1 KB
1 KB 339ms
38ms XHR
text/plain 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47a6b8dd5b97516c7442d8e3cb4f88a845288a06195fc2d8bfcb60d29087f3ec

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 07 Oct 2022 10:43:18 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GlzE8mGwCQZFFGjA6KmY4g1Ubk%2BFOUDz7aen0T%2FSkxK%2B1DGFHVUa6DBlWWYMZnaqEtW8ZpzQP1Y5FkqmnV9kLpO%2BVp7ZJIeWmfureLENJUV1AxdtYgpHznk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 756608fafc1b9b37-FRA
x-backend-server: aa-reachservice-group-europe-west1-2p34
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H2 200 rs
ad4m.at/ Frame 0
0 650ms
30ms Preflight
text/plain 104.26.10.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.10.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 756608f8e9329b37-FRA
content-length: 24
content-type: text/plain
date: Fri, 07 Oct 2022 10:43:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M3Iufnx%2BTPMvJVPubsiDefENv53uD9zGL8vfwk4iF0QU7NBLTpIjpBQZgG9WCZ2a3WEmoMV8UL5ZrVLaBnj%2FaE6MHvPArnQU%2Bc2a%2BU1sf6wLelvP%2FLkkw58%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-2p34

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 330ms
29ms XHR
application/json 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221003&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

3c467c5fed64c717fe989cd27cff058b631f3c65d041298dfa4b4aa6e07085ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scanurl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 10:43:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11375
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 329ms
28ms Script
text/javascript 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scanurl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 10:43:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 07 Oct 2022 10:43:18 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CE1B 42 B
108 B 358ms
57ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuwFRa8PgmqWbDcLTO-qLpVXGRB7UQSldcbadLM5eKMF8C_tl9uKDrsPxlun1lrz1hrOi7m7LaNcbMxUUDqOtZDng1BwvdzKACqFvANZxe4C61dLK0RQ7RXDwx3nfhOcfsfcGmnvg&sai=AMfl-YQznzeukqvlt_CSrm76hYfMsXax86yOsSSk4VXY6QRTdvuBQfKo1UiybOxULMR1ftjn5ambdX2gWhq8IJ4&sig=Cg0ArKJSzPgQLdw9DZGWEAE&id=lidar2&mcvt=1000&p=0,0,60,468&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221005&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3421289187&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1665139395454&rpt=1988&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Oct 2022 10:43:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E319 13 KB
5 KB 313ms
13ms Document
text/html 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://scanurl.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2999
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 09:53:19 GMT
expires: Sat, 07 Oct 2023 09:53:19 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4150 783 B
970 B 331ms
30ms Document
text/html 142.250.186.164
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f4.1e100.net

Software

GSE /

Resource Hash

3ebd8314d52c7d3d64595d6d42e5039e6877a838fa0746eeda69d5382ee83496

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-AqowyUNwXZkGt9RBgbis1A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://scanurl.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-AqowyUNwXZkGt9RBgbis1A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 10:43:18 GMT
expires: Fri, 07 Oct 2022 10:43:18 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B894 42 B
108 B 352ms
51ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssFcca94CPU_2votRU4EnmsyoqrShF52DWjHtjS7IkWV3UaYIjvcQmK2sQr8-0Dd7rYxHynOMU7zqrv1tvQ4S8GZMgrYYgVYVcYlnk3Cpu2i3t_SCn40HLCJ2cHg910b76APhLVNXOET4wYmwR-5D8fuW-Ze7I6s7P_sxPdFZZSob6hPhvueTYMJv4ixJH2Bg&sai=AMfl-YQ-lNNh8pFDIjdppSJ4nirI-qw9Pdf3Dc6HIV5PEKjnaQKzCKpfjRYKqV09L5DpfuU1UlOSjP6Zx6PBm1k&sig=Cg0ArKJSzIsCUiSXmsj7EAE&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221005&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=300508382&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1665139395447&rpt=2408&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Oct 2022 10:43:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame D020 10 KB
4 KB 352ms
51ms Document
text/html 172.67.74.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=196438%2C24673%2C14019&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=6e3184dbbdb0bcc52ac064125221ba7a%2F12266327316882637105&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1665139398896&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jcpb31kw8yqz2mmv5jr3cbv34t4mbmvbykmdbyesbmrka1rb32swyr3xf4ha1htkb0mmk2kv3awbk2rthtprfz2x64nekf3ycbs8qg1mtr1w81t4h100znzw71amxepd4ypw0b8y6bexb6ag6c978e7cw0aswwxyneazyj1y8gj4engwn521kknk0e1txpmnc5yeksdhm8zm430xcvfsefbdxnk51ff8efatnehq016thqbjsvnezzctsgt0f5vmfhtkgqt1bdk8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmmrtxAJAY5qYENmIxdwP0fa6uAyQ4YGEXLaoworwAsCNtwEQASAAYJXSo4KwB4IBF2NhLXB1Yi04NDYxODY3NTEyNzU5MTY2yAEJqQIj0McHP2-wPqgDAaoEwAFP0EWW8tbac_kv4aQrIT1mQUm6p5fD6ZFOSEvUbXszJMEFG89QEPPR31qMtdZXd2fg_317WpBBYik-dCb_UxEGvWH1nK3p6SDs-4m09YuNCZ6pBgFtnjE6GAcNub7ThUNDY7jMYFk8oVXew2qMU2rS7yQkrj2KD5X22cVZkZ89RgKJ_3Pcg00ZX_KIzF-6NHgcWr9r3jBkdFQShixsrurihi7zWirDWCyTthzuOx4dfqtcHp9h0YU6y2hYHSSjC-6ABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1UEFyRXkbfOWNkbgOURdzqoSByiQ%2526client%253Dca-pub-8461867512759166%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5bc836ce81d97e692333649632a2b0544fc250e98234713f0ba57b14c544abf0

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1ga2833rf8avqtbr3d0kk88249v14mbr2q5jv3810phg83csbmeackwrja2ss4jyxc5tbd0vxkj880xn61x7v6jr1n0z32jnswt3e8c6p104st4p3pn8v40rsvacr645q710rs95cxc8p0hfngehfef8sgzda27nr8adnzr4ff8bs9j14fcywz7w95ms9g46m36b4qjpj21r3ek40rc84e8jxkaktz6qyzk9gmgbb313qjvj552hzfq8thz07cw39640em25xt09ass3t110z13hx02d5te4qvtwdvds2bxmk7anww1pc0zft4yz7dv7tw380sctnwn9q2dxr5r3c192y4vv4bn6mcqd6pc6waj7a3hq1az1frg28xp54y2ywft4njv6kss9jqs8jx8wmfrzncw7gv1e&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCmmrtxAJAY5qYENmIxdwP0fa6uAyQ4YGEXLaoworwAsCNtwEQASAAYJXSo4KwB4IBF2NhLXB1Yi04NDYxODY3NTEyNzU5MTY2yAEJqQIj0McHP2-wPqgDAaoEwAFP0EWW8tbac_kv4aQrIT1mQUm6p5fD6ZFOSEvUbXszJMEFG89QEPPR31qMtdZXd2fg_317WpBBYik-dCb_UxEGvWH1nK3p6SDs-4m09YuNCZ6pBgFtnjE6GAcNub7ThUNDY7jMYFk8oVXew2qMU2rS7yQkrj2KD5X22cVZkZ89RgKJ_3Pcg00ZX_KIzF-6NHgcWr9r3jBkdFQShixsrurihi7zWirDWCyTthzuOx4dfqtcHp9h0YU6y2hYHSSjC-6ABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1UEFyRXkbfOWNkbgOURdzqoSByiQ%26client%3Dca-pub-8461867512759166%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 756608fd1e8abbad-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 10:43:19 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H2 200 gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js Show response
pagead2.googlesyndication.com/bg/ Frame E319 36 KB
16 KB 313ms
13ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

8272ed99c2fe9a7e77a6af842513173821400a3a597748aa888bfcd284de29ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 07:52:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 269448
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16010
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Oct 2023 07:52:31 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4150 0
0 358ms
57ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221003&jk=4138105946784769&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.23/one-ad/ Frame D020 85 KB
11 KB 370ms
69ms Stylesheet
text/css 172.67.74.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.23/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C14019&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=6e3184dbbdb0bcc52ac064125221ba7a%2F12266327316882637105&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1665139398896&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jcpb31kw8yqz2mmv5jr3cbv34t4mbmvbykmdbyesbmrka1rb32swyr3xf4ha1htkb0mmk2kv3awbk2rthtprfz2x64nekf3ycbs8qg1mtr1w81t4h100znzw71amxepd4ypw0b8y6bexb6ag6c978e7cw0aswwxyneazyj1y8gj4engwn521kknk0e1txpmnc5yeksdhm8zm430xcvfsefbdxnk51ff8efatnehq016thqbjsvnezzctsgt0f5vmfhtkgqt1bdk8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmmrtxAJAY5qYENmIxdwP0fa6uAyQ4YGEXLaoworwAsCNtwEQASAAYJXSo4KwB4IBF2NhLXB1Yi04NDYxODY3NTEyNzU5MTY2yAEJqQIj0McHP2-wPqgDAaoEwAFP0EWW8tbac_kv4aQrIT1mQUm6p5fD6ZFOSEvUbXszJMEFG89QEPPR31qMtdZXd2fg_317WpBBYik-dCb_UxEGvWH1nK3p6SDs-4m09YuNCZ6pBgFtnjE6GAcNub7ThUNDY7jMYFk8oVXew2qMU2rS7yQkrj2KD5X22cVZkZ89RgKJ_3Pcg00ZX_KIzF-6NHgcWr9r3jBkdFQShixsrurihi7zWirDWCyTthzuOx4dfqtcHp9h0YU6y2hYHSSjC-6ABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1UEFyRXkbfOWNkbgOURdzqoSByiQ%2526client%253Dca-pub-8461867512759166%2526adurl%253D&y=1&s=&z=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34c3ae81cd958df09f8912557b0a7c53fea002cc24b4d6058d852da53811e414

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C14019&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=6e3184dbbdb0bcc52ac064125221ba7a%2F12266327316882637105&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1665139398896&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jcpb31kw8yqz2mmv5jr3cbv34t4mbmvbykmdbyesbmrka1rb32swyr3xf4ha1htkb0mmk2kv3awbk2rthtprfz2x64nekf3ycbs8qg1mtr1w81t4h100znzw71amxepd4ypw0b8y6bexb6ag6c978e7cw0aswwxyneazyj1y8gj4engwn521kknk0e1txpmnc5yeksdhm8zm430xcvfsefbdxnk51ff8efatnehq016thqbjsvnezzctsgt0f5vmfhtkgqt1bdk8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmmrtxAJAY5qYENmIxdwP0fa6uAyQ4YGEXLaoworwAsCNtwEQASAAYJXSo4KwB4IBF2NhLXB1Yi04NDYxODY3NTEyNzU5MTY2yAEJqQIj0McHP2-wPqgDAaoEwAFP0EWW8tbac_kv4aQrIT1mQUm6p5fD6ZFOSEvUbXszJMEFG89QEPPR31qMtdZXd2fg_317WpBBYik-dCb_UxEGvWH1nK3p6SDs-4m09YuNCZ6pBgFtnjE6GAcNub7ThUNDY7jMYFk8oVXew2qMU2rS7yQkrj2KD5X22cVZkZ89RgKJ_3Pcg00ZX_KIzF-6NHgcWr9r3jBkdFQShixsrurihi7zWirDWCyTthzuOx4dfqtcHp9h0YU6y2hYHSSjC-6ABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1UEFyRXkbfOWNkbgOURdzqoSByiQ%2526client%253Dca-pub-8461867512759166%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 10:43:19 GMT
strict-transport-security: max-age=86400; includeSubDomains; preload
via: 1.1 google
x-content-type-options: nosniff
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
cf-cache-status: HIT
age: 937562
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=86781
surrogate-control: no-store
content-encoding: br
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 26 Sep 2022 14:17:17 GMT
cross-origin-opener-policy: unsafe-none
server: cloudflare
x-download-options: noopen
vary: accept-encoding
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 756608ff5d23bbad-FRA
expires: 0

GET
H2 200 188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame D020 8 KB
9 KB 62ms
53ms Image
image/webp 172.67.74.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C14019&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=6e3184dbbdb0bcc52ac064125221ba7a%2F12266327316882637105&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1665139398896&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jcpb31kw8yqz2mmv5jr3cbv34t4mbmvbykmdbyesbmrka1rb32swyr3xf4ha1htkb0mmk2kv3awbk2rthtprfz2x64nekf3ycbs8qg1mtr1w81t4h100znzw71amxepd4ypw0b8y6bexb6ag6c978e7cw0aswwxyneazyj1y8gj4engwn521kknk0e1txpmnc5yeksdhm8zm430xcvfsefbdxnk51ff8efatnehq016thqbjsvnezzctsgt0f5vmfhtkgqt1bdk8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmmrtxAJAY5qYENmIxdwP0fa6uAyQ4YGEXLaoworwAsCNtwEQASAAYJXSo4KwB4IBF2NhLXB1Yi04NDYxODY3NTEyNzU5MTY2yAEJqQIj0McHP2-wPqgDAaoEwAFP0EWW8tbac_kv4aQrIT1mQUm6p5fD6ZFOSEvUbXszJMEFG89QEPPR31qMtdZXd2fg_317WpBBYik-dCb_UxEGvWH1nK3p6SDs-4m09YuNCZ6pBgFtnjE6GAcNub7ThUNDY7jMYFk8oVXew2qMU2rS7yQkrj2KD5X22cVZkZ89RgKJ_3Pcg00ZX_KIzF-6NHgcWr9r3jBkdFQShixsrurihi7zWirDWCyTthzuOx4dfqtcHp9h0YU6y2hYHSSjC-6ABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1UEFyRXkbfOWNkbgOURdzqoSByiQ%2526client%253Dca-pub-8461867512759166%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 10:43:19 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 30809
cf-polished: qual=85, origFmt=jpeg, origSize=16723
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8354
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Jan 2020 13:13:07 GMT
server: cloudflare
etag: "04cb7ec205cea351157aeffb998f3a85"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zIOSwAOInN1ycv0rXuoKyYmY4fgeEpRLmbUL%2Fij9UT4b3KzddXKkIQ%2FbYdLjwUoQD%2F%2F95XAJUB6LdMOqABFuFH1wK%2B9II%2ByXJwI9Wkx2eTqoEgyMvd7vaVaOJH1NpSyW"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 756608fd8fcabbad-FRA
expires: Sat, 08 Oct 2022 10:43:19 GMT

GET
H2 200 18B94174251C2CF76EA99FD460FAC2CAEA3A9035BC0DAFA1AFA37FFB175B78880F10C9B121A8ACC31AC23630DA7466A11649951F161682DA76B2C6E951030B12
assets.ad4m.at/product_image/ Frame D020 317 KB
318 KB 47ms
40ms Image
image/webp 172.67.74.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/18B94174251C2CF76EA99FD460FAC2CAEA3A9035BC0DAFA1AFA37FFB175B78880F10C9B121A8ACC31AC23630DA7466A11649951F161682DA76B2C6E951030B12
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C14019&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=6e3184dbbdb0bcc52ac064125221ba7a%2F12266327316882637105&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1665139398896&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jcpb31kw8yqz2mmv5jr3cbv34t4mbmvbykmdbyesbmrka1rb32swyr3xf4ha1htkb0mmk2kv3awbk2rthtprfz2x64nekf3ycbs8qg1mtr1w81t4h100znzw71amxepd4ypw0b8y6bexb6ag6c978e7cw0aswwxyneazyj1y8gj4engwn521kknk0e1txpmnc5yeksdhm8zm430xcvfsefbdxnk51ff8efatnehq016thqbjsvnezzctsgt0f5vmfhtkgqt1bdk8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmmrtxAJAY5qYENmIxdwP0fa6uAyQ4YGEXLaoworwAsCNtwEQASAAYJXSo4KwB4IBF2NhLXB1Yi04NDYxODY3NTEyNzU5MTY2yAEJqQIj0McHP2-wPqgDAaoEwAFP0EWW8tbac_kv4aQrIT1mQUm6p5fD6ZFOSEvUbXszJMEFG89QEPPR31qMtdZXd2fg_317WpBBYik-dCb_UxEGvWH1nK3p6SDs-4m09YuNCZ6pBgFtnjE6GAcNub7ThUNDY7jMYFk8oVXew2qMU2rS7yQkrj2KD5X22cVZkZ89RgKJ_3Pcg00ZX_KIzF-6NHgcWr9r3jBkdFQShixsrurihi7zWirDWCyTthzuOx4dfqtcHp9h0YU6y2hYHSSjC-6ABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1UEFyRXkbfOWNkbgOURdzqoSByiQ%2526client%253Dca-pub-8461867512759166%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2bcef052d0d99b56c7a9b9b0ce076ca020219e6ecccad2b46b0267ffc2fc8bc8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 10:43:19 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 197165
cf-polished: origFmt=png, origSize=451997
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 324760
cf-bgj: imgq:85,h2pri
last-modified: Tue, 14 Jun 2022 08:21:28 GMT
server: cloudflare
etag: "7dada3f3f6321a7ee4badc53b11da1f3"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jSep5njp8lQOpbxMi38gM5YVLNARBQYIjMeIEXvfvwi%2BVQfPDlYuWQ7khRaQxKng8rOcADQJ%2FMc7xIqpWnJ7ButR3NBGgzkFc1QfVZtR%2Fv5e1RCQ%2FRtvV0E%2B6eB7qUJa"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 756608fd8fd2bbad-FRA
expires: Sat, 08 Oct 2022 10:43:19 GMT

GET
H/1.1

200

/
banner.congstar.de/cookie/ Frame D020
Redirect Chain

https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=pv_oneidGjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tEoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1665139399_db86e6f0-462c-11ed-a733-2235c9b4021a

0
518 B

47ms
12ms

Image
text/plain

148.251.139.77
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1665139399_db86e6f0-462c-11ed-a733-2235c9b4021a
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C14019&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=6e3184dbbdb0bcc52ac064125221ba7a%2F12266327316882637105&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1665139398896&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jcpb31kw8yqz2mmv5jr3cbv34t4mbmvbykmdbyesbmrka1rb32swyr3xf4ha1htkb0mmk2kv3awbk2rthtprfz2x64nekf3ycbs8qg1mtr1w81t4h100znzw71amxepd4ypw0b8y6bexb6ag6c978e7cw0aswwxyneazyj1y8gj4engwn521kknk0e1txpmnc5yeksdhm8zm430xcvfsefbdxnk51ff8efatnehq016thqbjsvnezzctsgt0f5vmfhtkgqt1bdk8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmmrtxAJAY5qYENmIxdwP0fa6uAyQ4YGEXLaoworwAsCNtwEQASAAYJXSo4KwB4IBF2NhLXB1Yi04NDYxODY3NTEyNzU5MTY2yAEJqQIj0McHP2-wPqgDAaoEwAFP0EWW8tbac_kv4aQrIT1mQUm6p5fD6ZFOSEvUbXszJMEFG89QEPPR31qMtdZXd2fg_317WpBBYik-dCb_UxEGvWH1nK3p6SDs-4m09YuNCZ6pBgFtnjE6GAcNub7ThUNDY7jMYFk8oVXew2qMU2rS7yQkrj2KD5X22cVZkZ89RgKJ_3Pcg00ZX_KIzF-6NHgcWr9r3jBkdFQShixsrurihi7zWirDWCyTthzuOx4dfqtcHp9h0YU6y2hYHSSjC-6ABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1UEFyRXkbfOWNkbgOURdzqoSByiQ%2526client%253Dca-pub-8461867512759166%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 148.251.139.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.77.139.251.148.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 07 Oct 2022 10:43:18 GMT
Server: Apache
P3P: CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0

Redirect headers

Date: Fri, 07 Oct 2022 10:43:19 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1665139399_db86e6f0-462c-11ed-a733-2235c9b4021a
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H2 200 E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame D020 38 KB
38 KB 77ms
70ms Image
image/webp 172.67.74.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C14019&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=6e3184dbbdb0bcc52ac064125221ba7a%2F12266327316882637105&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1665139398896&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jcpb31kw8yqz2mmv5jr3cbv34t4mbmvbykmdbyesbmrka1rb32swyr3xf4ha1htkb0mmk2kv3awbk2rthtprfz2x64nekf3ycbs8qg1mtr1w81t4h100znzw71amxepd4ypw0b8y6bexb6ag6c978e7cw0aswwxyneazyj1y8gj4engwn521kknk0e1txpmnc5yeksdhm8zm430xcvfsefbdxnk51ff8efatnehq016thqbjsvnezzctsgt0f5vmfhtkgqt1bdk8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmmrtxAJAY5qYENmIxdwP0fa6uAyQ4YGEXLaoworwAsCNtwEQASAAYJXSo4KwB4IBF2NhLXB1Yi04NDYxODY3NTEyNzU5MTY2yAEJqQIj0McHP2-wPqgDAaoEwAFP0EWW8tbac_kv4aQrIT1mQUm6p5fD6ZFOSEvUbXszJMEFG89QEPPR31qMtdZXd2fg_317WpBBYik-dCb_UxEGvWH1nK3p6SDs-4m09YuNCZ6pBgFtnjE6GAcNub7ThUNDY7jMYFk8oVXew2qMU2rS7yQkrj2KD5X22cVZkZ89RgKJ_3Pcg00ZX_KIzF-6NHgcWr9r3jBkdFQShixsrurihi7zWirDWCyTthzuOx4dfqtcHp9h0YU6y2hYHSSjC-6ABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1UEFyRXkbfOWNkbgOURdzqoSByiQ%2526client%253Dca-pub-8461867512759166%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 10:43:19 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1178940
cf-polished: origFmt=png, origSize=77267
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38696
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Jan 2020 13:11:48 GMT
server: cloudflare
etag: "2b0e02e9dde77e31d38d78d73dc69e4f"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K4FahUhOMYNCqFu8WnyP1ZzH4CoOC7Hkg3OFSej3PcbprF9zDtyN8i%2BwY%2BgRLEOdR2b%2FiYQFqFF%2F%2FS%2BWcbdaIdZuiI25F%2BOTpvTr1xyhqTGct1KSUkcGO%2BI32X0E5MAD"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 756608fd8fd0bbad-FRA
expires: Sat, 08 Oct 2022 10:43:19 GMT

GET
H2 200 B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame D020 84 KB
84 KB 34ms
27ms Image
image/jpeg 172.67.74.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C14019&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=6e3184dbbdb0bcc52ac064125221ba7a%2F12266327316882637105&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1665139398896&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jcpb31kw8yqz2mmv5jr3cbv34t4mbmvbykmdbyesbmrka1rb32swyr3xf4ha1htkb0mmk2kv3awbk2rthtprfz2x64nekf3ycbs8qg1mtr1w81t4h100znzw71amxepd4ypw0b8y6bexb6ag6c978e7cw0aswwxyneazyj1y8gj4engwn521kknk0e1txpmnc5yeksdhm8zm430xcvfsefbdxnk51ff8efatnehq016thqbjsvnezzctsgt0f5vmfhtkgqt1bdk8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmmrtxAJAY5qYENmIxdwP0fa6uAyQ4YGEXLaoworwAsCNtwEQASAAYJXSo4KwB4IBF2NhLXB1Yi04NDYxODY3NTEyNzU5MTY2yAEJqQIj0McHP2-wPqgDAaoEwAFP0EWW8tbac_kv4aQrIT1mQUm6p5fD6ZFOSEvUbXszJMEFG89QEPPR31qMtdZXd2fg_317WpBBYik-dCb_UxEGvWH1nK3p6SDs-4m09YuNCZ6pBgFtnjE6GAcNub7ThUNDY7jMYFk8oVXew2qMU2rS7yQkrj2KD5X22cVZkZ89RgKJ_3Pcg00ZX_KIzF-6NHgcWr9r3jBkdFQShixsrurihi7zWirDWCyTthzuOx4dfqtcHp9h0YU6y2hYHSSjC-6ABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1UEFyRXkbfOWNkbgOURdzqoSByiQ%2526client%253Dca-pub-8461867512759166%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c3a0321547809818914bf6666db8a6b4f882b487d3e08e334566d25d5d38e55

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 10:43:19 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1136085
cf-polished: origSize=90165, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 85727
cf-bgj: imgq:85,h2pri
last-modified: Wed, 09 Oct 2019 16:06:53 GMT
server: cloudflare
etag: "a6c89bb079950765946aeeda42e13d01"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C098mVHr752BshvXLQiRUH5ZcOkd51RqCkLEWHYaU0Tt8TPkPQk9AbAJ4zmq2ZtloVdI1nvvq7Yidz9zen0qv01gcSO3Ahh2gwej%2BIv%2BEsOnkSvcr35UIbenBh0iojcr"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 756608fd8fc5bbad-FRA
expires: Sat, 08 Oct 2022 10:43:19 GMT

GET
H2 200 CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
assets.ad4m.at/logo/ Frame D020 16 KB
16 KB 42ms
35ms Image
image/webp 172.67.74.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C14019&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=6e3184dbbdb0bcc52ac064125221ba7a%2F12266327316882637105&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1665139398896&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jcpb31kw8yqz2mmv5jr3cbv34t4mbmvbykmdbyesbmrka1rb32swyr3xf4ha1htkb0mmk2kv3awbk2rthtprfz2x64nekf3ycbs8qg1mtr1w81t4h100znzw71amxepd4ypw0b8y6bexb6ag6c978e7cw0aswwxyneazyj1y8gj4engwn521kknk0e1txpmnc5yeksdhm8zm430xcvfsefbdxnk51ff8efatnehq016thqbjsvnezzctsgt0f5vmfhtkgqt1bdk8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmmrtxAJAY5qYENmIxdwP0fa6uAyQ4YGEXLaoworwAsCNtwEQASAAYJXSo4KwB4IBF2NhLXB1Yi04NDYxODY3NTEyNzU5MTY2yAEJqQIj0McHP2-wPqgDAaoEwAFP0EWW8tbac_kv4aQrIT1mQUm6p5fD6ZFOSEvUbXszJMEFG89QEPPR31qMtdZXd2fg_317WpBBYik-dCb_UxEGvWH1nK3p6SDs-4m09YuNCZ6pBgFtnjE6GAcNub7ThUNDY7jMYFk8oVXew2qMU2rS7yQkrj2KD5X22cVZkZ89RgKJ_3Pcg00ZX_KIzF-6NHgcWr9r3jBkdFQShixsrurihi7zWirDWCyTthzuOx4dfqtcHp9h0YU6y2hYHSSjC-6ABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1UEFyRXkbfOWNkbgOURdzqoSByiQ%2526client%253Dca-pub-8461867512759166%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7024493525030ecd098ce0dcb2f0aea839373775120b40580028137b1d125ac9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 10:43:19 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1176620
cf-polished: origFmt=png, origSize=39979
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15996
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Jan 2020 13:07:55 GMT
server: cloudflare
etag: "ad9334664514d900a0c3b76d17ca960f"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iXKQ%2FNBuyCSokCJrGTEp67xksxRguN9TNIqDCzucqwq43Zlsna%2Fv7gMcCzO7HB5%2BG49qw6drXuPBc3hSK6pneDCY3wGL3nPzG%2FCBAsPUcGwA7bBv0eTywmoAV6ToUMVC"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 756608fd8fd6bbad-FRA
expires: Sat, 08 Oct 2022 10:43:19 GMT

GET
H2 200 EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame D020 222 KB
222 KB 60ms
54ms Image
image/webp 172.67.74.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C14019&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=6e3184dbbdb0bcc52ac064125221ba7a%2F12266327316882637105&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1665139398896&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jcpb31kw8yqz2mmv5jr3cbv34t4mbmvbykmdbyesbmrka1rb32swyr3xf4ha1htkb0mmk2kv3awbk2rthtprfz2x64nekf3ycbs8qg1mtr1w81t4h100znzw71amxepd4ypw0b8y6bexb6ag6c978e7cw0aswwxyneazyj1y8gj4engwn521kknk0e1txpmnc5yeksdhm8zm430xcvfsefbdxnk51ff8efatnehq016thqbjsvnezzctsgt0f5vmfhtkgqt1bdk8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmmrtxAJAY5qYENmIxdwP0fa6uAyQ4YGEXLaoworwAsCNtwEQASAAYJXSo4KwB4IBF2NhLXB1Yi04NDYxODY3NTEyNzU5MTY2yAEJqQIj0McHP2-wPqgDAaoEwAFP0EWW8tbac_kv4aQrIT1mQUm6p5fD6ZFOSEvUbXszJMEFG89QEPPR31qMtdZXd2fg_317WpBBYik-dCb_UxEGvWH1nK3p6SDs-4m09YuNCZ6pBgFtnjE6GAcNub7ThUNDY7jMYFk8oVXew2qMU2rS7yQkrj2KD5X22cVZkZ89RgKJ_3Pcg00ZX_KIzF-6NHgcWr9r3jBkdFQShixsrurihi7zWirDWCyTthzuOx4dfqtcHp9h0YU6y2hYHSSjC-6ABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1UEFyRXkbfOWNkbgOURdzqoSByiQ%2526client%253Dca-pub-8461867512759166%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bfc7d34cd8bc7df36a984d6f3da50799752e33c48bbf07a4a1ee959b51476d0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 10:43:19 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1175574
cf-polished: origFmt=png, origSize=342797
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 226950
cf-bgj: imgq:85,h2pri
last-modified: Wed, 15 Jun 2022 14:01:11 GMT
server: cloudflare
etag: "82c7de0f42ff55fdd0acc07731664031"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FStCFU9iAmW7u632eFuDpT2BM1X5tbU5cxXsk6L17QcQqJyNFjHKvqmV6ONYHTlwpYQ4EYy8wkjykzz5HRTzJx0PD9UYUpm3iWoyd6VMOHWy%2Ba3uHPyUtSgKTnmL1Rii"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 756608fd8fd5bbad-FRA
expires: Sat, 08 Oct 2022 10:43:19 GMT

GET
H2

200

ztpv.php
www.conrad.de/ Frame D020
Redirect Chain

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7oneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.zenaps.com/cshow.php?pvr=db8400c0-462c-11ed-b2b2-2232e0b3d466&v=11354&r=412871&q=377129&s=2470185&viewref3=oneidRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7oneid__dc_reach_suite02wkz&pv=1&gdpr=0&g...
https://www.conrad.de/ztpv.php?awc=11354_412871_1665139399_db8400c0-462c-11ed-b2b2-2232e0b3d466&insert=AW&&gdpr=0&gdpr_consent=

0
654 B

389ms
53ms

Image
text/html

104.18.126.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.conrad.de/ztpv.php?awc=11354_412871_1665139399_db8400c0-462c-11ed-b2b2-2232e0b3d466&insert=AW&&gdpr=0&gdpr_consent=

Requested by

Protocol

Server

104.18.126.5 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 10:43:19 GMT
via: 1.1 varnish (Varnish/6.6)
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=15552000
age: 0
p3p: policyref="http://www.conrad.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
x-varnish: 1009817515
content-type: text/html; charset=UTF-8
cache-control: no-cache
server-timing: intid;desc=c5725ab1d3074ad1
cf-ray: 75660900ff6c9a12-FRA
expires: -1

Redirect headers

Date: Fri, 07 Oct 2022 10:43:19 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.conrad.de/ztpv.php?awc=11354_412871_1665139399_db8400c0-462c-11ed-b2b2-2232e0b3d466&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H2 204 generate_204
tpc.googlesyndication.com/ Frame E319 0
40 B 314ms
13ms Image
text/plain 172.217.16.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?LLYoYw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s08-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 10:43:19 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 link.html Show response
track.webgains.com/ Frame D020 2 KB
2 KB 188ms
124ms Script
text/html 18.169.7.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hj1b8jcew7skmjhg36s89cj5xvfqwkndzk1xx9ehd6gtgkyf9pqk9m8cdxb0467y9h6r943z96084xn4svccddhcp2nndgxt2c52ev1kshnb319b20v4d2tm5g3qrw92zy4rendn0ekdzpc24t3n94tvfjtpa8kkak2b436909713jmmf45bwq87275sp3w0mhcjcfx3k6rc8fv59e23ptfj5x69xettfstcn4n7c33s9d5pnjezcmwaw777a26z8f0%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jcpb31kw8yqz2mmv5jr3cbv34t4mbmvbykmdbyesbmrka1rb32swyr3xf4ha1htkb0mmk2kv3awbk2rthtprfz2x64nekf3ycbs8qg1mtr1w81t4h100znzw71amxepd4ypw0b8y6bexb6ag6c978e7cw0aswwxyneazyj1y8gj4engwn521kknk0e1txpmnc5yeksdhm8zm430xcvfsefbdxnk51ff8efatnehq016thqbjsvnezzctsgt0f5vmfhtkgqt1bdk8%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCmmrtxAJAY5qYENmIxdwP0fa6uAyQ4YGEXLaoworwAsCNtwEQASAAYJXSo4KwB4IBF2NhLXB1Yi04NDYxODY3NTEyNzU5MTY2yAEJqQIj0McHP2-wPqgDAaoEwAFP0EWW8tbac_kv4aQrIT1mQUm6p5fD6ZFOSEvUbXszJMEFG89QEPPR31qMtdZXd2fg_317WpBBYik-dCb_UxEGvWH1nK3p6SDs-4m09YuNCZ6pBgFtnjE6GAcNub7ThUNDY7jMYFk8oVXew2qMU2rS7yQkrj2KD5X22cVZkZ89RgKJ_3Pcg00ZX_KIzF-6NHgcWr9r3jBkdFQShixsrurihi7zWirDWCyTthzuOx4dfqtcHp9h0YU6y2hYHSSjC-6ABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1UEFyRXkbfOWNkbgOURdzqoSByiQ%252526client%25253Dca-pub-8461867512759166%252526adurl%25253D&clickref=oneidr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhdoneid__dc_reach_suite02wkz&viewref=oneid4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuKoneid__dc_reach_suite02wkz
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C14019&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=6e3184dbbdb0bcc52ac064125221ba7a%2F12266327316882637105&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1665139398896&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jcpb31kw8yqz2mmv5jr3cbv34t4mbmvbykmdbyesbmrka1rb32swyr3xf4ha1htkb0mmk2kv3awbk2rthtprfz2x64nekf3ycbs8qg1mtr1w81t4h100znzw71amxepd4ypw0b8y6bexb6ag6c978e7cw0aswwxyneazyj1y8gj4engwn521kknk0e1txpmnc5yeksdhm8zm430xcvfsefbdxnk51ff8efatnehq016thqbjsvnezzctsgt0f5vmfhtkgqt1bdk8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmmrtxAJAY5qYENmIxdwP0fa6uAyQ4YGEXLaoworwAsCNtwEQASAAYJXSo4KwB4IBF2NhLXB1Yi04NDYxODY3NTEyNzU5MTY2yAEJqQIj0McHP2-wPqgDAaoEwAFP0EWW8tbac_kv4aQrIT1mQUm6p5fD6ZFOSEvUbXszJMEFG89QEPPR31qMtdZXd2fg_317WpBBYik-dCb_UxEGvWH1nK3p6SDs-4m09YuNCZ6pBgFtnjE6GAcNub7ThUNDY7jMYFk8oVXew2qMU2rS7yQkrj2KD5X22cVZkZ89RgKJ_3Pcg00ZX_KIzF-6NHgcWr9r3jBkdFQShixsrurihi7zWirDWCyTthzuOx4dfqtcHp9h0YU6y2hYHSSjC-6ABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1UEFyRXkbfOWNkbgOURdzqoSByiQ%2526client%253Dca-pub-8461867512759166%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.169.7.120 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-169-7-120.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: df7cd538898ed073e25faf264ffeed8b5e1b62f6a6217b0b317c9b7fb5daab0a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 10:43:19 GMT
last-modified: Fri, 07 Oct 2022 10:43:19 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Fri, 07 Oct 2022 10:44:19 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame D020 85 KB
31 KB 57ms
9ms Script
application/javascript 18.66.147.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hj1b8jcew7skmjhg36s89cj5xvfqwkndzk1xx9ehd6gtgkyf9pqk9m8cdxb0467y9h6r943z96084xn4svccddhcp2nndgxt2c52ev1kshnb319b20v4d2tm5g3qrw92zy4rendn0ekdzpc24t3n94tvfjtpa8kkak2b436909713jmmf45bwq87275sp3w0mhcjcfx3k6rc8fv59e23ptfj5x69xettfstcn4n7c33s9d5pnjezcmwaw777a26z8f0%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jcpb31kw8yqz2mmv5jr3cbv34t4mbmvbykmdbyesbmrka1rb32swyr3xf4ha1htkb0mmk2kv3awbk2rthtprfz2x64nekf3ycbs8qg1mtr1w81t4h100znzw71amxepd4ypw0b8y6bexb6ag6c978e7cw0aswwxyneazyj1y8gj4engwn521kknk0e1txpmnc5yeksdhm8zm430xcvfsefbdxnk51ff8efatnehq016thqbjsvnezzctsgt0f5vmfhtkgqt1bdk8%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCmmrtxAJAY5qYENmIxdwP0fa6uAyQ4YGEXLaoworwAsCNtwEQASAAYJXSo4KwB4IBF2NhLXB1Yi04NDYxODY3NTEyNzU5MTY2yAEJqQIj0McHP2-wPqgDAaoEwAFP0EWW8tbac_kv4aQrIT1mQUm6p5fD6ZFOSEvUbXszJMEFG89QEPPR31qMtdZXd2fg_317WpBBYik-dCb_UxEGvWH1nK3p6SDs-4m09YuNCZ6pBgFtnjE6GAcNub7ThUNDY7jMYFk8oVXew2qMU2rS7yQkrj2KD5X22cVZkZ89RgKJ_3Pcg00ZX_KIzF-6NHgcWr9r3jBkdFQShixsrurihi7zWirDWCyTthzuOx4dfqtcHp9h0YU6y2hYHSSjC-6ABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1UEFyRXkbfOWNkbgOURdzqoSByiQ%252526client%25253Dca-pub-8461867512759166%252526adurl%25253D&clickref=oneidr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhdoneid__dc_reach_suite02wkz&viewref=oneid4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuKoneid__dc_reach_suite02wkz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-98.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5f0e58e4c8d23cb8d1453aa9d362f102a4676085ab517acfd34aba74f982d3db

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 08:20:12 GMT
content-encoding: gzip
via: 1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront)
last-modified: Thu, 29 Sep 2022 15:27:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 8588
etag: W/"faa933973c404f8cfedacd4b67a60b85"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: BtP5-rnWSSYNQsS1w-xse-bF0ZQmTB2iEWuIHTE3sJHQ-NFububAXg==

GET
H2 200 Logo%20RGB.png
cdn.track.production.webgains.team/12607/ Frame D020 85 KB
85 KB 48ms
9ms Image
image/png 18.66.147.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/12607/Logo%20RGB.png?Expires=1665139699&Signature=a7HhhME6sFsidu7oaJLjfe1yiboPrwpf0FAkkB5qNlwkPi5idLlah8CpW~~2PS-KgP4OOxkdyo~Xw8X0OY5oC0OMIZxiYxHFJiuFEPz7bnuGq6ebRJe~ghjGqbhNdJMoea18s25t-YUhPeXHmHfuzEQc1esgvWMW8ce7hfsgzZ~hdXZySXQU7JXuDRmxHXIcyiNYGZqkbs0mW~c-0C-tqE1SqsVXuIMH6lv6TW-4XaccATVcilqxndVCFu2XtSHm0QDXfgoNhu3MjXnEdZRLZGzpR-qYxvBeHDIvUJYA6UCS1WB264e1I1cYtJS4Fhw8e6Vs2sPE9XJ8JCVz3pFPIg__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C14019&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=6e3184dbbdb0bcc52ac064125221ba7a%2F12266327316882637105&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1665139398896&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1jcpb31kw8yqz2mmv5jr3cbv34t4mbmvbykmdbyesbmrka1rb32swyr3xf4ha1htkb0mmk2kv3awbk2rthtprfz2x64nekf3ycbs8qg1mtr1w81t4h100znzw71amxepd4ypw0b8y6bexb6ag6c978e7cw0aswwxyneazyj1y8gj4engwn521kknk0e1txpmnc5yeksdhm8zm430xcvfsefbdxnk51ff8efatnehq016thqbjsvnezzctsgt0f5vmfhtkgqt1bdk8%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCmmrtxAJAY5qYENmIxdwP0fa6uAyQ4YGEXLaoworwAsCNtwEQASAAYJXSo4KwB4IBF2NhLXB1Yi04NDYxODY3NTEyNzU5MTY2yAEJqQIj0McHP2-wPqgDAaoEwAFP0EWW8tbac_kv4aQrIT1mQUm6p5fD6ZFOSEvUbXszJMEFG89QEPPR31qMtdZXd2fg_317WpBBYik-dCb_UxEGvWH1nK3p6SDs-4m09YuNCZ6pBgFtnjE6GAcNub7ThUNDY7jMYFk8oVXew2qMU2rS7yQkrj2KD5X22cVZkZ89RgKJ_3Pcg00ZX_KIzF-6NHgcWr9r3jBkdFQShixsrurihi7zWirDWCyTthzuOx4dfqtcHp9h0YU6y2hYHSSjC-6ABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1UEFyRXkbfOWNkbgOURdzqoSByiQ%2526client%253Dca-pub-8461867512759166%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-59.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: null
date: Thu, 06 Oct 2022 13:06:22 GMT
via: 1.1 da392114e7046bd9720a70f40c796f62.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 09:41:36 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 77818
etag: "92f323c42d6018008b4cf82e90ac9639"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 86991
x-amz-cf-id: 5i50aCmtUMMAV-IX_KSN0MER8u8Q_H0MCdogVmYa3_Yil3gZUVQbNg==

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 50ms
50ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221003&jk=4138105946784769&bg=!_f6l_rrNAAYQgTJdMIE7ACkAdvg8Wv6Jvflc4oO9FyU64WJkGTZu79V_klxys8RLLx1OPLGKk_IBcAIAAABvUgAAAAJoAQcKALL0PjB0mAeMBVGA8iv6pC7IS6QhAdA_q29t7c9B0alZtqRgyk4-X0OJ4hoSr7qfm5pINe-v3aZBftR1UtbS6sH3cKdAj1vXEnenkNggdb4PXZ6It46oC7f6jOQQab7QT9X1nTLGdirJsZ7Hd2tQoxSWw0_c9LxGQqOX8K2Gyx0Lp-CRtmIhEDlKra3x98dquezeI9M-gBQELPff1EilwBCwxt6AShSRZiem285spejTbDUZmQLNuwXuQZz3HC778TPCBlS5b6T1YBNW7CLVwpYNhEJZAGMVV1FQorel9zjAVxjCOdlDtwbWbJlB-p0VRrG5qTZ4-1FtvVlSdKAB-rCHS63AcAaf7dytjlIENQWJEeyrAnSdQJAswSBM28H-Wkd5cBpjTug406Hdv7B1X8VhaBzeOk7w9k86Nd1DkZOxmdrlYWnm_vIG66PpxQfYVv1tpsC3yh2BCXReGnxOh0hqrC3OKCYnm597SnUgp4iyIORUgqp8NSXimf5HI45hpYYq5C5NhKz8oni7HoXbo6vnJQZFIWHY_oNmDSlh3lz0we26aUghCpEal5_frQV4_SLuOLC1BJWTbelw-LjdTW7lYjKViz2uOt7ccnRJcSI4-P0Kni36T7jpCLzhWzgfHgrf7gHPJoK5YsgmQydC_cZYshTHPiUwNZ-NNZ_KGWfTfEoA6_byTOpelLK28miNlzbSgcU2HJAg_NwBbq8zmKcuu9TmFsFqjvRVV-IcAXEFDOGat1_NCvWk74SUS-oYZ44HChSwSZwzBo4k0YklY5L5dre7DfzIzgKSKJoA30ZVs-riGwZ8NRkDOGn0Nvdaoa7b8B0vAmvt2u-tYfJMhncDMBCeEui9i-jhkQGiPGHm5nuYTvB30CWYz83RoiaK70bd8Te_y-lO3hrLPcwiAOjtGNirzXgqzSZHL0Wh_4TSXvHwjDbtz6sKTOcqMJAFRLVtzbwFQnqnwQlw6Q7YmUWwU73fFUAT7YpmgO_MUP8Wuj-wUUMuGez4cLtih0OMdbraVkKLDmoTSuCmrKfXQXXQ8pZc7YwTesNhJsqkPa_RqeL58GtTgKa8nffpfxloL6nbXgmWhEOe7TLjlv4Gu1FZplYEJaW0JzyxWD7gIboaxmGpP0ioWsWuQMCRH7-_M8CWPS_zu4fZ-lLm4WyMnpvx_9LcKeAeSqa_BIzcm-gHoI7b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://scanurl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame D020 16 B
232 B 150ms
150ms Fetch
application/json 18.134.23.117

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.134.23.117 -, , ASN (),

Reverse DNS

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 07 Oct 2022 10:43:21 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 230ms
23ms Preflight 18.134.23.117

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.134.23.117 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Fri, 07 Oct 2022 10:43:20 GMT
server: nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEC8U3rBZXFienK3r3QfSWwg&google_cver=1&google_push=AZmPxg8QP9EZvcs35JOSWvflOZZ5IKkWJtszeCeICcQHL5CPG4vsAvfbutNqRr0R2iRL8NQ1O94CQ-bVlqjJtCY7VccvbtULQmlFzw

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
scanurl.net/	1969-12-31 23:59:59	Name: PHPSESSID Value: b231mtidjnh0a2otj9t0sbbrk1
.scanurl.net/	1970-01-20 16:08:19	Name: _ga Value: GA1.2.1235290233.1665139395
.scanurl.net/	1970-01-20 06:33:45	Name: _gid Value: GA1.2.691001102.1665139395
.scanurl.net/	1970-01-20 06:32:19	Name: _gat Value: 1
.scanurl.net/	1970-01-20 15:53:55	Name: __gads Value: ID=6cc74fc0a7ee7254-2226746b3cce0061:T=1665139395:RT=1665139395:S=ALNI_Magk5f6Bt7oS1pEtfqXiUVrKIjISw
.doubleclick.net/	1970-01-20 15:53:55	Name: IDE Value: AHWqTUlI0mBxoAqY0A8j-iuc9YF4176GSpIfnbv-8crL8Kg5pbCNbkb39sBdBnhEjvc
.casalemedia.com/	1970-01-20 15:17:55	Name: CMID Value: Y0ACxQfRvRGLZTHe0y0u8QAA
.casalemedia.com/	1970-01-20 08:41:55	Name: CMPS Value: 1189
.casalemedia.com/	1970-01-20 08:41:55	Name: CMPRO Value: 1189
.quantserve.com/	1970-01-20 08:41:55	Name: d Value: EBwBCQGjJ4EA
.quantserve.com/	1970-01-20 16:02:33	Name: mc Value: 634002c5-31ae2-eff3d-4bae6
.innovid.com/	1970-01-20 08:41:55	Name: uuid Value: 2c3e3cec-f327-4567-95de-36a2b2668f8a-20221007 06:43:17
.doubleclick.net/	1970-01-20 06:32:22	Name: DSID Value: NO_DATA
.awin1.com/	1970-01-20 06:36:38	Name: awpv11354 Value: 412871\|1665139399\|db8400c0-462c-11ed-b2b2-2232e0b3d466
.awin1.com/	1970-01-20 06:42:24	Name: awpv11938 Value: 412871\|1665139399\|db86e6f0-462c-11ed-a733-2235c9b4021a
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 367022:2542680
.congstar.de/	1970-01-20 06:42:31	Name: staticentry Value: %7B%22spfr%22%3A%22412871%22%2C%22awc%22%3A%2211938_412871_1665139399_db86e6f0-462c-11ed-a733-2235c9b4021a%22%2C%22sp%22%3A%22awin%22%7D
.zenaps.com/	1970-01-20 06:36:38	Name: awpv11354 Value: 412871\|1665139399\|db8400c0-462c-11ed-b2b2-2232e0b3d466
.zenaps.com/	1969-12-31 23:59:59	Name: AWSESS Value: 377129:2470185
www.conrad.de/	1970-01-20 06:39:31	Name: HTLP_timestamp Value: 1665139399
www.conrad.de/	1970-01-20 06:39:31	Name: CEAffHA Value: YD
.www.conrad.de/	1970-01-20 06:32:21	Name: __cf_bm Value: 9g6BdycSKkRdEV_M.fLbmsRYn7t_u7KnkBfDMWPtfnA-1665139399-0-AelzR3iIvKCrSfcRsQldnWd9hB9v/d9UyqmxNBw22RWLdfpqcOF29kKho+9zmqRkOkC2F9oOymBmOY8OXb3JtzY=

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEC8U3rBZXFienK3r3QfSWwg&google_cver=1&google_push=AZmPxg8QP9EZvcs35JOSWvflOZZ5IKkWJtszeCeICcQHL5CPG4vsAvfbutNqRr0R2iRL8NQ1O94CQ-bVlqjJtCY7VccvbtULQmlFzw Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20221003/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271801&client=ca-pub-8461867512759166&fa=1&ifi=7&uci=a!7&btvi=3&xpc=xUDPLtLMvJ&p=https%3A//scanurl.net Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad4m.at
adservice.google.com
adservice.google.de
ag.innovid.com
analytics.webgains.io
api.webgains.io
as.ad4m.at
assets.ad4m.at
banner.congstar.de
cdn.track.production.webgains.team
cm.g.doubleclick.net
cms.quantserve.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
googlecm.hit.gemius.pl
image6.pubmatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
prod-rtb.ad4mat.net
rtb.openx.net
s0.2mdn.net
scanurl.net
ssum-sec.casalemedia.com
static-de.ad4mat.net
tpc.googlesyndication.com
track.webgains.com
www.awin1.com
www.conrad.de
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.zenaps.com
googlecm.hit.gemius.pl
104.18.126.5
104.193.110.123
104.26.10.209
104.26.7.27
142.250.185.170
142.250.185.66
142.250.185.98
142.250.186.142
142.250.186.162
142.250.186.164
142.250.186.35
148.251.139.77
172.217.16.193
172.217.16.194
172.217.18.2
172.217.18.3
172.217.18.6
172.217.18.98
172.67.74.129
18.134.23.117
18.169.7.120
18.66.147.59
18.66.147.98
185.64.190.78
185.80.39.216
23.203.81.208
3.11.254.218
34.95.89.54
35.227.252.103
69.173.144.138
91.228.74.251
02b0828e85ebe8a2f9546ad400455eb44b75f080afec13500f72a9ec2b4fb3fb
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1de33fafa47a9ed9f2c59b42da324f4135a43a142ad10bdd365c8279ab968de6
1ff84f1e03eb15dedc4668f0817372b734934076bc936e12c5c0bd3944dab0c0
22cadce4f1aad2a4af3657f90efa02d4e3d32217fdf307ff69512771d1fb08ab
23b5c1186602b1deb37c6b0f0f49b7f83b9ec923758e601555540560b158b86f
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86
2bcef052d0d99b56c7a9b9b0ce076ca020219e6ecccad2b46b0267ffc2fc8bc8
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
311d6e0a623475d73c35b2a61232ef0621db876a120cf7069721cb04f06ad003
34c3ae81cd958df09f8912557b0a7c53fea002cc24b4d6058d852da53811e414
39ea310e86ee5d4b745f48121268b8848ebbc92d2b9a1a791c36c7a03512b101
3c3a0321547809818914bf6666db8a6b4f882b487d3e08e334566d25d5d38e55
3c467c5fed64c717fe989cd27cff058b631f3c65d041298dfa4b4aa6e07085ef
3da48afbe47fc124def22b7f1998aaf96a0d8d5d5652232fdd545cd550135794
3ebd8314d52c7d3d64595d6d42e5039e6877a838fa0746eeda69d5382ee83496
3f8902b2ef1529cf29e51f884b2e620fe744652af24117c51bbd8e328af4059d
47a6b8dd5b97516c7442d8e3cb4f88a845288a06195fc2d8bfcb60d29087f3ec
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4b272c6b2d4da51ffa551d8043f4c55d0aa40e64d6a818332dbec7de56dc124d
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d7fef468209aab016b6eeda74904223465bad41cd4fdbc652b4deda86d0667f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
564fbb1b1d49025b23a4d77a8543176cf55d547a4d21b46bed567af3a4f0b85f
5bc836ce81d97e692333649632a2b0544fc250e98234713f0ba57b14c544abf0
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5f0e58e4c8d23cb8d1453aa9d362f102a4676085ab517acfd34aba74f982d3db
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65f4e452b96ef3e5e3a4631d99c63dd7239dcbcb88de679ac74ac30d3d4988cd
6efff8ce63d77eba89e9cc15af6dbccc657068130e89225fc662a0c580cea9b7
7024493525030ecd098ce0dcb2f0aea839373775120b40580028137b1d125ac9
73f7254d9165529ff0900751efcf8322b97f2819bdf3ceeb101e497210150e77
781435863bd553fd2673b10b1dda8faad16ba7f9113560d4a9815615b8ddf5cd
7a2c6856e8437c3183ec517c59fc9724eb82cac59f685970113a7fb15ecd272c
8272ed99c2fe9a7e77a6af842513173821400a3a597748aa888bfcd284de29ab
87cdc9a4af3ce62dc6e491a4a393307f40a3c90bbac8ada4baafff7390775b8c
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7
9528f6e9b65fbf5f3b6c9d546c1f4aed4e43f327fb1646bfc83ebd80be7a6243
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
987107953e9eec851d560f8fd299646f27e25bcc234e76dacb6206121dac9db0
9a61fe6e2743a18f977ac18a2f805735e8dccf115b16dbbbd2e3864ae98d4c33
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bfc7d34cd8bc7df36a984d6f3da50799752e33c48bbf07a4a1ee959b51476d0
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a22f68901d9b1c24d067ee7bc03e726f65efb7da1547a0d5da5ed212dc30a60b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4a1c1fcf9728b691ac7400d08dc2010ebb5a57031c71ef3acee1b93122d2579
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
ab63cfcecd7190094757bc211b69d95a3e9c205b9284b47a2f89a0e53c66f7c8
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b5b7440eb01b4db530c8b12650e39b4a3bfb1b49b7518c76b08bb6e8b8434a2f
b985df1b23c337c5736a60b61762aee46767a86f38d25358e954b6c6a608d0db
ba29faf5efe544ed157bbf56aafd0555a22103b36514708d7fcd196fc361c2f5
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c30fd5981e891534b1af1ad758f5e6964a8aaac24f940763310b5bd235cdebb5
c7e2beb3e760403cfca09c5a419c3371983224c9f91e45077e4b96882069e4b3
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
d47b15f9ceed997958d2926eb66869594d088cbd2e0a9cb1903d8517ed32b86e
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e
dcde3d3ac6821996f4d31f314ab2a97a558cfd359de203015e03660fa08b3902
ded584cb1732a8fe245f1425f7ec13460fe502f5704d46ad1d8598049b76d7ae
df7cd538898ed073e25faf264ffeed8b5e1b62f6a6217b0b317c9b7fb5daab0a
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e5e5c85497f1eacdeecc3bf982cb75bf5a4535906157e1896cb0044c4144e577
edf297b6b68e2f6f35e31793aaa4efe7786f7658039718249f5c0f43ae78cd67
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3c935cd389da1c520983bc6bd066db9040e370bf8e996b07a9b248e042e8530
f5f64b070f20b7a39cad82a8faec57e66049cafbc1fdf15e3db28f84b4292ec9
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
fcff2aef4ff8749540ffa43ccd0c7814fec118268e19c2a36407701e371ae91c

scanurl.net Open in urlscan Pro 104.193.110.123 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

135 Requests

96 %HTTPS

0 %IPv6

27 Domains

36 Subdomains

29 IPs

5 Countries

2007 kBTransfer

4129 kBSize

22 Cookies

5 Outgoing links

Redirected requests

135 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

scanurl.net Open in urlscan Pro
104.193.110.123 Public Scan

Screenshot
Live screenshot

Full Image

135
Requests

96 %
HTTPS

0 %
IPv6

27
Domains

36
Subdomains

29
IPs

5
Countries

2007 kB
Transfer

4129 kB
Size

22
Cookies

135 HTTP transactions
4 data transactions