en.firstgooal.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.cepba.com/wp-content/maintenance/THH/lognet1.php
Effective URL:
https://en.firstgooal.com/6975/survey-showing-collapse-luna-affected-investor-perception
Submission: On December 20 via manual (December 20th 2022, 4:56:44 am UTC) from IN — Scanned from DE

Summary HTTP 141 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 28 IPs in 6 countries across 28 domains to perform 141 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is en.firstgooal.com. The Cisco Umbrella rank of the primary domain is 918715.
TLS certificate: Issued by E1 on October 30th 2022. Valid for: 3 months.

This is the only time en.firstgooal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	200.68.105.151 200.68.105.151	16814 (NSS S.A.) (NSS S.A.)
1	142.11.214.173 142.11.214.173	54290 (HOSTWINDS) (HOSTWINDS)
2 4	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
13	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
30	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
12	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
2 6	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:ef75:8280:f209:5ba1	16509 (AMAZON-02) (AMAZON-02)
1 1	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	2a05:d018:d29... 2a05:d018:d29:3605:34b4:e687:cbf8:5ec7	16509 (AMAZON-02) (AMAZON-02)
2 2	63.33.20.36 63.33.20.36	16509 (AMAZON-02) (AMAZON-02)
1	185.86.137.108 185.86.137.108	201081 (SMARTADSE...) (SMARTADSERVER)
1 2	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
1	2606:4700:20:... 2606:4700:20::681a:61b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 4	172.217.18.6 172.217.18.6	15169 (GOOGLE) (GOOGLE)
4 4	84.200.5.215 84.200.5.215	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	88.99.63.132 88.99.63.132	24940 (HETZNER-AS) (HETZNER-AS)
1	46.4.41.145 46.4.41.145	24940 (HETZNER-AS) (HETZNER-AS)
1 1	184.24.12.207 184.24.12.207	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6812:7e05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
141	28

2 200.68.105.151 (Buenos Aires, Argentina) 1 redirects

ASN16814 (NSS S.A., AR)
PTR: ns151.dnsarg.com

www.cepba.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.11.214.173 (United States)

ASN54290 (HOSTWINDS, US)
PTR: ecdcville.com

bit-ly.mobi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

en.firstgooal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.66 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.241 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:34b4:e687:cbf8:5ec7 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.33.20.36 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-20-36.eu-west-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.108 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.9.251 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:61b (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.18.6 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 84.200.5.215 (Germany) 4 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

www.telefonica-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lead-alliance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.99.63.132 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads3.sunbonet.de

partner.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.4.41.145 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads2.sunbonet.de

partner.blau.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.24.12.207 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-24-12-207.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:7e05 (United States)

ASN13335 (CLOUDFLARENET, US)

www.conrad.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 tpc.googlesyndication.com — Cisco Umbrella Rank: 139	576 KB
28	doubleclick.net 6 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 cm.g.doubleclick.net — Cisco Umbrella Rank: 208 ad.doubleclick.net — Cisco Umbrella Rank: 161	192 KB
14	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 28664 ad4m.at — Cisco Umbrella Rank: 9760 assets.ad4m.at — Cisco Umbrella Rank: 37651	378 KB
14	gstatic.com www.gstatic.com fonts.gstatic.com	182 KB
13	firstgooal.com en.firstgooal.com — Cisco Umbrella Rank: 918715	88 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 188	280 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37	5 KB
6	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 72	3 KB
2	lead-alliance.net 2 redirects www.lead-alliance.net — Cisco Umbrella Rank: 71689	732 B
2	telefonica-partner.de 2 redirects www.telefonica-partner.de — Cisco Umbrella Rank: 73979	512 B
2	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 690	493 B
2	360yield.com 2 redirects match.360yield.com — Cisco Umbrella Rank: 2234	794 B
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 710 r.turn.com — Cisco Umbrella Rank: 3099	869 B
2	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 89292 static-de.ad4mat.net — Cisco Umbrella Rank: 126078	4 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29	20 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8549	914 B
2	cepba.com 1 redirects www.cepba.com	1 KB
1	conrad.de www.conrad.de — Cisco Umbrella Rank: 59744	638 B
1	awin1.com 1 redirects www.awin1.com — Cisco Umbrella Rank: 14058	694 B
1	blau.de partner.blau.de — Cisco Umbrella Rank: 90883	1 KB
1	o2online.de partner.o2online.de — Cisco Umbrella Rank: 81505	1 KB
1	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 761	75 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 408	714 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 434	865 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 639	463 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 830	696 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 51	43 KB
1	bit-ly.mobi bit-ly.mobi	369 B
141	28

	Domain	Requested by
30	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
18	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net www.cepba.com
15	pagead2.googlesyndication.com	en.firstgooal.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.cepba.com www.googletagservices.com tpc.googlesyndication.com
13	en.firstgooal.com	www.google.com en.firstgooal.com
9	www.gstatic.com	googleads.g.doubleclick.net
6	assets.ad4m.at	as.ad4m.at
6	cm.g.doubleclick.net	2 redirects googleads.g.doubleclick.net
6	www.googletagservices.com	googleads.g.doubleclick.net
6	fonts.googleapis.com	googleads.g.doubleclick.net
5	fonts.gstatic.com	fonts.googleapis.com
4	ad.doubleclick.net	4 redirects
4	ad4m.at	as.ad4m.at ad4m.at
4	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
4	www.google.com	2 redirects bit-ly.mobi tpc.googlesyndication.com
2	www.lead-alliance.net	2 redirects
2	www.telefonica-partner.de	2 redirects
2	onetag-sys.com	1 redirects googleads.g.doubleclick.net
2	match.360yield.com	2 redirects
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.cepba.com	1 redirects
1	www.conrad.de	as.ad4m.at
1	www.awin1.com	1 redirects
1	partner.blau.de	as.ad4m.at
1	partner.o2online.de	as.ad4m.at
1	static-de.ad4mat.net	as.ad4m.at
1	ssbsync.smartadserver.com	googleads.g.doubleclick.net
1	pr-bh.ybp.yahoo.com	1 redirects
1	sync.mathtag.com	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	r.turn.com	googleads.g.doubleclick.net
1	ad.turn.com	1 redirects
1	prod-rtb.ad4mat.net	www.cepba.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googletagmanager.com	en.firstgooal.com
1	bit-ly.mobi	www.cepba.com
141	37

This site contains links to these domains. Also see Links.

Domain
www.q2amarket.com
www.question2answer.org

Subject Issuer	Validity	Valid
mail.cepba.com R3	`2022-11-09` - `2023-02-07`	3 months	crt.sh
bit-ly.mobi cPanel, Inc. Certification Authority	`2022-12-10` - `2023-03-10`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.firstgooal.com E1	`2022-10-30` - `2023-01-28`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2022-12-13` - `2023-03-13`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-07` - `2023-06-06`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh

This page contains 25 frames:

Primary Page: https://en.firstgooal.com/6975/survey-showing-collapse-luna-affected-investor-perception
Frame ID: 56582B7BCDFA60BD8A4F81E82A99A04C
Requests: 30 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html
Frame ID: 3B675E644C70811469B36E764F53EA35
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5119020707824427&output=html&adk=1812271804&adf=3025194257&lmt=1671512199&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=260x945_l%7C260x945_r&format=0x0&url=https%3A%2F%2Fen.firstgooal.com%2F6975%2Fsurvey-showing-collapse-luna-affected-investor-perception&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671512199335&bpp=4&bdt=113&idt=97&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8728161850638&frm=20&pv=2&ga_vid=1165645210.1671512199&ga_sid=1671512199&ga_hid=696330815&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777508%2C31071220%2C44780792&oid=2&pvsid=1580426415818966&tmod=1200627025&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=117
Frame ID: D530A7FDFB2AD173B616E12FFAE67F58
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5119020707824427&output=html&h=640&slotname=9060055302&adk=1951229012&adf=3674521187&pi=t.ma~as.9060055302&w=320&lmt=1671512199&format=320x640&url=https%3A%2F%2Fen.firstgooal.com%2F6975%2Fsurvey-showing-collapse-luna-affected-investor-perception&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671512199339&bpp=1&bdt=118&idt=119&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8728161850638&frm=20&pv=1&ga_vid=1165645210.1671512199&ga_sid=1671512199&ga_hid=696330815&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777508%2C31071220%2C44780792&oid=2&pvsid=1580426415818966&tmod=1200627025&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CfnEr%7C&abl=NF&pfx=0&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&xpc=hkRqNhFFqz&p=https%3A//en.firstgooal.com&dtd=126
Frame ID: CED65CCCE67755F59AA6BC7F5E81DDD1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5119020707824427&output=html&h=280&slotname=4169856551&adk=3602340273&adf=1528403788&pi=t.ma~as.4169856551&w=748&fwrn=4&fwrnh=100&lmt=1671512199&rafmt=1&format=748x280&url=https%3A%2F%2Fen.firstgooal.com%2F6975%2Fsurvey-showing-collapse-luna-affected-investor-perception&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671512199340&bpp=1&bdt=119&idt=127&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=8728161850638&frm=20&pv=1&ga_vid=1165645210.1671512199&ga_sid=1671512199&ga_hid=696330815&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=179&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777508%2C31071220%2C44780792&oid=2&pvsid=1580426415818966&tmod=1200627025&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=rhgFHHZBR3&p=https%3A//en.firstgooal.com&dtd=129
Frame ID: 2E26595CD4DCEB6E9B158282B02BC3F3
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5119020707824427&output=html&h=280&slotname=4169856551&adk=155653510&adf=318908456&pi=t.ma~as.4169856551&w=708&fwrn=4&fwrnh=100&lmt=1671512199&rafmt=1&format=708x280&url=https%3A%2F%2Fen.firstgooal.com%2F6975%2Fsurvey-showing-collapse-luna-affected-investor-perception&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671512199341&bpp=1&bdt=119&idt=131&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280&nras=1&correlator=8728161850638&frm=20&pv=1&ga_vid=1165645210.1671512199&ga_sid=1671512199&ga_hid=696330815&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=318&ady=1727&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777508%2C31071220%2C44780792&oid=2&pvsid=1580426415818966&tmod=1200627025&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=2MLGlznIDj&p=https%3A//en.firstgooal.com&dtd=134
Frame ID: 5EA1198A7F0DEFD8FC1FE51DCA052016
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5119020707824427&output=html&h=280&slotname=4169856551&adk=111264467&adf=1056458448&pi=t.ma~as.4169856551&w=1004&fwrn=4&fwrnh=100&lmt=1671512199&rafmt=1&format=1004x280&url=https%3A%2F%2Fen.firstgooal.com%2F6975%2Fsurvey-showing-collapse-luna-affected-investor-perception&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671512199373&bpp=6&bdt=152&idt=108&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280%2C708x280&nras=1&correlator=8728161850638&frm=20&pv=1&ga_vid=1165645210.1671512199&ga_sid=1671512199&ga_hid=696330815&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=2906&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777508%2C31071220%2C44780792&oid=2&pvsid=1580426415818966&tmod=1200627025&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=K0yg0wfyBx&p=https%3A//en.firstgooal.com&dtd=109
Frame ID: 6F0849F706D74DD9BD963F88B64EA81B
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
Frame ID: E9D937D3ECCA187CF99E042CC2D2C88A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
Frame ID: 72868B7EE06C00D25D305577E5BC9965
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
Frame ID: F71305DA050EAA098A8704172FDCD5F3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5119020707824427&output=html&h=90&adk=786118409&adf=1588159632&pi=t.aa~a.2977023874~rp.4&w=1004&fwrn=4&fwrnh=100&lmt=1671512200&rafmt=1&to=qs&pwprc=3341669447&format=1004x90&url=https%3A%2F%2Fen.firstgooal.com%2F6975%2Fsurvey-showing-collapse-luna-affected-investor-perception&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671512200532&bpp=1&bdt=1311&idt=1&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9b3a3e9d3ee1a715-22966f412fda00a6%3AT%3D1671512199%3ART%3D1671512199%3AS%3DALNI_MYkRV7qcrLN0KIpCzx16LYXnfz_FQ&gpic=UID%3D00000b9564a08187%3AT%3D1671512199%3ART%3D1671512199%3AS%3DALNI_MaguXuVhQsI51f9Y8ig-QHIX0voYQ&prev_fmts=0x0%2C320x640%2C748x280%2C708x280%2C1004x280&nras=2&correlator=8728161850638&frm=20&pv=1&ga_vid=1165645210.1671512199&ga_sid=1671512199&ga_hid=696330815&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=2358&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777508%2C31071220%2C44780792&oid=2&psts=ACgb8tuSX-ajBRuPre5R9G_SMAvQoMCUBQUV9R_NYTREDR94N9bdOTjOWXxnSJH-UbGMOUamb0igExowHa2_Kuk%2CACgb8tt0GNvVHUIXEg7nGncHfAxkT7f8EvQYZerF9Vjqu3B6sfMoMSPoePS3JLsXemMG339NhYui90IMw8t43XqBFw%2CACgb8tuvNP6MWiJUFi2CZKmjg81a8Z5AQAUpYbKrLYODLi3U3-7GfdMqTBv0htt6r4km-DnH9TJPbeuIc8e-mleNog&pvsid=1580426415818966&tmod=1200627025&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=5PkCTf9Ehw&p=https%3A//en.firstgooal.com&dtd=6
Frame ID: 40E6900E74277EE5C8EEABD02FD0423C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Frame ID: 5339D98AEE5E805B7EC9F37B30DFE7A2
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Frame ID: 1D121FAD817D13F37B6AB61C57D8866D
Requests: 13 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 95AC4C32BB882A42292ACA6FDD9C3CC6
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: F9105649307791D07D64EBA69324C79A
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: CC42226874F8EB7437C1632F9F872D5B
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
Frame ID: AC7B33BD004987A57F68F31590D86059
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CVQLYiEChY5mYItKqrASI5JyIApDhgYRctqjCivACwI23ARABIABglYKAgLgHggEXY2EtcHViLTUxMTkwMjA3MDc4MjQ0MjfIAQmpAgwSLhYHzLE-qAMBqgSkAk_QrF0wD0YKpqSqwXYda9uPodELZDjnttqZx51s9ZKSoMlsHYJG9FukbdXig6pa9TykBEHiCch2Lw5V4KBB-XMgFauUU9nw4HYecCLqW4viQRG6CvMRLIIT8BOBvjklCQddqFMrz8z_j8dKNoy8xyHcpB_buEB7ajc9m_xgp8Q2PwPsLx_How1oaKlpsUMvCsv_oDVHrDAhF_HrS06geuLAIAX5YbdaEKWbG8eOaJPD0yC7DP-o6-OkoCN0EnwanVVDwmi9Qsws1z8klywz7-Fur6WcZxGWMHCt8rMBAkqwwDI2sPn_Qv6bHWBcQNohIQ4Sy7Seab6PgwGsiG97L-5yHZoLIS2AEW-btf0G9YZQdFDt5d6DEN3JwgOOcQ-8WN2_zumABqPh6Ov57OTX9wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTUxMTkwMjA3MDc4MjQ0MjcYAA&sigh=0MAwmcl_Fds&uach_m=[UACH]&cid=CAQSPADq26N9IiD-nYxdqR3y_aDtH2QntpAQS9ODHP8YyfoLcCKfh36mzOUYHMYwWYMWu1e_BJR-EXbI3I4KHRgBIBM
Frame ID: 069BB3D5EDB0E45BA27068C257334FAC
Requests: 6 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1kad5gyybqw0nj4pqp4a1srcgrfdab6e4zfqq25qj54gw724mh30a4vnznm0wgvpb5j5dx32xgydm3hf4n7s90fxr0wp5mk9tv3xr6mx5yx75kkkfymhge2r0js6m53eb53h6m9wk3y9w71m1fw5fwedx2waw6t230k8vj361vz4pmf4bwjz61vd4ey5nf8dsq0zd0zx8pf6ycsd6javbzwtvavttv37tj6cf5mqa9nt9zqc2q3mb8gvf75ff93fhdq1cev2bc7718ff88hy41kekfzzvm7pyn4em6j9wdpmfpxmxyhhgzh18zjj6avdwxxtxwzmhhfcpqh85qed54rejbyf09ywenc45gxa3hs733mqsecbgr97y69qgskf4wp1e5jy3zpgykxs60qpetd8zq1rt4eb7n1xm93awvdd358sjsy0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTXRCiEChY5mYItKqrASI5JyIApDhgYRctqjCivACwI23ARABIABglYKAgLgHggEXY2EtcHViLTUxMTkwMjA3MDc4MjQ0MjfIAQmpAgwSLhYHzLE-qAMBqgSnAk_QrF0wD0YKpqSqwXYda9uPodELZDjnttqZx51s9ZKSoMlsHYJG9FukbdXig6pa9TykBEHiCch2Lw5V4KBB-XMgFauUU9nw4HYecCLqW4viQRG6CvMRLIIT8BOBvjklCQddqFMrz8z_j8dKNoy8xyHcpB_buEB7ajc9m_xgp8Q2PwPsLx_How1oaKlpsUMvCsv_oDVHrDAhF_HrS06geuLAIAX5YbdaEKWbG8eOaJPD0yC7DP-o6-OkoCN0EnwanVVDwmi9Qsws1z8klywz7-Fur6WcZxGWMHCt8rMBAkqwwDI2sPn_Qv6bHWBcQNohIQ4Sy7Seab6PgwGsiG97bexTj03ypm1IlicNb7SUB79Efv3ny8ZekB-AUPsabyOkjQEgjiE8fXaABqPh6Ov57OTX9wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1MIJ7xgRRuT7nAZDn4sItrHN6Q-Q%26client%3Dca-pub-5119020707824427%26adurl%3D
Frame ID: 41878F3C880DD462282AEE49F646883D
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 07205F39711DD926BD22A733276A5620
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
Frame ID: 4227FC924F99CF92FC56BD8A32F01BCE
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: A85744E5984F6BEEECE622B768569E57
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=192347%2C19491%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=728&d=90&e=&g=310bca33e790d4db034fa9bfe704e23c%2F15690049265862926546&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671512201277&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g1pnny7rkh47cn3157rvygjs8nsrpq5eb64fa50rybmtt57g1rqedfe52j2tz4w6tg97t2nkqjdr1b6atfgxkdh2c1x1g1v656x2kxq42fwkpb1qxenby1bdx7fva39ysqkafp79b5sr592g2zh75zbn4kevh19nkcr20wjqqbhh45b58w400mb4smhv873qae0fe21nd56g5t1aa0xx076gaxvy3kv9td4knxt8h90pb2mg9k60ehb25kqydzvr4a59tva324gt22s10j0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCTXRCiEChY5mYItKqrASI5JyIApDhgYRctqjCivACwI23ARABIABglYKAgLgHggEXY2EtcHViLTUxMTkwMjA3MDc4MjQ0MjfIAQmpAgwSLhYHzLE-qAMBqgSnAk_QrF0wD0YKpqSqwXYda9uPodELZDjnttqZx51s9ZKSoMlsHYJG9FukbdXig6pa9TykBEHiCch2Lw5V4KBB-XMgFauUU9nw4HYecCLqW4viQRG6CvMRLIIT8BOBvjklCQddqFMrz8z_j8dKNoy8xyHcpB_buEB7ajc9m_xgp8Q2PwPsLx_How1oaKlpsUMvCsv_oDVHrDAhF_HrS06geuLAIAX5YbdaEKWbG8eOaJPD0yC7DP-o6-OkoCN0EnwanVVDwmi9Qsws1z8klywz7-Fur6WcZxGWMHCt8rMBAkqwwDI2sPn_Qv6bHWBcQNohIQ4Sy7Seab6PgwGsiG97bexTj03ypm1IlicNb7SUB79Efv3ny8ZekB-AUPsabyOkjQEgjiE8fXaABqPh6Ov57OTX9wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1MIJ7xgRRuT7nAZDn4sItrHN6Q-Q%2526client%253Dca-pub-5119020707824427%2526adurl%253D&y=1&s=&z=0
Frame ID: ED8DC6A3C41531AAA2EFBDF97A3F1E0E
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 75274AB8F27FF77C17338C8FDBB84E3E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4954128A5DDCFE425DAFC633609B32C3
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Survey showing how the collapse of FTX and LUNA affected investor perception? - Firstgooal Q&A

Page URL History Show full URLs

https://www.cepba.com/wp-content/maintenance/THH/lognet1.php HTTP 302
https://www.cepba.com/wp-content/maintenance/THH/waybill.php?email= Page URL
https://bit-ly.mobi/63H5U Page URL
https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwi23vmBhP77... Page URL
https://en.firstgooal.com/6975/survey-showing-collapse-luna-affected-investor-perception Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

141
Requests

94 %
HTTPS

64 %
IPv6

28
Domains

37
Subdomains

28
IPs

6
Countries

1778 kB
Transfer

4129 kB
Size

31
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://www.q2amarket.com/
Title: Q2A Market

Search URL Search Domain Scan URL

URL: http://www.question2answer.org/
Title: Question2Answer

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.cepba.com/wp-content/maintenance/THH/lognet1.php HTTP 302
https://www.cepba.com/wp-content/maintenance/THH/waybill.php?email= Page URL
https://bit-ly.mobi/63H5U Page URL
https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwi23vmBhP77AhWShP0HHYuSC8sQFnoECBAQAQ&url=https%3A%2F%2Fen.firstgooal.com%2F6975%2Fsurvey-showing-collapse-luna-affected-investor-perception&usg=AOvVaw2UGmYwARLsWBUDQlKz8hSq Page URL
https://en.firstgooal.com/6975/survey-showing-collapse-luna-affected-investor-perception Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://www.cepba.com/wp-content/maintenance/THH/lognet1.php HTTP 302
https://www.cepba.com/wp-content/maintenance/THH/waybill.php?email=

Request Chain 104

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 105

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 116

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEBpB8Brvm93fexKoQE-bI_g&google_cver=1&google_push=AavPq0P4u2mhRO-FriA2YAyDdVyhfUizJi1sG85qieWeIAQXGh3r60Fkl0B6eHY6d2XLCwvNm9gNCIT4QHsP-bez0422wzpicgIYmhnt HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mzk3Njk3MDQxNzM3Nzk5NTQzNQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBpB8Brvm93fexKoQE-bI_g&google_cver=1

Request Chain 118

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESED3Msgdhz_R4rbbK8_faenE&google_cver=1&google_push=AavPq0N84SN2emPcdpamjEkj8JRqHFJh3DV6S_zP0-3BxteKjlvsQO31DiBdasvyn4ElaWGsZ4TRsv9ro9k_HCTVYifkf2DUxQRPYD56 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AavPq0N84SN2emPcdpamjEkj8JRqHFJh3DV6S_zP0-3BxteKjlvsQO31DiBdasvyn4ElaWGsZ4TRsv9ro9k_HCTVYifkf2DUxQRPYD56

Request Chain 119

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPEODb3zr8MSLw4GA3eq9C0&google_cver=1&google_push=AavPq0OFT8Rv4kzfhqPx2imYY6ZiosEuHYYL-AeEtl7aj8LB5JbQahMvynGYZ-dQAot6LrAiPmFBdwlpCtmdudzwlE8p1Y064AfiPW0r HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0OFT8Rv4kzfhqPx2imYY6ZiosEuHYYL-AeEtl7aj8LB5JbQahMvynGYZ-dQAot6LrAiPmFBdwlpCtmdudzwlE8p1Y064AfiPW0r&google_hm=eS1PcjY4Y0JoRTJwRjlZZjFRN0c3bGhKM2FnVUR2WmZ4dX5B

Request Chain 120

https://match.360yield.com/match/ebda?google_gid=CAESEKrhZ3fnVhKPAdqR3F3u-4c&google_cver=1&google_push=AavPq0Ns6ALhH5UMI4uwtQJv6U98Lvnf4YG6d1C2WGJpqjcDLq1QLPQ3DknajCyxIj7uiUPt4TAdk8lTS-h0GDeUeXu5yhmhn1TBm_1x HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEKrhZ3fnVhKPAdqR3F3u-4c&google_cver=1&google_push=AavPq0Ns6ALhH5UMI4uwtQJv6U98Lvnf4YG6d1C2WGJpqjcDLq1QLPQ3DknajCyxIj7uiUPt4TAdk8lTS-h0GDeUeXu5yhmhn1TBm_1x HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=jrhG2R_wRM6-EOCZ7jJkgw&google_push=AavPq0Ns6ALhH5UMI4uwtQJv6U98Lvnf4YG6d1C2WGJpqjcDLq1QLPQ3DknajCyxIj7uiUPt4TAdk8lTS-h0GDeUeXu5yhmhn1TBm_1x

Request Chain 122

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEKKHn_PpCV9-V-qeP4D7PHI&google_cver=1&google_push=AavPq0OWAjEt8Jiy7gZqIYpVKTdUy2Pv7ztmX6qyl0iBRkkr_o584WlSO1s2CosKPZ-IW7LaZV8Z0t7zrs_YmA8KUPuaU7AM8nWHYDPXVA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0OWAjEt8Jiy7gZqIYpVKTdUy2Pv7ztmX6qyl0iBRkkr_o584WlSO1s2CosKPZ-IW7LaZV8Z0t7zrs_YmA8KUPuaU7AM8nWHYDPXVA HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 134

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3Dviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CMTggZi0h_wCFYSF_Qcd7ywCRw;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3Dviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=viewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=viewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2022122005564179666418953X117703V1226132702MSviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0&spid=2022122005564179666418953X117703V1226132702MSviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&wfid=117703&partnerid=12218

Request Chain 137

https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D113752V1225131106M%26subid%3DviewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CMXlgZi0h_wCFYeZdwodHTwF9A;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D113752V1225131106M%26subid%3DviewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=viewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=viewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2022122005564179666418957X113752V1225131106MSviewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0

Request Chain 140

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtVoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.conrad.de/ztpv.php?awc=11354_412871_1671512201_b1861030-8022-11ed-bfbc-22342ff4a6f7&insert=AW&&gdpr=0&gdpr_consent=

141 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

waybill.php
www.cepba.com/wp-content/maintenance/THH/
Redirect Chain

https://www.cepba.com/wp-content/maintenance/THH/lognet1.php
https://www.cepba.com/wp-content/maintenance/THH/waybill.php?email=

696 B
902 B

254ms
254ms

Document
text/html

200.68.105.151
NSS S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cepba.com/wp-content/maintenance/THH/waybill.php?email=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 200.68.105.151 Buenos Aires, Argentina, ASN16814 (NSS S.A., AR),
Reverse DNS: ns151.dnsarg.com
Software: Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Tue, 20 Dec 2022 04:56:37 GMT
Keep-Alive: timeout=5, max=9
Server: Apache
Transfer-Encoding: chunked

Redirect headers

Connection: Keep-Alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Tue, 20 Dec 2022 04:56:36 GMT
Keep-Alive: timeout=5, max=10
Location: waybill.php?email=
Server: Apache

GET
H2 200 63H5U
bit-ly.mobi/ 607 B
369 B 835ms
141ms Document
text/html 142.11.214.173
HOSTWINDS

General

Check archive.org

Show headers Download Go to

Full URL: https://bit-ly.mobi/63H5U
Requested by: Host: www.cepba.com
URL: https://www.cepba.com/wp-content/maintenance/THH/waybill.php?email=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 142.11.214.173 , United States, ASN54290 (HOSTWINDS, US),
Reverse DNS: ecdcville.com
Software: Apache / PHP/7.4.33
Resource Hash

Request headers

Referer: https://www.cepba.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: br
content-length: 253
content-type: text/html; charset=UTF-8
date: Tue, 20 Dec 2022 04:56:38 GMT
server: Apache
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H2 200 url
www.google.com/ 1 KB
2 KB 64ms
39ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwi23vmBhP77AhWShP0HHYuSC8sQFnoECBAQAQ&url=https%3A%2F%2Fen.firstgooal.com%2F6975%2Fsurvey-showing-collapse-luna-affected-investor-perception&usg=AOvVaw2UGmYwARLsWBUDQlKz8hSq

Requested by

Host: bit-ly.mobi
URL: https://bit-ly.mobi/63H5U

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	0

Request headers

Referer: https://bit-ly.mobi/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-Full-Version Sec-CH-UA-Arch Sec-CH-UA-Model Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-WoW64
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bfcache-opt-in: unload
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 503
content-type: text/html; charset=UTF-8
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="gws"
date: Tue, 20 Dec 2022 04:56:38 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
origin-trial: AqRrpS1jM/HOs1rGR0CnXerKEP/QFz7qj9ApDSZqAO+0U+KcT/h/lxA6akW4ar0kT0V1bw5MD4t8O7L7OFwM5gUAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY3ODIzMzU5OX0=
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: unload=()
pragma: no-cache
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
server: gws
strict-transport-security: max-age=31536000
x-xss-protection: 0

GET
H2 200 Primary Request survey-showing-collapse-luna-affected-investor-perception Show response
en.firstgooal.com/6975/ 29 KB
6 KB 430ms
398ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://en.firstgooal.com/6975/survey-showing-collapse-luna-affected-investor-perception
Requested by: Host: www.google.com
URL: https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwi23vmBhP77AhWShP0HHYuSC8sQFnoECBAQAQ&url=https%3A%2F%2Fen.firstgooal.com%2F6975%2Fsurvey-showing-collapse-luna-affected-investor-perception&usg=AOvVaw2UGmYwARLsWBUDQlKz8hSq
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc1911cb5784c8f52e1d4625bf827e07359236eb5d87b1d921efb9a29c5a7b35

Request headers

Referer: https://www.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 77c5caeaaa619b34-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 20 Dec 2022 04:56:39 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cb6dS8EACQNsdrf0ljgfYwfy0ChBQEGDBIFeqyHgtg3WW7s3r070wqbuRD9QDYy4R453xGsp6E24w5cAvkh3ghguk0SSNhyz4zJ7Npy%2BXi%2FW7ItJrycosMsFVWkiLDqJUo8zj7kLECfys%2FvxpEkQxw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 qa-styles.css
en.firstgooal.com/qa-theme/SnowFlat/ 70 KB
13 KB 21ms
20ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://en.firstgooal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Requested by: Host: en.firstgooal.com
URL: https://en.firstgooal.com/6975/survey-showing-collapse-luna-affected-investor-perception
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b813b0dc2bc80e9bfd7a8e0c604ae81d21e375e3a01f6e183804f9d3e97f0f17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://en.firstgooal.com/6975/survey-showing-collapse-luna-affected-investor-perception
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:56:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 25 Nov 2022 13:03:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4523
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ezQ98LG6Ukr%2BBcx%2Bw9kXnrcCwc75huSbPFxxEsULH6hNhI3bQdnjFndclonSCwrxJ4%2BYdH7L4rvct5PwXrAk9dPy73pGfcnZRZt0Csn%2B09mbEhVgExlqrsx8ZLJTTZcsHdqMvsGEv2ta74%2BLyaZLdA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 77c5caed2dc79b34-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery-3.5.1.min.js Show response
en.firstgooal.com/qa-content/ 87 KB
31 KB 22ms
21ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://en.firstgooal.com/qa-content/jquery-3.5.1.min.js
Requested by: Host: en.firstgooal.com
URL: https://en.firstgooal.com/6975/survey-showing-collapse-luna-affected-investor-perception
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://en.firstgooal.com/6975/survey-showing-collapse-luna-affected-investor-perception
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:56:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 25 Nov 2022 13:03:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6815
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GmBebzkt2c2522y8AEr4PeVTIKOJbUM3UJHC2eNLKoyrMWH7Xd0Yin7YPmmblajxA9CPrPHZ0pZT%2BlDWSCcGXlLEfTPR%2BHiyF0jj9%2BEjg67%2Fe%2Ba0QppEF15w5%2BVSq0s41qeBe2nZzv3%2FNPWnO%2BYhRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 77c5caed2dcb9b34-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 qa-global.js Show response
en.firstgooal.com/qa-content/ 20 KB
5 KB 27ms
27ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://en.firstgooal.com/qa-content/qa-global.js?1.8.6
Requested by: Host: en.firstgooal.com
URL: https://en.firstgooal.com/6975/survey-showing-collapse-luna-affected-investor-perception
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b79950172d0e6c3091a44a69d615ee5711f57bb59e202b2a383d48e4ca2a4ce3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://en.firstgooal.com/6975/survey-showing-collapse-luna-affected-investor-perception
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:56:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 25 Nov 2022 13:03:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6815
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sSrmPglNFBSxL3Au8v5YE5u%2BaNyayTQBborrqzYTTtPex9PxaACz8KeWwgvH7jUDrHcRtiOK5hZR3Z8G5IynUHZJOQgSCC5B%2Fn7CKnUaJcIFbsZbsJnAcyU8ZQCsxk6BdRu7D3y6gigKy5KSf6rmNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 77c5caed2dcd9b34-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 snow-core.js Show response
en.firstgooal.com/qa-theme/SnowFlat/js/ 2 KB
1 KB 19ms
18ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://en.firstgooal.com/qa-theme/SnowFlat/js/snow-core.js?1.8.6
Requested by: Host: en.firstgooal.com
URL: https://en.firstgooal.com/6975/survey-showing-collapse-luna-affected-investor-perception
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5eecfa645aee35cb0c6820e187451ab14a9df51283635a2117d7ba866a6a74aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://en.firstgooal.com/6975/survey-showing-collapse-luna-affected-investor-perception
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:56:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 25 Nov 2022 13:03:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6815
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hH3wKa%2BKFTXHoiLVSoLiTr7qAkd5zUSSdfjxyZaD%2B64vGE1AotmCom2vQCzQn8UKvMwzLK%2BVeVu2P1eFmmaOTOfTO1NhO9Fn08ypCIfXfj%2B4sN7BqVSQx6lTRt6A7JBR6wePrXy5Ane2AXE%2BCko4Ew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 77c5caed2dce9b34-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
49 KB 54ms
30ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5119020707824427

Requested by

Host: en.firstgooal.com
URL: https://en.firstgooal.com/6975/survey-showing-collapse-luna-affected-investor-perception

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fc33b45263293ec5eabd643002366df8d5df896aeb804f7eafb339edf67c58f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://en.firstgooal.com/
Origin: https://en.firstgooal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:56:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49643
x-xss-protection: 0
server: cafe
etag: 6054689833727168228
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 20 Dec 2022 04:56:39 GMT

GET
H3 200 vote-buttons-3.png
en.firstgooal.com/qa-theme/SnowFlat/images/ 1 KB
2 KB 14ms
14ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://en.firstgooal.com/qa-theme/SnowFlat/images/vote-buttons-3.png
Requested by: Host: en.firstgooal.com
URL: https://en.firstgooal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4ef3a11367a47a75f7cb4ed6e944472d190c86813cd2ffdb04a32358dc4e799

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://en.firstgooal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:56:39 GMT
cf-cache-status: HIT
last-modified: Fri, 25 Nov 2022 13:03:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3433
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oC6%2BRJjtSSoicxAkP0KTEogq5IhNFosqVSWbHtWYcSqSFDUn38gBI1lYG2FPch9xyNJFUd5BHO8tVGuJiYSS8x1OznfmJ9vhYgbievs%2BeJiAUI4ZvKLTiy%2BROdUBOmkD4VR%2FZlMCGXrN%2FAuUoEZS9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 77c5caed6f3dbbe6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1457

GET
H3 200 fontello.woff
en.firstgooal.com/qa-theme/SnowFlat/fonts/ 7 KB
8 KB 19ms
18ms Font
font/woff 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://en.firstgooal.com/qa-theme/SnowFlat/fonts/fontello.woff?70015067
Requested by: Host: en.firstgooal.com
URL: https://en.firstgooal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7aca9ebef12465aad206aae5351ba575eebe4b5e3f0fb1d99f4f92f1c4f396d

Request headers

Referer: https://en.firstgooal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Origin: https://en.firstgooal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:56:39 GMT
cf-cache-status: HIT
last-modified: Fri, 25 Nov 2022 13:03:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2156
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DJhoFQltp82fzlSK7Om05K2qhyQRR4024XBXDdFvnJscjlbf7zysuGFfyPcsAAqfrYXZhzTkVY4aWjWlqOO%2Bfrv1AXNENsmCfPUoPzYOKNh22%2BTVKTDw5fltkieser0MMOu0X23gx%2F%2F%2FtGTbCE9Z4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 77c5caed6f40bbe6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7200

GET
H3 200 answer-white.png
en.firstgooal.com/qa-theme/SnowFlat/images/icons/ 3 KB
3 KB 15ms
14ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://en.firstgooal.com/qa-theme/SnowFlat/images/icons/answer-white.png
Requested by: Host: en.firstgooal.com
URL: https://en.firstgooal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a90fe747bc217c49315c23c1c332bb255d3c5fd46ec85b0218b5f85bbbf6bd0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://en.firstgooal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:56:39 GMT
cf-cache-status: HIT
last-modified: Fri, 25 Nov 2022 13:03:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3857
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HCGRy7I104rJD22fq0N0eksvvk1mwZDyZeylDgce8PZmokVt0QTYGAqxMGT7M8CHq7y8fHvlSknj6Ebb22Om77iMx7ex15GzpFOl%2FyBiDkN3vSrabTmr1ax8FeS2%2BAyWMmAOhROr8uyDKMyfSsE%2FNg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 77c5caed7f4cbbe6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2867

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/ 356 KB
117 KB 63ms
46ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5119020707824427&plah=en.firstgooal.com&bust=31071220

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5119020707824427

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

735b3be23232701a18d29f7f71b6a4438d0ce347329596ff4493693409d80d43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://en.firstgooal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:56:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120012
x-xss-protection: 0
server: cafe
etag: 1900675727660566081
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 20 Dec 2022 04:56:39 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/ Frame 3B67 10 KB
5 KB 31ms
7ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5119020707824427

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://en.firstgooal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 53774
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Dec 2022 14:00:25 GMT
etag: 10353107486223812946
expires: Mon, 02 Jan 2023 14:00:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 answer-select.png
en.firstgooal.com/qa-theme/SnowFlat/images/ 2 KB
2 KB 15ms
15ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://en.firstgooal.com/qa-theme/SnowFlat/images/answer-select.png
Requested by: Host: en.firstgooal.com
URL: https://en.firstgooal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 824de40e353f2eaaf4828f927a03331984b995bf7fc59edc4ff08f9e178822db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://en.firstgooal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:56:39 GMT
cf-cache-status: HIT
last-modified: Fri, 25 Nov 2022 13:03:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3422
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=igeKSHgfROFMvFE3QGTBqmRWeWIcp0gPKSghoIYEku69423wXG4IxQo89WyI%2FidVYymLe3pKn8Sm3AjKdirmIbAvfJJaUdeAOa3iKYmNSy5QSibV6y8233AU%2BWoDU5pXY%2BFP6Vw83opdkiIld%2BZJSw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 77c5caee0858bbe6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1831

GET
H3 200 link-white.png
en.firstgooal.com/qa-theme/SnowFlat/images/icons/ 3 KB
3 KB 19ms
19ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://en.firstgooal.com/qa-theme/SnowFlat/images/icons/link-white.png
Requested by: Host: en.firstgooal.com
URL: https://en.firstgooal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc0267e17f3bd3a2977910d47c34855d4c282e97502e6e1b0d3eb44b8b231405

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://en.firstgooal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:56:39 GMT
cf-cache-status: HIT
last-modified: Fri, 25 Nov 2022 13:03:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3422
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BIk1To6sx3eNJOmuJ%2BtHjaLExe5Tx5V1VAhdTdRl5lM8e15y5ZrrOMnzDuBn5YYVUlvBY9OnitObu3DMy7MMAAktvUkD1CUN3EYYNq8Ajyz5YxupSz1%2BAF80KM1ark6HlpchaGFt7cmXwKfrSDwSYg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 77c5caee0859bbe6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3026

GET
H3 200 comment-white.png
en.firstgooal.com/qa-theme/SnowFlat/images/icons/ 3 KB
3 KB 16ms
15ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://en.firstgooal.com/qa-theme/SnowFlat/images/icons/comment-white.png
Requested by: Host: en.firstgooal.com
URL: https://en.firstgooal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb69d9e0cb830e3add604e60faf8f784835e5f1ba28bb38850ba19784f30911d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://en.firstgooal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:56:39 GMT
cf-cache-status: HIT
last-modified: Fri, 25 Nov 2022 13:03:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3857
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eFHITW807r0WHm4S%2FjsGlhBOLaQKn0wUk3Tm8RXtoHgz%2BrVoeb0ySPU6p6eRq5p6wAOa6YRTdEjaCD5WzovEhHXYyttaHaUC4CyAbuYi%2FG3OlS%2FT8XObBe2P%2Fdf7CaTVc7OoVnOXwisi6gHVPrQq5w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 77c5caee085abbe6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2906

GET
H3 200 search-icon-white.png
en.firstgooal.com/qa-theme/SnowFlat/images/ 1 KB
2 KB 15ms
15ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://en.firstgooal.com/qa-theme/SnowFlat/images/search-icon-white.png
Requested by: Host: en.firstgooal.com
URL: https://en.firstgooal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 075c15c5e5b127cfd89b352a4f8e8d615d0abcc80977022ba45ad2032d26f535

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://en.firstgooal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:56:39 GMT
cf-cache-status: HIT
last-modified: Fri, 25 Nov 2022 13:03:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4444
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pC%2BJVLpRBI3PHro3ZqcNzwZ3OE0e6yD0oHTMHlWBuJm5i1RZeuCeIfMjqIPpuh2VKBHeVwQ7Ey1V5QvuCGTEuBMTgkN6iuVti2KJKrN3umocEdf%2FYWkOvIf7iAnTu34mQosnnVk5z0%2FO7cvzrSEcRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 77c5caee085bbbe6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1412

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 48ms
19ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-62733008-15

Requested by

Host: en.firstgooal.com
URL: https://en.firstgooal.com/6975/survey-showing-collapse-luna-affected-investor-perception

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

65f642d667248f7bbff678b8bdea6f755ddbcd4c1e492e7d6a60c25474f84c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://en.firstgooal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:56:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43635
x-xss-protection: 0
last-modified: Tue, 20 Dec 2022 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 20 Dec 2022 04:56:39 GMT

GET
H3 200 spinner-icon-14x14.gif
en.firstgooal.com/qa-theme/SnowFlat/images/ 8 KB
8 KB 16ms
16ms Image
image/gif 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://en.firstgooal.com/qa-theme/SnowFlat/images/spinner-icon-14x14.gif?1410117644
Requested by: Host: en.firstgooal.com
URL: https://en.firstgooal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07a75636966b34dd8bbafee0ebced659b03bab0e57641e1fa035ca7da0bd39ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://en.firstgooal.com/qa-theme/SnowFlat/qa-styles.css?1.8.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:56:39 GMT
cf-cache-status: HIT
last-modified: Fri, 25 Nov 2022 13:03:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3422
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VXAq5kJYexU0SYUzr1kNzFWaYyHyjMFBXauLEuW6u4RnJEeReUaFU3pJkMc2bLIrGbSKMLmS0%2FSw%2FAYvmtVlUHpMaNBEUKIpdZ70MJOm%2F%2BKynbbrE4CitF3tsUmLE1%2BBOqwQQxKFCSMFObqh2elh7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 77c5caee2878bbe6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7781

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 395 B
696 B 38ms
15ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=en.firstgooal.com&callback=_gfp_s_&client=ca-pub-5119020707824427&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5119020707824427&plah=en.firstgooal.com&bust=31071220

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a90c4dd552003071e2c21de0a1d160a689f6f057423b3db8d601b285bdc2c96d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://en.firstgooal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:56:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 252
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 40ms
16ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=en.firstgooal.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://en.firstgooal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:56:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 39ms
15ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=en.firstgooal.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://en.firstgooal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:56:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D530 264 KB
68 KB 1037ms
1019ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5119020707824427&output=html&adk=1812271804&adf=3025194257&lmt=1671512199&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=260x945_l%7C260x945_r&format=0x0&url=https%3A%2F%2Fen.firstgooal.com%2F6975%2Fsurvey-showing-collapse-luna-affected-investor-perception&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671512199335&bpp=4&bdt=113&idt=97&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8728161850638&frm=20&pv=2&ga_vid=1165645210.1671512199&ga_sid=1671512199&ga_hid=696330815&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777508%2C31071220%2C44780792&oid=2&pvsid=1580426415818966&tmod=1200627025&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=117

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec87b51d7f7c3a8984b9a740be243c15a44d3cec1f2c6c081fcc06d69bee6560

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://en.firstgooal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 69732
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Dec 2022 04:56:40 GMT
expires: Tue, 20 Dec 2022 04:56:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CED6 430 B
230 B 302ms
297ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5119020707824427&output=html&h=640&slotname=9060055302&adk=1951229012&adf=3674521187&pi=t.ma~as.9060055302&w=320&lmt=1671512199&format=320x640&url=https%3A%2F%2Fen.firstgooal.com%2F6975%2Fsurvey-showing-collapse-luna-affected-investor-perception&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671512199339&bpp=1&bdt=118&idt=119&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8728161850638&frm=20&pv=1&ga_vid=1165645210.1671512199&ga_sid=1671512199&ga_hid=696330815&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777508%2C31071220%2C44780792&oid=2&pvsid=1580426415818966&tmod=1200627025&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CfnEr%7C&abl=NF&pfx=0&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&xpc=hkRqNhFFqz&p=https%3A//en.firstgooal.com&dtd=126

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c869eee7c2ce2a353b56673701ed011a859566a2a683127c340131b69fd1268b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://en.firstgooal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 207
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Dec 2022 04:56:39 GMT
expires: Tue, 20 Dec 2022 04:56:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2E26 86 KB
30 KB 544ms
543ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5119020707824427&output=html&h=280&slotname=4169856551&adk=3602340273&adf=1528403788&pi=t.ma~as.4169856551&w=748&fwrn=4&fwrnh=100&lmt=1671512199&rafmt=1&format=748x280&url=https%3A%2F%2Fen.firstgooal.com%2F6975%2Fsurvey-showing-collapse-luna-affected-investor-perception&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671512199340&bpp=1&bdt=119&idt=127&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=8728161850638&frm=20&pv=1&ga_vid=1165645210.1671512199&ga_sid=1671512199&ga_hid=696330815&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=179&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777508%2C31071220%2C44780792&oid=2&pvsid=1580426415818966&tmod=1200627025&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=rhgFHHZBR3&p=https%3A//en.firstgooal.com&dtd=129

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

52208c2b1ba7375b1f96157575b2bf2239e088ed7bcc933775f0c687fcab4863

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://en.firstgooal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 31097
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Dec 2022 04:56:40 GMT
expires: Tue, 20 Dec 2022 04:56:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5EA1 98 KB
33 KB 446ms
446ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5119020707824427&output=html&h=280&slotname=4169856551&adk=155653510&adf=318908456&pi=t.ma~as.4169856551&w=708&fwrn=4&fwrnh=100&lmt=1671512199&rafmt=1&format=708x280&url=https%3A%2F%2Fen.firstgooal.com%2F6975%2Fsurvey-showing-collapse-luna-affected-investor-perception&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671512199341&bpp=1&bdt=119&idt=131&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280&nras=1&correlator=8728161850638&frm=20&pv=1&ga_vid=1165645210.1671512199&ga_sid=1671512199&ga_hid=696330815&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=318&ady=1727&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777508%2C31071220%2C44780792&oid=2&pvsid=1580426415818966&tmod=1200627025&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=2MLGlznIDj&p=https%3A//en.firstgooal.com&dtd=134

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a367f9cf3571ed5286dde52201aa83d0358491ecc24efd875369dabb2241982b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://en.firstgooal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33700
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Dec 2022 04:56:39 GMT
expires: Tue, 20 Dec 2022 04:56:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6F08 97 KB
33 KB 523ms
523ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5119020707824427&output=html&h=280&slotname=4169856551&adk=111264467&adf=1056458448&pi=t.ma~as.4169856551&w=1004&fwrn=4&fwrnh=100&lmt=1671512199&rafmt=1&format=1004x280&url=https%3A%2F%2Fen.firstgooal.com%2F6975%2Fsurvey-showing-collapse-luna-affected-investor-perception&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671512199373&bpp=6&bdt=152&idt=108&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280%2C708x280&nras=1&correlator=8728161850638&frm=20&pv=1&ga_vid=1165645210.1671512199&ga_sid=1671512199&ga_hid=696330815&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=2906&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777508%2C31071220%2C44780792&oid=2&pvsid=1580426415818966&tmod=1200627025&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=K0yg0wfyBx&p=https%3A//en.firstgooal.com&dtd=109

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dd647e25ca1d7387ca88482d32b6526cb86f32b2bcee22f74e900f0dc5f8941d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://en.firstgooal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33474
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Dec 2022 04:56:39 GMT
expires: Tue, 20 Dec 2022 04:56:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 47ms
7ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-62733008-15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://en.firstgooal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 20 Dec 2022 03:24:37 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 5522
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Tue, 20 Dec 2022 05:24:37 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 31ms
15ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=696330815&t=pageview&_s=1&dl=https%3A%2F%2Fen.firstgooal.com%2F6975%2Fsurvey-showing-collapse-luna-affected-investor-perception&dr=https%3A%2F%2Fwww.google.com%2F&ul=en-us&de=UTF-8&dt=Survey%20showing%20how%20the%20collapse%20of%20FTX%20and%20LUNA%20affected%20investor%20perception%3F%20-%20Firstgooal%20Q%26A&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAACAAI~&jid=241991736&gjid=95223122&cid=1165645210.1671512199&tid=UA-62733008-15&_gid=700983501.1671512200&_r=1&gtm=2oubu0&z=565279119

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://en.firstgooal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 04:56:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://en.firstgooal.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 5EA1 8 KB
1 KB 42ms
16ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5119020707824427&output=html&h=280&slotname=4169856551&adk=155653510&adf=318908456&pi=t.ma~as.4169856551&w=708&fwrn=4&fwrnh=100&lmt=1671512199&rafmt=1&format=708x280&url=https%3A%2F%2Fen.firstgooal.com%2F6975%2Fsurvey-showing-collapse-luna-affected-investor-perception&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671512199341&bpp=1&bdt=119&idt=131&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280&nras=1&correlator=8728161850638&frm=20&pv=1&ga_vid=1165645210.1671512199&ga_sid=1671512199&ga_hid=696330815&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=318&ady=1727&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777508%2C31071220%2C44780792&oid=2&pvsid=1580426415818966&tmod=1200627025&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=2MLGlznIDj&p=https%3A//en.firstgooal.com&dtd=134

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 20 Dec 2022 04:56:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 20 Dec 2022 04:39:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 20 Dec 2022 04:56:39 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 5EA1 2 KB
818 B 35ms
10ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 11:39:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62238
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Jan 2023 11:39:21 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 5EA1 23 KB
10 KB 32ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 11:39:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62238
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Jan 2023 11:39:21 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 5EA1 3 KB
1 KB 34ms
14ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 20:02:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32058
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Jan 2023 20:02:21 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 5EA1 18 KB
7 KB 33ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 11:39:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62238
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Jan 2023 11:39:21 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5EA1 153 KB
47 KB 59ms
19ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:56:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 20 Dec 2022 04:56:39 GMT

GET
H2 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame 5EA1 34 KB
14 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:52:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43475
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 19 Mar 2023 16:52:04 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5EA1 0
0 53ms
52ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cpy4oh0ChY9SNHvOHjuwP8Ja0uAybnI_7bYTp8_DTEOq2jPG-ARABIM7I7I4BYJWCgIC4B6ABufqf1APIAQmpAuSln-wSM6I-qAMByAPLBKoEswJP0FCxb7ArblwnOOc8QVWXNhIYyD6XRDnUIjjysrIeMpX_lOb9FSPhde2hxdLwwOAZtAPfisdzb0tGztiI0TcRt0-e5xPEhy7cnclD2p67n-M1k64PHvN4L0nspOBMrkT4mQLZFkFo4jBHN5M3iy2vqt3biEe29a4BpnMUllwQEdNy0ClJyr-14O3jS0lAbmAqY79YDlyezxmmUgOaavsze0MoTTnXy1AydG24NGCTY_3j_BIyvuztZwr_h9J53p7VYR90WHLkJzQLgm-mjVW8M7qJ6_A3WZnxiQausfjT4YxL33d84-a-dRP3UatBlBO4B-wm0yaB1VpWPoJ_tx1J-xpjqEGtZNKl-aQ-b8SaVLi0awJi5C8ze5YjalB4x9wjoBaiW_GMduyZ8We9c7DQFQTkwASwo-GP8gOSBQQIBBgBkgUECAUYBKAGLoAHr4XgK6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEPLFCNIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMM0BUBmBYBgBcBshccChoIABIUcHViLTUxMTkwMjA3MDc4MjQ0MjcYAA&sigh=VTIZ7sF4JCc&uach_m=[UACH]&cid=CAQSGwDq26N9b2NyHFxslC93lMhZ_wj4zGRVPVOnMhgBIBM&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5119020707824427&output=html&h=280&slotname=4169856551&adk=155653510&adf=318908456&pi=t.ma~as.4169856551&w=708&fwrn=4&fwrnh=100&lmt=1671512199&rafmt=1&format=708x280&url=https%3A%2F%2Fen.firstgooal.com%2F6975%2Fsurvey-showing-collapse-luna-affected-investor-perception&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671512199341&bpp=1&bdt=119&idt=131&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280&nras=1&correlator=8728161850638&frm=20&pv=1&ga_vid=1165645210.1671512199&ga_sid=1671512199&ga_hid=696330815&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=318&ady=1727&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777508%2C31071220%2C44780792&oid=2&pvsid=1580426415818966&tmod=1200627025&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEebr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=2MLGlznIDj&p=https%3A//en.firstgooal.com&dtd=134
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 20 Dec 2022 04:56:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 20 Dec 2022 04:56:39 GMT

GET
H2 200 2728354180183721846
tpc.googlesyndication.com/simgad/17797564333505401504/ Frame 5EA1 15 KB
15 KB 21ms
14ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17797564333505401504/2728354180183721846?w=400&h=209

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8b377f321625f6cdf3dc40980398c8d5ae8010100b9e5829abf92734eab3847

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 05:43:24 GMT
x-content-type-options: nosniff
age: 429195
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15341
x-xss-protection: 0
last-modified: Tue, 20 Sep 2022 13:22:19 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 15 Dec 2023 05:43:24 GMT

GET
DATA 200
OK truncated
/ Frame 5EA1 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 5EA1 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 5EA1 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0f3c69a00257cbd9c7189286843ba03ba5febbf57fe11dca020326fc25762be1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame 6F08 8 KB
895 B 36ms
17ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5119020707824427&output=html&h=280&slotname=4169856551&adk=111264467&adf=1056458448&pi=t.ma~as.4169856551&w=1004&fwrn=4&fwrnh=100&lmt=1671512199&rafmt=1&format=1004x280&url=https%3A%2F%2Fen.firstgooal.com%2F6975%2Fsurvey-showing-collapse-luna-affected-investor-perception&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671512199373&bpp=6&bdt=152&idt=108&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280%2C708x280&nras=1&correlator=8728161850638&frm=20&pv=1&ga_vid=1165645210.1671512199&ga_sid=1671512199&ga_hid=696330815&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=2906&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777508%2C31071220%2C44780792&oid=2&pvsid=1580426415818966&tmod=1200627025&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=K0yg0wfyBx&p=https%3A//en.firstgooal.com&dtd=109

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 20 Dec 2022 04:56:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 20 Dec 2022 03:12:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 20 Dec 2022 04:56:40 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 6F08 2 KB
765 B 28ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5119020707824427&output=html&h=280&slotname=4169856551&adk=111264467&adf=1056458448&pi=t.ma~as.4169856551&w=1004&fwrn=4&fwrnh=100&lmt=1671512199&rafmt=1&format=1004x280&url=https%3A%2F%2Fen.firstgooal.com%2F6975%2Fsurvey-showing-collapse-luna-affected-investor-perception&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671512199373&bpp=6&bdt=152&idt=108&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280%2C708x280&nras=1&correlator=8728161850638&frm=20&pv=1&ga_vid=1165645210.1671512199&ga_sid=1671512199&ga_hid=696330815&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=2906&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777508%2C31071220%2C44780792&oid=2&pvsid=1580426415818966&tmod=1200627025&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=K0yg0wfyBx&p=https%3A//en.firstgooal.com&dtd=109

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 11:39:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62239
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Jan 2023 11:39:21 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 6F08 23 KB
9 KB 29ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5119020707824427&output=html&h=280&slotname=4169856551&adk=111264467&adf=1056458448&pi=t.ma~as.4169856551&w=1004&fwrn=4&fwrnh=100&lmt=1671512199&rafmt=1&format=1004x280&url=https%3A%2F%2Fen.firstgooal.com%2F6975%2Fsurvey-showing-collapse-luna-affected-investor-perception&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671512199373&bpp=6&bdt=152&idt=108&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280%2C708x280&nras=1&correlator=8728161850638&frm=20&pv=1&ga_vid=1165645210.1671512199&ga_sid=1671512199&ga_hid=696330815&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=2906&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777508%2C31071220%2C44780792&oid=2&pvsid=1580426415818966&tmod=1200627025&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=K0yg0wfyBx&p=https%3A//en.firstgooal.com&dtd=109

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 11:39:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62239
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Jan 2023 11:39:21 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 6F08 3 KB
1 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5119020707824427&output=html&h=280&slotname=4169856551&adk=111264467&adf=1056458448&pi=t.ma~as.4169856551&w=1004&fwrn=4&fwrnh=100&lmt=1671512199&rafmt=1&format=1004x280&url=https%3A%2F%2Fen.firstgooal.com%2F6975%2Fsurvey-showing-collapse-luna-affected-investor-perception&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671512199373&bpp=6&bdt=152&idt=108&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280%2C708x280&nras=1&correlator=8728161850638&frm=20&pv=1&ga_vid=1165645210.1671512199&ga_sid=1671512199&ga_hid=696330815&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=2906&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777508%2C31071220%2C44780792&oid=2&pvsid=1580426415818966&tmod=1200627025&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=K0yg0wfyBx&p=https%3A//en.firstgooal.com&dtd=109

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 20:02:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32059
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Jan 2023 20:02:21 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 6F08 18 KB
7 KB 30ms
9ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5119020707824427&output=html&h=280&slotname=4169856551&adk=111264467&adf=1056458448&pi=t.ma~as.4169856551&w=1004&fwrn=4&fwrnh=100&lmt=1671512199&rafmt=1&format=1004x280&url=https%3A%2F%2Fen.firstgooal.com%2F6975%2Fsurvey-showing-collapse-luna-affected-investor-perception&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671512199373&bpp=6&bdt=152&idt=108&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280%2C708x280&nras=1&correlator=8728161850638&frm=20&pv=1&ga_vid=1165645210.1671512199&ga_sid=1671512199&ga_hid=696330815&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=2906&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777508%2C31071220%2C44780792&oid=2&pvsid=1580426415818966&tmod=1200627025&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=K0yg0wfyBx&p=https%3A//en.firstgooal.com&dtd=109

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 11:39:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62239
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Jan 2023 11:39:21 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6F08 153 KB
47 KB 34ms
17ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5119020707824427&output=html&h=280&slotname=4169856551&adk=111264467&adf=1056458448&pi=t.ma~as.4169856551&w=1004&fwrn=4&fwrnh=100&lmt=1671512199&rafmt=1&format=1004x280&url=https%3A%2F%2Fen.firstgooal.com%2F6975%2Fsurvey-showing-collapse-luna-affected-investor-perception&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671512199373&bpp=6&bdt=152&idt=108&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280%2C708x280&nras=1&correlator=8728161850638&frm=20&pv=1&ga_vid=1165645210.1671512199&ga_sid=1671512199&ga_hid=696330815&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=2906&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777508%2C31071220%2C44780792&oid=2&pvsid=1580426415818966&tmod=1200627025&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=K0yg0wfyBx&p=https%3A//en.firstgooal.com&dtd=109

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:56:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 20 Dec 2022 04:56:40 GMT

GET
H3 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame 6F08 34 KB
14 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5119020707824427&output=html&h=280&slotname=4169856551&adk=111264467&adf=1056458448&pi=t.ma~as.4169856551&w=1004&fwrn=4&fwrnh=100&lmt=1671512199&rafmt=1&format=1004x280&url=https%3A%2F%2Fen.firstgooal.com%2F6975%2Fsurvey-showing-collapse-luna-affected-investor-perception&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671512199373&bpp=6&bdt=152&idt=108&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280%2C708x280&nras=1&correlator=8728161850638&frm=20&pv=1&ga_vid=1165645210.1671512199&ga_sid=1671512199&ga_hid=696330815&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=2906&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777508%2C31071220%2C44780792&oid=2&pvsid=1580426415818966&tmod=1200627025&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=K0yg0wfyBx&p=https%3A//en.firstgooal.com&dtd=109

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:52:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43476
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 19 Mar 2023 16:52:04 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 2E26 6 KB
672 B 19ms
19ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5119020707824427&output=html&h=280&slotname=4169856551&adk=3602340273&adf=1528403788&pi=t.ma~as.4169856551&w=748&fwrn=4&fwrnh=100&lmt=1671512199&rafmt=1&format=748x280&url=https%3A%2F%2Fen.firstgooal.com%2F6975%2Fsurvey-showing-collapse-luna-affected-investor-perception&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671512199340&bpp=1&bdt=119&idt=127&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=8728161850638&frm=20&pv=1&ga_vid=1165645210.1671512199&ga_sid=1671512199&ga_hid=696330815&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=179&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777508%2C31071220%2C44780792&oid=2&pvsid=1580426415818966&tmod=1200627025&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=rhgFHHZBR3&p=https%3A//en.firstgooal.com&dtd=129

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 20 Dec 2022 04:56:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 20 Dec 2022 03:57:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 20 Dec 2022 04:56:40 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 2E26 2 KB
765 B 15ms
14ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5119020707824427&output=html&h=280&slotname=4169856551&adk=3602340273&adf=1528403788&pi=t.ma~as.4169856551&w=748&fwrn=4&fwrnh=100&lmt=1671512199&rafmt=1&format=748x280&url=https%3A%2F%2Fen.firstgooal.com%2F6975%2Fsurvey-showing-collapse-luna-affected-investor-perception&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671512199340&bpp=1&bdt=119&idt=127&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=8728161850638&frm=20&pv=1&ga_vid=1165645210.1671512199&ga_sid=1671512199&ga_hid=696330815&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=179&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777508%2C31071220%2C44780792&oid=2&pvsid=1580426415818966&tmod=1200627025&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=rhgFHHZBR3&p=https%3A//en.firstgooal.com&dtd=129

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 11:39:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62239
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Jan 2023 11:39:21 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 2E26 23 KB
9 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5119020707824427&output=html&h=280&slotname=4169856551&adk=3602340273&adf=1528403788&pi=t.ma~as.4169856551&w=748&fwrn=4&fwrnh=100&lmt=1671512199&rafmt=1&format=748x280&url=https%3A%2F%2Fen.firstgooal.com%2F6975%2Fsurvey-showing-collapse-luna-affected-investor-perception&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671512199340&bpp=1&bdt=119&idt=127&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=8728161850638&frm=20&pv=1&ga_vid=1165645210.1671512199&ga_sid=1671512199&ga_hid=696330815&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=179&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777508%2C31071220%2C44780792&oid=2&pvsid=1580426415818966&tmod=1200627025&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=rhgFHHZBR3&p=https%3A//en.firstgooal.com&dtd=129

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 11:39:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62239
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Jan 2023 11:39:21 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 2E26 3 KB
1 KB 12ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5119020707824427&output=html&h=280&slotname=4169856551&adk=3602340273&adf=1528403788&pi=t.ma~as.4169856551&w=748&fwrn=4&fwrnh=100&lmt=1671512199&rafmt=1&format=748x280&url=https%3A%2F%2Fen.firstgooal.com%2F6975%2Fsurvey-showing-collapse-luna-affected-investor-perception&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671512199340&bpp=1&bdt=119&idt=127&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=8728161850638&frm=20&pv=1&ga_vid=1165645210.1671512199&ga_sid=1671512199&ga_hid=696330815&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=179&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777508%2C31071220%2C44780792&oid=2&pvsid=1580426415818966&tmod=1200627025&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=rhgFHHZBR3&p=https%3A//en.firstgooal.com&dtd=129

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 20:02:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32059
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Jan 2023 20:02:21 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 2E26 18 KB
7 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5119020707824427&output=html&h=280&slotname=4169856551&adk=3602340273&adf=1528403788&pi=t.ma~as.4169856551&w=748&fwrn=4&fwrnh=100&lmt=1671512199&rafmt=1&format=748x280&url=https%3A%2F%2Fen.firstgooal.com%2F6975%2Fsurvey-showing-collapse-luna-affected-investor-perception&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671512199340&bpp=1&bdt=119&idt=127&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=8728161850638&frm=20&pv=1&ga_vid=1165645210.1671512199&ga_sid=1671512199&ga_hid=696330815&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=179&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777508%2C31071220%2C44780792&oid=2&pvsid=1580426415818966&tmod=1200627025&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=rhgFHHZBR3&p=https%3A//en.firstgooal.com&dtd=129

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 11:39:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62239
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Jan 2023 11:39:21 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2E26 153 KB
47 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5119020707824427&output=html&h=280&slotname=4169856551&adk=3602340273&adf=1528403788&pi=t.ma~as.4169856551&w=748&fwrn=4&fwrnh=100&lmt=1671512199&rafmt=1&format=748x280&url=https%3A%2F%2Fen.firstgooal.com%2F6975%2Fsurvey-showing-collapse-luna-affected-investor-perception&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671512199340&bpp=1&bdt=119&idt=127&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=8728161850638&frm=20&pv=1&ga_vid=1165645210.1671512199&ga_sid=1671512199&ga_hid=696330815&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=179&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777508%2C31071220%2C44780792&oid=2&pvsid=1580426415818966&tmod=1200627025&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=rhgFHHZBR3&p=https%3A//en.firstgooal.com&dtd=129

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:56:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 20 Dec 2022 04:56:40 GMT

GET
H3 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame 2E26 34 KB
14 KB 20ms
9ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5119020707824427&output=html&h=280&slotname=4169856551&adk=3602340273&adf=1528403788&pi=t.ma~as.4169856551&w=748&fwrn=4&fwrnh=100&lmt=1671512199&rafmt=1&format=748x280&url=https%3A%2F%2Fen.firstgooal.com%2F6975%2Fsurvey-showing-collapse-luna-affected-investor-perception&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671512199340&bpp=1&bdt=119&idt=127&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=8728161850638&frm=20&pv=1&ga_vid=1165645210.1671512199&ga_sid=1671512199&ga_hid=696330815&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=179&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777508%2C31071220%2C44780792&oid=2&pvsid=1580426415818966&tmod=1200627025&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=rhgFHHZBR3&p=https%3A//en.firstgooal.com&dtd=129

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:52:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43476
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 19 Mar 2023 16:52:04 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6F08 0
0 51ms
51ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CYA8Kh0ChY-64HruHjuwPtMetwAiRsIz-baCtq821EJuByqrtMBABIM7I7I4BYJWCgICQB6AB56eY3wLIAQmpAseJkOVnyLE-qAMByAPLBKoEsgJP0BgL8nQa9dWmfenCqPFZ7LbWTwgR7acVlaVeS8Iikt8wr-A13xtd4vhUGD0Cyc4Bdb4ybV90kD7gwNJgaRfATe5THf_4765fD7779LVoAZHfHtmFJAWZkRgGTnaCWVrP1Z_RslBdPwvEo00W41JKjaiTK-MOUvl8lvLtDmciD22dIqHFNLrjl33WQnlZtopP5MckB44sO4gOy55JArHR1vL5LihzDPj_g5OABfUTM5JG0WfyRFOLKUWpwC8vp4SuBpOY-wwmhfZoVVLof0aIMF5LKv0uSR9PIJWtYj1ADozhe4HEtVAK36CVVuzSDzyeZog-UQbtk2c38iT8FpJ7LA_wTPDs7FGO6PNwBdJhn6HcyiKoxwDKsbsUMBK75d9ld2hb9as9jbzV5_xwxbtueDrABPCH7NngA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAeB2OegAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEMXHE9IIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMM0BUBmBYBgBcBshccChoIABIUcHViLTUxMTkwMjA3MDc4MjQ0MjcYAA&sigh=eASTggiZRIA&uach_m=[UACH]&cid=CAQSGwDq26N9QoF74e8ckABb3dlhthjoUNG7_aJp2hgBIBM&template_id=5000

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5119020707824427&output=html&h=280&slotname=4169856551&adk=111264467&adf=1056458448&pi=t.ma~as.4169856551&w=1004&fwrn=4&fwrnh=100&lmt=1671512199&rafmt=1&format=1004x280&url=https%3A%2F%2Fen.firstgooal.com%2F6975%2Fsurvey-showing-collapse-luna-affected-investor-perception&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671512199373&bpp=6&bdt=152&idt=108&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280%2C708x280&nras=1&correlator=8728161850638&frm=20&pv=1&ga_vid=1165645210.1671512199&ga_sid=1671512199&ga_hid=696330815&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=2906&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777508%2C31071220%2C44780792&oid=2&pvsid=1580426415818966&tmod=1200627025&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=K0yg0wfyBx&p=https%3A//en.firstgooal.com&dtd=109

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5119020707824427&output=html&h=280&slotname=4169856551&adk=111264467&adf=1056458448&pi=t.ma~as.4169856551&w=1004&fwrn=4&fwrnh=100&lmt=1671512199&rafmt=1&format=1004x280&url=https%3A%2F%2Fen.firstgooal.com%2F6975%2Fsurvey-showing-collapse-luna-affected-investor-perception&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671512199373&bpp=6&bdt=152&idt=108&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280%2C708x280&nras=1&correlator=8728161850638&frm=20&pv=1&ga_vid=1165645210.1671512199&ga_sid=1671512199&ga_hid=696330815&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=2906&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777508%2C31071220%2C44780792&oid=2&pvsid=1580426415818966&tmod=1200627025&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=K0yg0wfyBx&p=https%3A//en.firstgooal.com&dtd=109
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 20 Dec 2022 04:56:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2E26 0
0 56ms
52ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cio3oh0ChY7TfHcP_3wP87JPwBe_dlIJu3eGf3t0QjJ2ExP4OEAEgzsjsjgFglYKAgLgHoAHe2fWMKcgBCakCDBIuFgfMsT6oAwHIA8sEqgSqAk_Qu93RiiHQzPKDxn9KbqFTeHP1hriOCnw2ANxU7WlvKUqUtaUTraszTW6UzBoY43Hw1Ytue4pFGPKaLG8n0exDpTmNg5k8CqM0kKN8PuyR9EYk1StTlWmFCZN7khr9WyIRYgKLNbb7NEWrec2xSRmAsYewKQKVdCPf7DNsMBg5HXMdOcvteMUb_mSbEt3xcFtc0YhQwYw-4BGyXIZrTp2qFz9Gz6OwvzKAT22wVJJCCwB6we-FaYpEmCQdCxI2x8-o1XEaTZqUaTFqYoOgqo22roFRrRQJwjwDMiZtOxeQ4qN0z-83kLBaLNAJdf2oYGMMGMFz103kIKMK9ElZY9eU7CXVkh58jHtre7tndE-PWWGsudz9JkJM_nQRtcmMf7ci--BbvGtU3s_ABPXD9NOUBJIFBAgEGAGSBQQIBRgEoAYugAfekcbsA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEJnmC9IIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBuBPkA9gTDdAVAYAXAbIXHAoaCAASFHB1Yi01MTE5MDIwNzA3ODI0NDI3GAA&sigh=ysTI3wyGIyc&uach_m=[UACH]&cid=CAQSGwDq26N99ts9cHQ5RDHoI9Leo6Vv_twn6F0nUhgBIBM&template_id=484

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5119020707824427&output=html&h=280&slotname=4169856551&adk=3602340273&adf=1528403788&pi=t.ma~as.4169856551&w=748&fwrn=4&fwrnh=100&lmt=1671512199&rafmt=1&format=748x280&url=https%3A%2F%2Fen.firstgooal.com%2F6975%2Fsurvey-showing-collapse-luna-affected-investor-perception&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671512199340&bpp=1&bdt=119&idt=127&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=8728161850638&frm=20&pv=1&ga_vid=1165645210.1671512199&ga_sid=1671512199&ga_hid=696330815&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=179&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777508%2C31071220%2C44780792&oid=2&pvsid=1580426415818966&tmod=1200627025&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=rhgFHHZBR3&p=https%3A//en.firstgooal.com&dtd=129

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5119020707824427&output=html&h=280&slotname=4169856551&adk=3602340273&adf=1528403788&pi=t.ma~as.4169856551&w=748&fwrn=4&fwrnh=100&lmt=1671512199&rafmt=1&format=748x280&url=https%3A%2F%2Fen.firstgooal.com%2F6975%2Fsurvey-showing-collapse-luna-affected-investor-perception&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671512199340&bpp=1&bdt=119&idt=127&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=8728161850638&frm=20&pv=1&ga_vid=1165645210.1671512199&ga_sid=1671512199&ga_hid=696330815&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=179&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777508%2C31071220%2C44780792&oid=2&pvsid=1580426415818966&tmod=1200627025&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=rhgFHHZBR3&p=https%3A//en.firstgooal.com&dtd=129
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 20 Dec 2022 04:56:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/6063972444542556210/ Frame 2E26 76 KB
76 KB 10ms
7ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6063972444542556210/14763004658117789537

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5119020707824427&output=html&h=280&slotname=4169856551&adk=3602340273&adf=1528403788&pi=t.ma~as.4169856551&w=748&fwrn=4&fwrnh=100&lmt=1671512199&rafmt=1&format=748x280&url=https%3A%2F%2Fen.firstgooal.com%2F6975%2Fsurvey-showing-collapse-luna-affected-investor-perception&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671512199340&bpp=1&bdt=119&idt=127&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=8728161850638&frm=20&pv=1&ga_vid=1165645210.1671512199&ga_sid=1671512199&ga_hid=696330815&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=179&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777508%2C31071220%2C44780792&oid=2&pvsid=1580426415818966&tmod=1200627025&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=rhgFHHZBR3&p=https%3A//en.firstgooal.com&dtd=129

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f63ba732f86b82e5cd73a7bb3a8584dfaabd9d59d0210aed84a1c58fca9d4a7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 17 Dec 2022 12:23:52 GMT
x-content-type-options: nosniff
age: 232368
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 77317
x-xss-protection: 0
last-modified: Mon, 28 Nov 2022 21:06:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 17 Dec 2023 12:23:52 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/11055800874229895024/ Frame 2E26 10 KB
10 KB 15ms
12ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11055800874229895024/14763004658117789537?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5119020707824427&output=html&h=280&slotname=4169856551&adk=3602340273&adf=1528403788&pi=t.ma~as.4169856551&w=748&fwrn=4&fwrnh=100&lmt=1671512199&rafmt=1&format=748x280&url=https%3A%2F%2Fen.firstgooal.com%2F6975%2Fsurvey-showing-collapse-luna-affected-investor-perception&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671512199340&bpp=1&bdt=119&idt=127&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=8728161850638&frm=20&pv=1&ga_vid=1165645210.1671512199&ga_sid=1671512199&ga_hid=696330815&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=179&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777508%2C31071220%2C44780792&oid=2&pvsid=1580426415818966&tmod=1200627025&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=rhgFHHZBR3&p=https%3A//en.firstgooal.com&dtd=129

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c104ec098bbe63627860a2d0144e9864c4db095e1e4f1e9f38119affa80bc39c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 11:00:07 GMT
x-content-type-options: nosniff
age: 150993
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10673
x-xss-protection: 0
last-modified: Mon, 28 Nov 2022 21:06:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 18 Dec 2023 11:00:07 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/16219658952005295331/ Frame 6F08 30 KB
30 KB 9ms
9ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16219658952005295331/14763004658117789537?w=600&h=314

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5119020707824427&output=html&h=280&slotname=4169856551&adk=111264467&adf=1056458448&pi=t.ma~as.4169856551&w=1004&fwrn=4&fwrnh=100&lmt=1671512199&rafmt=1&format=1004x280&url=https%3A%2F%2Fen.firstgooal.com%2F6975%2Fsurvey-showing-collapse-luna-affected-investor-perception&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671512199373&bpp=6&bdt=152&idt=108&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280%2C708x280&nras=1&correlator=8728161850638&frm=20&pv=1&ga_vid=1165645210.1671512199&ga_sid=1671512199&ga_hid=696330815&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=2906&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777508%2C31071220%2C44780792&oid=2&pvsid=1580426415818966&tmod=1200627025&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=K0yg0wfyBx&p=https%3A//en.firstgooal.com&dtd=109

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29aba457c277278516480abb675c844f12e33896e08eafb34e06695ebeeef761

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 07:41:38 GMT
x-content-type-options: nosniff
age: 162902
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30455
x-xss-protection: 0
last-modified: Wed, 05 Oct 2022 14:55:02 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 18 Dec 2023 07:41:38 GMT

GET
DATA 200
OK truncated
/ Frame 6F08 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 6F08 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 5EA1 28 KB
28 KB 31ms
8ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 21:35:41 GMT
x-content-type-options: nosniff
age: 372059
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Dec 2023 21:35:41 GMT

GET
DATA 200
OK truncated
/ Frame 6F08 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8be9473e05b07647a8d0418abe9e30527781bf152097433e9ba86b7fa9652815

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 6F08 28 KB
28 KB 25ms
8ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 21:35:41 GMT
x-content-type-options: nosniff
age: 372059
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Dec 2023 21:35:41 GMT

GET
DATA 200
OK truncated
/ Frame 2E26 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 78ab873cd0de5bd4c8a2b6a87d85b95a047eed79c6d5a15366aa08014281fb28

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js Show response
pagead2.googlesyndication.com/bg/ Frame E9D9 36 KB
16 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 07:28:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 163694
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16132
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 18 Dec 2023 07:28:26 GMT

GET
H3 200 z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 7286 36 KB
16 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5119020707824427&output=html&h=280&slotname=4169856551&adk=111264467&adf=1056458448&pi=t.ma~as.4169856551&w=1004&fwrn=4&fwrnh=100&lmt=1671512199&rafmt=1&format=1004x280&url=https%3A%2F%2Fen.firstgooal.com%2F6975%2Fsurvey-showing-collapse-luna-affected-investor-perception&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671512199373&bpp=6&bdt=152&idt=108&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640%2C748x280%2C708x280&nras=1&correlator=8728161850638&frm=20&pv=1&ga_vid=1165645210.1671512199&ga_sid=1671512199&ga_hid=696330815&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=2906&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777508%2C31071220%2C44780792&oid=2&pvsid=1580426415818966&tmod=1200627025&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeEbr%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=K0yg0wfyBx&p=https%3A//en.firstgooal.com&dtd=109

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 07:28:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 163694
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16132
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 18 Dec 2023 07:28:26 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2E26 15 KB
15 KB 11ms
10ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 20:40:44 GMT
x-content-type-options: nosniff
age: 288956
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Dec 2023 20:40:44 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2E26 15 KB
16 KB 11ms
10ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 43908
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Dec 2023 16:44:52 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2E26 15 KB
15 KB 17ms
16ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 19:42:15 GMT
x-content-type-options: nosniff
age: 378865
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Dec 2023 19:42:15 GMT

GET
H3 200 z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js Show response
pagead2.googlesyndication.com/bg/ Frame F713 36 KB
16 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5119020707824427&output=html&h=280&slotname=4169856551&adk=3602340273&adf=1528403788&pi=t.ma~as.4169856551&w=748&fwrn=4&fwrnh=100&lmt=1671512199&rafmt=1&format=748x280&url=https%3A%2F%2Fen.firstgooal.com%2F6975%2Fsurvey-showing-collapse-luna-affected-investor-perception&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671512199340&bpp=1&bdt=119&idt=127&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C320x640&nras=1&correlator=8728161850638&frm=20&pv=1&ga_vid=1165645210.1671512199&ga_sid=1671512199&ga_hid=696330815&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=179&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777508%2C31071220%2C44780792&oid=2&pvsid=1580426415818966&tmod=1200627025&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CEe%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=rhgFHHZBR3&p=https%3A//en.firstgooal.com&dtd=129

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 07:28:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 163694
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16132
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 18 Dec 2023 07:28:26 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 39ms
22ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba9c6b6fc81aa86219088472877d00f9400e588b924a8af157cc4580abdd4a32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://en.firstgooal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:56:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11199
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/ 151 KB
51 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/reactive_library_fy2021.js?bust=31071220

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f487a8e2eb60caa6603feadd7fc7457f3c2cdd4f4a44ace6fe01113795c08e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://en.firstgooal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:56:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52378
x-xss-protection: 0
server: cafe
etag: 7846072590375987812
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Dec 2022 04:56:40 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 34ms
16ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=en.firstgooal.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://en.firstgooal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:56:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 32ms
16ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=en.firstgooal.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://en.firstgooal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:56:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 40E6 31 KB
12 KB 257ms
256ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5119020707824427&output=html&h=90&adk=786118409&adf=1588159632&pi=t.aa~a.2977023874~rp.4&w=1004&fwrn=4&fwrnh=100&lmt=1671512200&rafmt=1&to=qs&pwprc=3341669447&format=1004x90&url=https%3A%2F%2Fen.firstgooal.com%2F6975%2Fsurvey-showing-collapse-luna-affected-investor-perception&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671512200532&bpp=1&bdt=1311&idt=1&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9b3a3e9d3ee1a715-22966f412fda00a6%3AT%3D1671512199%3ART%3D1671512199%3AS%3DALNI_MYkRV7qcrLN0KIpCzx16LYXnfz_FQ&gpic=UID%3D00000b9564a08187%3AT%3D1671512199%3ART%3D1671512199%3AS%3DALNI_MaguXuVhQsI51f9Y8ig-QHIX0voYQ&prev_fmts=0x0%2C320x640%2C748x280%2C708x280%2C1004x280&nras=2&correlator=8728161850638&frm=20&pv=1&ga_vid=1165645210.1671512199&ga_sid=1671512199&ga_hid=696330815&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=2358&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777508%2C31071220%2C44780792&oid=2&psts=ACgb8tuSX-ajBRuPre5R9G_SMAvQoMCUBQUV9R_NYTREDR94N9bdOTjOWXxnSJH-UbGMOUamb0igExowHa2_Kuk%2CACgb8tt0GNvVHUIXEg7nGncHfAxkT7f8EvQYZerF9Vjqu3B6sfMoMSPoePS3JLsXemMG339NhYui90IMw8t43XqBFw%2CACgb8tuvNP6MWiJUFi2CZKmjg81a8Z5AQAUpYbKrLYODLi3U3-7GfdMqTBv0htt6r4km-DnH9TJPbeuIc8e-mleNog&pvsid=1580426415818966&tmod=1200627025&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=5PkCTf9Ehw&p=https%3A//en.firstgooal.com&dtd=6

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0cd7589fdfb2e5e2270125b6f55d48c05e92480c68ebdc6851990a57e41e1f15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://en.firstgooal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 12213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Dec 2022 04:56:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 1079ms
1079ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://en.firstgooal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:56:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 20 Dec 2022 04:56:41 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/ Frame 5339 10 KB
4 KB 8ms
7ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://en.firstgooal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 39287
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Dec 2022 18:01:53 GMT
etag: 10353107486223812946
expires: Mon, 02 Jan 2023 18:01:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/ Frame 1D12 10 KB
4 KB 8ms
8ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://en.firstgooal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 39287
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Dec 2022 18:01:53 GMT
etag: 10353107486223812946
expires: Mon, 02 Jan 2023 18:01:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame 5339 4 KB
636 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 20 Dec 2022 04:56:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 20 Dec 2022 03:19:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 20 Dec 2022 04:56:40 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 5339 205 B
229 B 8ms
8ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 22:06:14 GMT
x-content-type-options: nosniff
age: 24626
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 19 Dec 2023 22:06:14 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 5339 604 B
628 B 9ms
9ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 03:00:31 GMT
x-content-type-options: nosniff
age: 6969
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 20 Dec 2023 03:00:31 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/ Frame 5339 19 KB
8 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d0ed9630334a711204c67723b1eb52755c8316466fa7e4e601958e0c12a5da9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 06:12:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81822
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8084
x-xss-protection: 0
server: cafe
etag: 2222875591315018765
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Jan 2023 06:12:58 GMT

GET
H3 200 1eaa1e49c6d827e7897bafa951c60a71.js Show response
www.gstatic.com/mysidia/ Frame 1D12 9 KB
4 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1eaa1e49c6d827e7897bafa951c60a71.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a983ec1308781984ea4503dd1c4e1317b2b48dcb17dd1a6e68df68560951784b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 07:28:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77282
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4197
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 19 Mar 2023 07:28:38 GMT

GET
H3 200 890d6e0a5dc19f9d14ccf82aa8feec6a.js Show response
www.gstatic.com/mysidia/ Frame 1D12 10 KB
4 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/890d6e0a5dc19f9d14ccf82aa8feec6a.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

981792df4c11fb32fea9720db6c7c82dd96da4247fd29ff170b53903e116eecc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 18:17:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 124736
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4446
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 18 Mar 2023 18:17:44 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 1D12 8 KB
895 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 20 Dec 2022 04:56:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 20 Dec 2022 04:30:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 20 Dec 2022 04:56:40 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 1D12 2 KB
765 B 10ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 11:39:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62239
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Jan 2023 11:39:21 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 1D12 23 KB
9 KB 13ms
11ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 11:39:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62239
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Jan 2023 11:39:21 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 1D12 3 KB
1 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 20:02:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32059
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Jan 2023 20:02:21 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 1D12 18 KB
7 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 11:39:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62239
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Jan 2023 11:39:21 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1D12 153 KB
47 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:56:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 20 Dec 2022 04:56:40 GMT

GET
H3 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame 1D12 34 KB
14 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:52:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43476
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 19 Mar 2023 16:52:04 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1D12 0
0 51ms
51ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CoRQ0h0ChY6XoHcSbrASctI0IhYHn_W2CztykixG_4R4QASDOyOyOAWCVgoCAuAegAY-MxKIDyAEBqQIMEi4WB8yxPqgDAcgDywSqBK0CT9CjFZj-hI2EA3ncyDKeVIXp1ANX1LjPwI-eK0Xda1oFcitf3-PHt7BGDh0wNHyO_i_ESelnDyxzy5o-ugyIwaAlc1_xTzx_cs8Yn29L2WWQu3X9IXX2b5NiVJD0smTsmd7i_0MtV5c5Xx49qqqZcgotAo8WpogjX0oBUV2NaclYokvV-AGj3iu-ZVwwfriCYEY7wWo8Pbr3yy_N_7s9Ylf6qBrQdQIG4QGy1-v3gvr7QzGmTXN7LV105YA8c-fp0DMIoFLv9VIleXGP_n6ZJeX5n3fMKePBRnMB05VlcbAOvFxRajckPOAIpzMvNXB9s67Y5n0by5ucrwQVO7q4qy4e8s-wUjYellELiGFDmgsVfQIwdwiWsFPB4UGuXBF1zgq1yyb4CkyEBzB968AEmo6s2aMEgAfZ87tdqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ278M0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwPQFQGYFgGAFwGyFxwKGggAEhRwdWItNTExOTAyMDcwNzgyNDQyNxgA&sigh=4k2SuOVXi48&uach_m=[UACH]&cid=CAQSGwDq26N9pjR2Hd0L5Ni9W5p8H6jF54gPzTIdahgBIBM

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 20 Dec 2022 04:56:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 95AC 8 KB
895 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 20 Dec 2022 04:56:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 20 Dec 2022 03:34:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 20 Dec 2022 04:56:40 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 95AC 2 KB
765 B 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 11:39:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62239
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Jan 2023 11:39:21 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 95AC 23 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 11:39:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62239
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Jan 2023 11:39:21 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 95AC 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 20:02:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32059
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Jan 2023 20:02:21 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 95AC 18 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 11:39:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62239
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Jan 2023 11:39:21 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 95AC 153 KB
47 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:56:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 20 Dec 2022 04:56:40 GMT

GET
H3 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame 95AC 34 KB
14 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 16:52:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43476
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 23:34:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 19 Mar 2023 16:52:04 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F910 143 B
166 B 8ms
8ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 697
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Dec 2022 04:45:03 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 1D12 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 143daad80da8fd7212166e55b02db27e12112bc0cc53bc29fccb8bb4e9f13db7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CC42 143 B
166 B 9ms
8ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 697
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Dec 2022 04:45:03 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F910
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

22ms
21ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Dec 2022 04:56:40 GMT
expires: Tue, 20 Dec 2022 04:56:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Dec 2022 04:56:40 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CC42
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

27ms
27ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Dec 2022 04:56:40 GMT
expires: Tue, 20 Dec 2022 04:56:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Dec 2022 04:56:40 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js Show response
pagead2.googlesyndication.com/bg/ Frame AC7B 36 KB
16 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js

Requested by

Host: www.cepba.com
URL: https://www.cepba.com/wp-content/maintenance/THH/waybill.php?email=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 07:28:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 163694
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16132
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 18 Dec 2023 07:28:26 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 069B 0
0 52ms
51ms Fetch
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CVQLYiEChY5mYItKqrASI5JyIApDhgYRctqjCivACwI23ARABIABglYKAgLgHggEXY2EtcHViLTUxMTkwMjA3MDc4MjQ0MjfIAQmpAgwSLhYHzLE-qAMBqgSkAk_QrF0wD0YKpqSqwXYda9uPodELZDjnttqZx51s9ZKSoMlsHYJG9FukbdXig6pa9TykBEHiCch2Lw5V4KBB-XMgFauUU9nw4HYecCLqW4viQRG6CvMRLIIT8BOBvjklCQddqFMrz8z_j8dKNoy8xyHcpB_buEB7ajc9m_xgp8Q2PwPsLx_How1oaKlpsUMvCsv_oDVHrDAhF_HrS06geuLAIAX5YbdaEKWbG8eOaJPD0yC7DP-o6-OkoCN0EnwanVVDwmi9Qsws1z8klywz7-Fur6WcZxGWMHCt8rMBAkqwwDI2sPn_Qv6bHWBcQNohIQ4Sy7Seab6PgwGsiG97L-5yHZoLIS2AEW-btf0G9YZQdFDt5d6DEN3JwgOOcQ-8WN2_zumABqPh6Ov57OTX9wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTUxMTkwMjA3MDc4MjQ0MjcYAA&sigh=0MAwmcl_Fds&uach_m=[UACH]&cid=CAQSPADq26N9IiD-nYxdqR3y_aDtH2QntpAQS9ODHP8YyfoLcCKfh36mzOUYHMYwWYMWu1e_BJR-EXbI3I4KHRgBIBM

Requested by

Host: www.cepba.com
URL: https://www.cepba.com/wp-content/maintenance/THH/waybill.php?email=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5119020707824427&output=html&h=90&adk=786118409&adf=1588159632&pi=t.aa~a.2977023874~rp.4&w=1004&fwrn=4&fwrnh=100&lmt=1671512200&rafmt=1&to=qs&pwprc=3341669447&format=1004x90&url=https%3A%2F%2Fen.firstgooal.com%2F6975%2Fsurvey-showing-collapse-luna-affected-investor-perception&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671512200532&bpp=1&bdt=1311&idt=1&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9b3a3e9d3ee1a715-22966f412fda00a6%3AT%3D1671512199%3ART%3D1671512199%3AS%3DALNI_MYkRV7qcrLN0KIpCzx16LYXnfz_FQ&gpic=UID%3D00000b9564a08187%3AT%3D1671512199%3ART%3D1671512199%3AS%3DALNI_MaguXuVhQsI51f9Y8ig-QHIX0voYQ&prev_fmts=0x0%2C320x640%2C748x280%2C708x280%2C1004x280&nras=2&correlator=8728161850638&frm=20&pv=1&ga_vid=1165645210.1671512199&ga_sid=1671512199&ga_hid=696330815&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=2358&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777508%2C31071220%2C44780792&oid=2&psts=ACgb8tuSX-ajBRuPre5R9G_SMAvQoMCUBQUV9R_NYTREDR94N9bdOTjOWXxnSJH-UbGMOUamb0igExowHa2_Kuk%2CACgb8tt0GNvVHUIXEg7nGncHfAxkT7f8EvQYZerF9Vjqu3B6sfMoMSPoePS3JLsXemMG339NhYui90IMw8t43XqBFw%2CACgb8tuvNP6MWiJUFi2CZKmjg81a8Z5AQAUpYbKrLYODLi3U3-7GfdMqTBv0htt6r4km-DnH9TJPbeuIc8e-mleNog&pvsid=1580426415818966&tmod=1200627025&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=5PkCTf9Ehw&p=https%3A//en.firstgooal.com&dtd=6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 20 Dec 2022 04:56:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 069B 0
0 246ms
17ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1jn9endbb4n4f030azm0emnbdvnxj0mx3mp72bm757ys5b51vkg6sgqkb60fj18v4v67f4v1dazy0grrxhnwwdz81wkrryenjwba7cn0mvce8eny494bbzarycy9z71mhfqxh0be2zqt31p38wb2r4a1vvr142y2gfyae0n2a4xv6s7v6mfnyhy2cr30knwafvz4ekvnzr0r013n6hg1f604sbnens2tm7qh9xrb91hzxznmqhqhrjgt96xbfpxvdjvjvpn9vw35t9akrwc33v32frv767zsdpzngedg5jpdvt0xg5anqe0mxejwxm651b4memhtad3p5gw118z8gb3pzzzf3pyf8p9ym44dz8gzgewq2cdre29w6ycbg40cb73ecp4x10&b=Y6FAiAAIjBkKixVSAAcyCGVfnmbp_M4aZ70Jmw
Requested by: Host: www.cepba.com
URL: https://www.cepba.com/wp-content/maintenance/THH/waybill.php?email=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 20 Dec 2022 04:56:41 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 4187 2 KB
3 KB 287ms
60ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1kad5gyybqw0nj4pqp4a1srcgrfdab6e4zfqq25qj54gw724mh30a4vnznm0wgvpb5j5dx32xgydm3hf4n7s90fxr0wp5mk9tv3xr6mx5yx75kkkfymhge2r0js6m53eb53h6m9wk3y9w71m1fw5fwedx2waw6t230k8vj361vz4pmf4bwjz61vd4ey5nf8dsq0zd0zx8pf6ycsd6javbzwtvavttv37tj6cf5mqa9nt9zqc2q3mb8gvf75ff93fhdq1cev2bc7718ff88hy41kekfzzvm7pyn4em6j9wdpmfpxmxyhhgzh18zjj6avdwxxtxwzmhhfcpqh85qed54rejbyf09ywenc45gxa3hs733mqsecbgr97y69qgskf4wp1e5jy3zpgykxs60qpetd8zq1rt4eb7n1xm93awvdd358sjsy0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTXRCiEChY5mYItKqrASI5JyIApDhgYRctqjCivACwI23ARABIABglYKAgLgHggEXY2EtcHViLTUxMTkwMjA3MDc4MjQ0MjfIAQmpAgwSLhYHzLE-qAMBqgSnAk_QrF0wD0YKpqSqwXYda9uPodELZDjnttqZx51s9ZKSoMlsHYJG9FukbdXig6pa9TykBEHiCch2Lw5V4KBB-XMgFauUU9nw4HYecCLqW4viQRG6CvMRLIIT8BOBvjklCQddqFMrz8z_j8dKNoy8xyHcpB_buEB7ajc9m_xgp8Q2PwPsLx_How1oaKlpsUMvCsv_oDVHrDAhF_HrS06geuLAIAX5YbdaEKWbG8eOaJPD0yC7DP-o6-OkoCN0EnwanVVDwmi9Qsws1z8klywz7-Fur6WcZxGWMHCt8rMBAkqwwDI2sPn_Qv6bHWBcQNohIQ4Sy7Seab6PgwGsiG97bexTj03ypm1IlicNb7SUB79Efv3ny8ZekB-AUPsabyOkjQEgjiE8fXaABqPh6Ov57OTX9wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1MIJ7xgRRuT7nAZDn4sItrHN6Q-Q%26client%3Dca-pub-5119020707824427%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5119020707824427&output=html&h=90&adk=786118409&adf=1588159632&pi=t.aa~a.2977023874~rp.4&w=1004&fwrn=4&fwrnh=100&lmt=1671512200&rafmt=1&to=qs&pwprc=3341669447&format=1004x90&url=https%3A%2F%2Fen.firstgooal.com%2F6975%2Fsurvey-showing-collapse-luna-affected-investor-perception&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671512200532&bpp=1&bdt=1311&idt=1&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9b3a3e9d3ee1a715-22966f412fda00a6%3AT%3D1671512199%3ART%3D1671512199%3AS%3DALNI_MYkRV7qcrLN0KIpCzx16LYXnfz_FQ&gpic=UID%3D00000b9564a08187%3AT%3D1671512199%3ART%3D1671512199%3AS%3DALNI_MaguXuVhQsI51f9Y8ig-QHIX0voYQ&prev_fmts=0x0%2C320x640%2C748x280%2C708x280%2C1004x280&nras=2&correlator=8728161850638&frm=20&pv=1&ga_vid=1165645210.1671512199&ga_sid=1671512199&ga_hid=696330815&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=2358&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777508%2C31071220%2C44780792&oid=2&psts=ACgb8tuSX-ajBRuPre5R9G_SMAvQoMCUBQUV9R_NYTREDR94N9bdOTjOWXxnSJH-UbGMOUamb0igExowHa2_Kuk%2CACgb8tt0GNvVHUIXEg7nGncHfAxkT7f8EvQYZerF9Vjqu3B6sfMoMSPoePS3JLsXemMG339NhYui90IMw8t43XqBFw%2CACgb8tuvNP6MWiJUFi2CZKmjg81a8Z5AQAUpYbKrLYODLi3U3-7GfdMqTBv0htt6r4km-DnH9TJPbeuIc8e-mleNog&pvsid=1580426415818966&tmod=1200627025&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=5PkCTf9Ehw&p=https%3A//en.firstgooal.com&dtd=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

247a43d8ce2bbc38b8df7dcaf65afbec014dbac1b6217fc4c2aac36ecd8e6ea9

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 77c5caf89d23bb80-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 20 Dec 2022 04:56:41 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 069B 3 KB
1 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 20:02:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32059
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Jan 2023 20:02:21 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0720 1 KB
643 B 230ms
7ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 54681
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Dec 2022 13:45:20 GMT
etag: 48472445140208031
expires: Tue, 20 Dec 2022 13:45:20 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 069B 18 KB
7 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 11:39:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62239
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Jan 2023 11:39:21 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 069B 153 KB
47 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:56:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 20 Dec 2022 04:56:40 GMT

GET
H3 200 z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 4227 36 KB
16 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 07:28:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 163694
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16132
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 18 Dec 2023 07:28:26 GMT

GET
DATA 200
OK truncated
/ Frame 069B 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb39b6e853399ccb8cd2af2b6c43232e2fc840b466f18c18be533ff00e77989b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 0720
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEBpB8Brvm93fexKoQE-bI_g&google_cver=1&google_push=AavPq0P4u2mhRO-FriA2YAyDdVyhfUizJi1sG85qieWeIAQXGh3r60Fkl0B6eHY6d2XLCwvNm9gNCIT4QHsP-bez0422wzpicgIYmhnt
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mzk3Njk3MDQxNzM3Nzk5NTQzNQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBpB8Brvm93fexKoQE-bI_g&google_cver=1

43 B
398 B

56ms
21ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBpB8Brvm93fexKoQE-bI_g&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5119020707824427&output=html&h=90&adk=786118409&adf=1588159632&pi=t.aa~a.2977023874~rp.4&w=1004&fwrn=4&fwrnh=100&lmt=1671512200&rafmt=1&to=qs&pwprc=3341669447&format=1004x90&url=https%3A%2F%2Fen.firstgooal.com%2F6975%2Fsurvey-showing-collapse-luna-affected-investor-perception&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671512200532&bpp=1&bdt=1311&idt=1&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9b3a3e9d3ee1a715-22966f412fda00a6%3AT%3D1671512199%3ART%3D1671512199%3AS%3DALNI_MYkRV7qcrLN0KIpCzx16LYXnfz_FQ&gpic=UID%3D00000b9564a08187%3AT%3D1671512199%3ART%3D1671512199%3AS%3DALNI_MaguXuVhQsI51f9Y8ig-QHIX0voYQ&prev_fmts=0x0%2C320x640%2C748x280%2C708x280%2C1004x280&nras=2&correlator=8728161850638&frm=20&pv=1&ga_vid=1165645210.1671512199&ga_sid=1671512199&ga_hid=696330815&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=2358&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777508%2C31071220%2C44780792&oid=2&psts=ACgb8tuSX-ajBRuPre5R9G_SMAvQoMCUBQUV9R_NYTREDR94N9bdOTjOWXxnSJH-UbGMOUamb0igExowHa2_Kuk%2CACgb8tt0GNvVHUIXEg7nGncHfAxkT7f8EvQYZerF9Vjqu3B6sfMoMSPoePS3JLsXemMG339NhYui90IMw8t43XqBFw%2CACgb8tuvNP6MWiJUFi2CZKmjg81a8Z5AQAUpYbKrLYODLi3U3-7GfdMqTBv0htt6r4km-DnH9TJPbeuIc8e-mleNog&pvsid=1580426415818966&tmod=1200627025&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=5PkCTf9Ehw&p=https%3A//en.firstgooal.com&dtd=6
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 20 Dec 2022 04:56:40 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Tue, 20 Dec 2022 04:56:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBpB8Brvm93fexKoQE-bI_g&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 0720 35 B
463 B 46ms
9ms Image
image/gif 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKDtMRODZeYqDtuE8Re6lVM&google_cver=1&google_push=AavPq0NoLAsU--zpWZE1YiKpVlE5lgOQczhBKAVpX3ZTNZZiIU1BOSKigcZOZLQQiIBqS3ioTJkgqUbIUeqwrZhibGE6rQd0zKIimuU

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 04:56:41 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0720
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESED3Msgdhz_R4rbbK8_faenE&google_cver=1&google_push=AavPq0N84SN2emPcdpamjEkj8JRqHFJh3DV6S_zP0-3BxteKjlvsQO31DiBdasvyn4ElaWGsZ4TRsv9ro9k_HCTV...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AavPq0N84SN2emPcdpamjEkj8JRqHFJh3DV6S_zP0-3BxteKjlvsQO31DiBdasvyn4ElaWGsZ4TRsv9ro9k_HCTVYifkf2DUxQRPYD56

170 B
188 B

35ms
18ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AavPq0N84SN2emPcdpamjEkj8JRqHFJh3DV6S_zP0-3BxteKjlvsQO31DiBdasvyn4ElaWGsZ4TRsv9ro9k_HCTVYifkf2DUxQRPYD56

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 04:56:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 20 Dec 2022 04:56:41 GMT
Server: MT3 254 34fcae8 master zrh-pixel-x29 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AavPq0N84SN2emPcdpamjEkj8JRqHFJh3DV6S_zP0-3BxteKjlvsQO31DiBdasvyn4ElaWGsZ4TRsv9ro9k_HCTVYifkf2DUxQRPYD56
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 20 Dec 2022 04:56:40 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0720
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPEODb3zr8MSLw4GA3eq9C0&google_cver=1&google_push=AavPq0OFT8Rv4kzfhqPx2imYY6ZiosEuHYYL-AeEtl7aj8LB5JbQahMvynGYZ-dQAot6LrAiPmFBdwlpCtmdudzwlE8p1Y0...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0OFT8Rv4kzfhqPx2imYY6ZiosEuHYYL-AeEtl7aj8LB5JbQahMvynGYZ-dQAot6LrAiPmFBdwlpCtmdudzwlE8p1Y064AfiPW0r&google_hm=eS1PcjY4Y0JoRTJwRj...

170 B
188 B

23ms
23ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0OFT8Rv4kzfhqPx2imYY6ZiosEuHYYL-AeEtl7aj8LB5JbQahMvynGYZ-dQAot6LrAiPmFBdwlpCtmdudzwlE8p1Y064AfiPW0r&google_hm=eS1PcjY4Y0JoRTJwRjlZZjFRN0c3bGhKM2FnVUR2WmZ4dX5B

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 04:56:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 20 Dec 2022 04:56:41 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0OFT8Rv4kzfhqPx2imYY6ZiosEuHYYL-AeEtl7aj8LB5JbQahMvynGYZ-dQAot6LrAiPmFBdwlpCtmdudzwlE8p1Y064AfiPW0r&google_hm=eS1PcjY4Y0JoRTJwRjlZZjFRN0c3bGhKM2FnVUR2WmZ4dX5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0720
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEKrhZ3fnVhKPAdqR3F3u-4c&google_cver=1&google_push=AavPq0Ns6ALhH5UMI4uwtQJv6U98Lvnf4YG6d1C2WGJpqjcDLq1QLPQ3DknajCyxIj7uiUPt4TAdk8lTS-h0GDeUeXu5yh...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEKrhZ3fnVhKPAdqR3F3u-4c&google_cver=1&google_push=AavPq0Ns6ALhH5UMI4uwtQJv6U98Lvnf4YG6d1C2WGJpqjcDLq1QLPQ3DknajCyxIj7uiUPt4TAdk8lTS-h0GDeU...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=jrhG2R_wRM6-EOCZ7jJkgw&google_push=AavPq0Ns6ALhH5UMI4uwtQJv6U98Lvnf4YG6d1C2WGJpqjcDLq1QLPQ3DknajCyxIj7uiUPt4TAdk8lTS-h0GDe...

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=jrhG2R_wRM6-EOCZ7jJkgw&google_push=AavPq0Ns6ALhH5UMI4uwtQJv6U98Lvnf4YG6d1C2WGJpqjcDLq1QLPQ3DknajCyxIj7uiUPt4TAdk8lTS-h0GDeUeXu5yhmhn1TBm_1x

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 04:56:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=jrhG2R_wRM6-EOCZ7jJkgw&google_push=AavPq0Ns6ALhH5UMI4uwtQJv6U98Lvnf4YG6d1C2WGJpqjcDLq1QLPQ3DknajCyxIj7uiUPt4TAdk8lTS-h0GDeUeXu5yhmhn1TBm_1x
access-control-allow-origin: *
date: Tue, 20 Dec 2022 04:56:41 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame 0720 0
75 B 128ms
20ms Image
text/plain 185.86.137.108
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESENS6e-OEVOXOiVgDYf4Nwso&google_cver=1&google_push=AavPq0N5zqKSGPO0J013QymPyV7Em0eIxlF0agiReep9o8PzK0QOdsSc0zbS380LgiQQljgMjSV3sFi-6B68EEZ464HQe4gXgUgby1J2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5119020707824427&output=html&h=90&adk=786118409&adf=1588159632&pi=t.aa~a.2977023874~rp.4&w=1004&fwrn=4&fwrnh=100&lmt=1671512200&rafmt=1&to=qs&pwprc=3341669447&format=1004x90&url=https%3A%2F%2Fen.firstgooal.com%2F6975%2Fsurvey-showing-collapse-luna-affected-investor-perception&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671512200532&bpp=1&bdt=1311&idt=1&shv=r20221207&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9b3a3e9d3ee1a715-22966f412fda00a6%3AT%3D1671512199%3ART%3D1671512199%3AS%3DALNI_MYkRV7qcrLN0KIpCzx16LYXnfz_FQ&gpic=UID%3D00000b9564a08187%3AT%3D1671512199%3ART%3D1671512199%3AS%3DALNI_MaguXuVhQsI51f9Y8ig-QHIX0voYQ&prev_fmts=0x0%2C320x640%2C748x280%2C708x280%2C1004x280&nras=2&correlator=8728161850638&frm=20&pv=1&ga_vid=1165645210.1671512199&ga_sid=1671512199&ga_hid=696330815&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=2358&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777508%2C31071220%2C44780792&oid=2&psts=ACgb8tuSX-ajBRuPre5R9G_SMAvQoMCUBQUV9R_NYTREDR94N9bdOTjOWXxnSJH-UbGMOUamb0igExowHa2_Kuk%2CACgb8tt0GNvVHUIXEg7nGncHfAxkT7f8EvQYZerF9Vjqu3B6sfMoMSPoePS3JLsXemMG339NhYui90IMw8t43XqBFw%2CACgb8tuvNP6MWiJUFi2CZKmjg81a8Z5AQAUpYbKrLYODLi3U3-7GfdMqTBv0htt6r4km-DnH9TJPbeuIc8e-mleNog&pvsid=1580426415818966&tmod=1200627025&uas=0&nvt=1&ref=https%3A%2F%2Fwww.google.com%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=5PkCTf9Ehw&p=https%3A//en.firstgooal.com&dtd=6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.108 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:56:41 GMT
content-length: 0

GET
H2

200

/
onetag-sys.com/match/ Frame 0720
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEKKHn_PpCV9-V-qeP4D7PHI&google_cver=1&google_push=AavPq0OWAjEt8Jiy7gZqIYpVKTdUy2Pv7ztmX6qyl0iBRkkr_o584WlSO1s2CosKPZ-IW7LaZV8Z0t7zrs_...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0OWAjEt8Jiy7gZqIYpVKTdUy2Pv7ztmX6qyl0iBRkkr_o584WlSO1s2CosKPZ-IW7LaZV8Z0t7zrs_YmA8KUPuaU7AM8nWHYDPXVA
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

8ms
8ms

Image
text/plain

51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Protocol

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Tue, 20 Dec 2022 04:56:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 0720 0
232 B 53ms
15ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LtTPj3A-DKU-4KXqmd2vHG5LZ4Pq9nUUd3IS7EUQGTPoAtXXqpms70HEJJK5iWnadwyrk5zQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:56:41 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.27/one-ad/ Frame 4187 89 KB
12 KB 32ms
18ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kad5gyybqw0nj4pqp4a1srcgrfdab6e4zfqq25qj54gw724mh30a4vnznm0wgvpb5j5dx32xgydm3hf4n7s90fxr0wp5mk9tv3xr6mx5yx75kkkfymhge2r0js6m53eb53h6m9wk3y9w71m1fw5fwedx2waw6t230k8vj361vz4pmf4bwjz61vd4ey5nf8dsq0zd0zx8pf6ycsd6javbzwtvavttv37tj6cf5mqa9nt9zqc2q3mb8gvf75ff93fhdq1cev2bc7718ff88hy41kekfzzvm7pyn4em6j9wdpmfpxmxyhhgzh18zjj6avdwxxtxwzmhhfcpqh85qed54rejbyf09ywenc45gxa3hs733mqsecbgr97y69qgskf4wp1e5jy3zpgykxs60qpetd8zq1rt4eb7n1xm93awvdd358sjsy0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTXRCiEChY5mYItKqrASI5JyIApDhgYRctqjCivACwI23ARABIABglYKAgLgHggEXY2EtcHViLTUxMTkwMjA3MDc4MjQ0MjfIAQmpAgwSLhYHzLE-qAMBqgSnAk_QrF0wD0YKpqSqwXYda9uPodELZDjnttqZx51s9ZKSoMlsHYJG9FukbdXig6pa9TykBEHiCch2Lw5V4KBB-XMgFauUU9nw4HYecCLqW4viQRG6CvMRLIIT8BOBvjklCQddqFMrz8z_j8dKNoy8xyHcpB_buEB7ajc9m_xgp8Q2PwPsLx_How1oaKlpsUMvCsv_oDVHrDAhF_HrS06geuLAIAX5YbdaEKWbG8eOaJPD0yC7DP-o6-OkoCN0EnwanVVDwmi9Qsws1z8klywz7-Fur6WcZxGWMHCt8rMBAkqwwDI2sPn_Qv6bHWBcQNohIQ4Sy7Seab6PgwGsiG97bexTj03ypm1IlicNb7SUB79Efv3ny8ZekB-AUPsabyOkjQEgjiE8fXaABqPh6Ov57OTX9wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1MIJ7xgRRuT7nAZDn4sItrHN6Q-Q%26client%3Dca-pub-5119020707824427%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1kad5gyybqw0nj4pqp4a1srcgrfdab6e4zfqq25qj54gw724mh30a4vnznm0wgvpb5j5dx32xgydm3hf4n7s90fxr0wp5mk9tv3xr6mx5yx75kkkfymhge2r0js6m53eb53h6m9wk3y9w71m1fw5fwedx2waw6t230k8vj361vz4pmf4bwjz61vd4ey5nf8dsq0zd0zx8pf6ycsd6javbzwtvavttv37tj6cf5mqa9nt9zqc2q3mb8gvf75ff93fhdq1cev2bc7718ff88hy41kekfzzvm7pyn4em6j9wdpmfpxmxyhhgzh18zjj6avdwxxtxwzmhhfcpqh85qed54rejbyf09ywenc45gxa3hs733mqsecbgr97y69qgskf4wp1e5jy3zpgykxs60qpetd8zq1rt4eb7n1xm93awvdd358sjsy0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTXRCiEChY5mYItKqrASI5JyIApDhgYRctqjCivACwI23ARABIABglYKAgLgHggEXY2EtcHViLTUxMTkwMjA3MDc4MjQ0MjfIAQmpAgwSLhYHzLE-qAMBqgSnAk_QrF0wD0YKpqSqwXYda9uPodELZDjnttqZx51s9ZKSoMlsHYJG9FukbdXig6pa9TykBEHiCch2Lw5V4KBB-XMgFauUU9nw4HYecCLqW4viQRG6CvMRLIIT8BOBvjklCQddqFMrz8z_j8dKNoy8xyHcpB_buEB7ajc9m_xgp8Q2PwPsLx_How1oaKlpsUMvCsv_oDVHrDAhF_HrS06geuLAIAX5YbdaEKWbG8eOaJPD0yC7DP-o6-OkoCN0EnwanVVDwmi9Qsws1z8klywz7-Fur6WcZxGWMHCt8rMBAkqwwDI2sPn_Qv6bHWBcQNohIQ4Sy7Seab6PgwGsiG97bexTj03ypm1IlicNb7SUB79Efv3ny8ZekB-AUPsabyOkjQEgjiE8fXaABqPh6Ov57OTX9wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1MIJ7xgRRuT7nAZDn4sItrHN6Q-Q%26client%3Dca-pub-5119020707824427%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:56:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1670930538
age: 576567
cf-polished: origSize=91628
x-guploader-uploadid: ADPycduR5Ol9pg3grc4HAIdmrbMEndwceyBRaKPEzp4btA3cKENGM-ZcNqNRgrH_pFRA6eQ6LFPYNJBaKno_nvJ48NOr
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 13 Dec 2022 11:22:46 GMT
server: cloudflare
etag: W/"575def06e70febb0cbd25403e37880bf"
vary: Accept-Encoding
x-goog-generation: 1670930566724484
content-type: text/css
x-goog-hash: crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vMN7E9Z6BYuxD9cgB5R9QnvhYvWUv6GApSJhDkfZiPiFrywyAoJ7wohigLFR%2FxJg2x2t%2BkFTehl4DPwax7APWVyioxKfheYpVCbUACOj8wnyjjxk9Yte5fjGrfGfKMLW46AEL1CwhDA%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 91628
cf-ray: 77c5caf92c429293-FRA
expires: Tue, 20 Dec 2022 05:56:41 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 4187 35 KB
12 KB 27ms
20ms Script
application/javascript 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kad5gyybqw0nj4pqp4a1srcgrfdab6e4zfqq25qj54gw724mh30a4vnznm0wgvpb5j5dx32xgydm3hf4n7s90fxr0wp5mk9tv3xr6mx5yx75kkkfymhge2r0js6m53eb53h6m9wk3y9w71m1fw5fwedx2waw6t230k8vj361vz4pmf4bwjz61vd4ey5nf8dsq0zd0zx8pf6ycsd6javbzwtvavttv37tj6cf5mqa9nt9zqc2q3mb8gvf75ff93fhdq1cev2bc7718ff88hy41kekfzzvm7pyn4em6j9wdpmfpxmxyhhgzh18zjj6avdwxxtxwzmhhfcpqh85qed54rejbyf09ywenc45gxa3hs733mqsecbgr97y69qgskf4wp1e5jy3zpgykxs60qpetd8zq1rt4eb7n1xm93awvdd358sjsy0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTXRCiEChY5mYItKqrASI5JyIApDhgYRctqjCivACwI23ARABIABglYKAgLgHggEXY2EtcHViLTUxMTkwMjA3MDc4MjQ0MjfIAQmpAgwSLhYHzLE-qAMBqgSnAk_QrF0wD0YKpqSqwXYda9uPodELZDjnttqZx51s9ZKSoMlsHYJG9FukbdXig6pa9TykBEHiCch2Lw5V4KBB-XMgFauUU9nw4HYecCLqW4viQRG6CvMRLIIT8BOBvjklCQddqFMrz8z_j8dKNoy8xyHcpB_buEB7ajc9m_xgp8Q2PwPsLx_How1oaKlpsUMvCsv_oDVHrDAhF_HrS06geuLAIAX5YbdaEKWbG8eOaJPD0yC7DP-o6-OkoCN0EnwanVVDwmi9Qsws1z8klywz7-Fur6WcZxGWMHCt8rMBAkqwwDI2sPn_Qv6bHWBcQNohIQ4Sy7Seab6PgwGsiG97bexTj03ypm1IlicNb7SUB79Efv3ny8ZekB-AUPsabyOkjQEgjiE8fXaABqPh6Ov57OTX9wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1MIJ7xgRRuT7nAZDn4sItrHN6Q-Q%26client%3Dca-pub-5119020707824427%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9624c9f30634be84a224d007e5df178a51107bff3e456e2a90b504cbf350d190

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:56:41 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 22 Nov 2022 06:17:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 599207
etag: W/"49e3b0ffd5e74f27b691e89cf271d672"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YE5kl32TvL8Qm3kS66%2FS1wZ9OPdOm1%2Fk8Nyfu0fOQ4J59U7SzlfHlzH%2FBZPGS4T4Uw9vWsME8Tx2kU0tvg81mPz9ssqr%2FBLb7oHHw4h6m75xWRzO7wuPkl%2F1lptPW1EUHr6L5vE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 77c5caf91e03bb80-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 13 Dec 2022 06:18:09 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 4187 3 KB
4 KB 49ms
20ms Image
image/png 2606:4700:20::681a:61b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:56:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 25447232
x-guploader-uploadid: ADPycdsAM1RKIW8NW9FXGsxgzhi5bSYe4VqqEbCt8J5Oc8iEgAF2SjSQc54Zb1FETUd5c-MZGmZZMUkSoxlmANI9NVVBPD3Irw
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1623242114099744
content-type: image/png
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=31536000, immutable
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KfeLpIsAnPpGzOIrCePc7mKFJxzZPEDqO68m7aOwFJhnj%2BX%2BOpyyISEK7cWFThRHLgg%2FApYOQt21LcdEJy8bwn6Los2xU5qvwUjd3bkL8Ztcg%2B39Pl%2F0uRFtBiLvOWm9U7d5i97EDIZnqF8Y88eARAo2"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 77c5caf9886c9bf4-FRA
expires: Tue, 28 Feb 2023 16:16:09 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame A857 2 KB
1 KB 18ms
17ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1781124
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 77c5caf96c829293-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Tue, 20 Dec 2022 04:56:41 GMT
expires: Sat, 26 Nov 2022 23:36:57 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CXF8I71wYorOcdjHe0nrP3X5GILQy2R5d7EXC0tZGBH%2BGT3T%2BKG5PbFZoPzLJiitsQ%2BzR8oY%2BDRkm%2Bn%2BShAzGnYrDi1ZeqGZelzy1X%2FEsg8gtquqsM%2BHR%2FkHaLFrJEPHtCODQ9E%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

POST
H3 200 rs Show response
ad4m.at/ Frame 4187 2 KB
2 KB 39ms
38ms XHR
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6c80048fca18cc45f6c0749133c56392fa296253e0797f1b6cb5748eb15487e

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 20 Dec 2022 04:56:41 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EGTgx10MPDtpRsbn14gWvHV9GCPPViVvuPVOCs%2Frg9S%2BVwnIXawBmCVJwekYNEBFM3XlpmogAO5ZA2Rh3wANtPv21dQpRC5SyARIAwor5DPu4dm4Ij5uWni8Ufuwzrf3KlsZ2F8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 77c5caf9d8be9220-FRA
x-backend-server: aa-reachservice-group-europe-west1-tbx2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 44ms
32ms Preflight
text/plain 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 77c5caf9a8899220-FRA
content-length: 24
content-type: text/plain
date: Tue, 20 Dec 2022 04:56:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UL2TA0UUteZLLLX1%2FA6tUagUeBw67FXfBvGc30wWml66qP%2Bp6kOQIYHhpdEzIzSbye1BnUbk6RYzvpROzObyYICdmq0t9NvQAyjVcXU1LgJ%2FVAJo3fkfxl%2FPiEVXp%2BfUxKwir4w%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-tbx2

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame ED8D 10 KB
4 KB 24ms
23ms Document
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=192347%2C19491%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=728&d=90&e=&g=310bca33e790d4db034fa9bfe704e23c%2F15690049265862926546&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671512201277&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g1pnny7rkh47cn3157rvygjs8nsrpq5eb64fa50rybmtt57g1rqedfe52j2tz4w6tg97t2nkqjdr1b6atfgxkdh2c1x1g1v656x2kxq42fwkpb1qxenby1bdx7fva39ysqkafp79b5sr592g2zh75zbn4kevh19nkcr20wjqqbhh45b58w400mb4smhv873qae0fe21nd56g5t1aa0xx076gaxvy3kv9td4knxt8h90pb2mg9k60ehb25kqydzvr4a59tva324gt22s10j0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCTXRCiEChY5mYItKqrASI5JyIApDhgYRctqjCivACwI23ARABIABglYKAgLgHggEXY2EtcHViLTUxMTkwMjA3MDc4MjQ0MjfIAQmpAgwSLhYHzLE-qAMBqgSnAk_QrF0wD0YKpqSqwXYda9uPodELZDjnttqZx51s9ZKSoMlsHYJG9FukbdXig6pa9TykBEHiCch2Lw5V4KBB-XMgFauUU9nw4HYecCLqW4viQRG6CvMRLIIT8BOBvjklCQddqFMrz8z_j8dKNoy8xyHcpB_buEB7ajc9m_xgp8Q2PwPsLx_How1oaKlpsUMvCsv_oDVHrDAhF_HrS06geuLAIAX5YbdaEKWbG8eOaJPD0yC7DP-o6-OkoCN0EnwanVVDwmi9Qsws1z8klywz7-Fur6WcZxGWMHCt8rMBAkqwwDI2sPn_Qv6bHWBcQNohIQ4Sy7Seab6PgwGsiG97bexTj03ypm1IlicNb7SUB79Efv3ny8ZekB-AUPsabyOkjQEgjiE8fXaABqPh6Ov57OTX9wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1MIJ7xgRRuT7nAZDn4sItrHN6Q-Q%2526client%253Dca-pub-5119020707824427%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18e9556a8754dd91d36960cd93a25ec953ce7e4f4f0c2b09fb53b847409ca99d

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1kad5gyybqw0nj4pqp4a1srcgrfdab6e4zfqq25qj54gw724mh30a4vnznm0wgvpb5j5dx32xgydm3hf4n7s90fxr0wp5mk9tv3xr6mx5yx75kkkfymhge2r0js6m53eb53h6m9wk3y9w71m1fw5fwedx2waw6t230k8vj361vz4pmf4bwjz61vd4ey5nf8dsq0zd0zx8pf6ycsd6javbzwtvavttv37tj6cf5mqa9nt9zqc2q3mb8gvf75ff93fhdq1cev2bc7718ff88hy41kekfzzvm7pyn4em6j9wdpmfpxmxyhhgzh18zjj6avdwxxtxwzmhhfcpqh85qed54rejbyf09ywenc45gxa3hs733mqsecbgr97y69qgskf4wp1e5jy3zpgykxs60qpetd8zq1rt4eb7n1xm93awvdd358sjsy0&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTXRCiEChY5mYItKqrASI5JyIApDhgYRctqjCivACwI23ARABIABglYKAgLgHggEXY2EtcHViLTUxMTkwMjA3MDc4MjQ0MjfIAQmpAgwSLhYHzLE-qAMBqgSnAk_QrF0wD0YKpqSqwXYda9uPodELZDjnttqZx51s9ZKSoMlsHYJG9FukbdXig6pa9TykBEHiCch2Lw5V4KBB-XMgFauUU9nw4HYecCLqW4viQRG6CvMRLIIT8BOBvjklCQddqFMrz8z_j8dKNoy8xyHcpB_buEB7ajc9m_xgp8Q2PwPsLx_How1oaKlpsUMvCsv_oDVHrDAhF_HrS06geuLAIAX5YbdaEKWbG8eOaJPD0yC7DP-o6-OkoCN0EnwanVVDwmi9Qsws1z8klywz7-Fur6WcZxGWMHCt8rMBAkqwwDI2sPn_Qv6bHWBcQNohIQ4Sy7Seab6PgwGsiG97bexTj03ypm1IlicNb7SUB79Efv3ny8ZekB-AUPsabyOkjQEgjiE8fXaABqPh6Ov57OTX9wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1MIJ7xgRRuT7nAZDn4sItrHN6Q-Q%26client%3Dca-pub-5119020707824427%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 77c5cafa2d459293-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 20 Dec 2022 04:56:41 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.27/one-ad/ Frame ED8D 89 KB
11 KB 21ms
21ms Stylesheet
text/css 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C19491%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=728&d=90&e=&g=310bca33e790d4db034fa9bfe704e23c%2F15690049265862926546&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671512201277&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g1pnny7rkh47cn3157rvygjs8nsrpq5eb64fa50rybmtt57g1rqedfe52j2tz4w6tg97t2nkqjdr1b6atfgxkdh2c1x1g1v656x2kxq42fwkpb1qxenby1bdx7fva39ysqkafp79b5sr592g2zh75zbn4kevh19nkcr20wjqqbhh45b58w400mb4smhv873qae0fe21nd56g5t1aa0xx076gaxvy3kv9td4knxt8h90pb2mg9k60ehb25kqydzvr4a59tva324gt22s10j0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCTXRCiEChY5mYItKqrASI5JyIApDhgYRctqjCivACwI23ARABIABglYKAgLgHggEXY2EtcHViLTUxMTkwMjA3MDc4MjQ0MjfIAQmpAgwSLhYHzLE-qAMBqgSnAk_QrF0wD0YKpqSqwXYda9uPodELZDjnttqZx51s9ZKSoMlsHYJG9FukbdXig6pa9TykBEHiCch2Lw5V4KBB-XMgFauUU9nw4HYecCLqW4viQRG6CvMRLIIT8BOBvjklCQddqFMrz8z_j8dKNoy8xyHcpB_buEB7ajc9m_xgp8Q2PwPsLx_How1oaKlpsUMvCsv_oDVHrDAhF_HrS06geuLAIAX5YbdaEKWbG8eOaJPD0yC7DP-o6-OkoCN0EnwanVVDwmi9Qsws1z8klywz7-Fur6WcZxGWMHCt8rMBAkqwwDI2sPn_Qv6bHWBcQNohIQ4Sy7Seab6PgwGsiG97bexTj03ypm1IlicNb7SUB79Efv3ny8ZekB-AUPsabyOkjQEgjiE8fXaABqPh6Ov57OTX9wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1MIJ7xgRRuT7nAZDn4sItrHN6Q-Q%2526client%253Dca-pub-5119020707824427%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=192347%2C19491%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=728&d=90&e=&g=310bca33e790d4db034fa9bfe704e23c%2F15690049265862926546&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671512201277&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g1pnny7rkh47cn3157rvygjs8nsrpq5eb64fa50rybmtt57g1rqedfe52j2tz4w6tg97t2nkqjdr1b6atfgxkdh2c1x1g1v656x2kxq42fwkpb1qxenby1bdx7fva39ysqkafp79b5sr592g2zh75zbn4kevh19nkcr20wjqqbhh45b58w400mb4smhv873qae0fe21nd56g5t1aa0xx076gaxvy3kv9td4knxt8h90pb2mg9k60ehb25kqydzvr4a59tva324gt22s10j0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCTXRCiEChY5mYItKqrASI5JyIApDhgYRctqjCivACwI23ARABIABglYKAgLgHggEXY2EtcHViLTUxMTkwMjA3MDc4MjQ0MjfIAQmpAgwSLhYHzLE-qAMBqgSnAk_QrF0wD0YKpqSqwXYda9uPodELZDjnttqZx51s9ZKSoMlsHYJG9FukbdXig6pa9TykBEHiCch2Lw5V4KBB-XMgFauUU9nw4HYecCLqW4viQRG6CvMRLIIT8BOBvjklCQddqFMrz8z_j8dKNoy8xyHcpB_buEB7ajc9m_xgp8Q2PwPsLx_How1oaKlpsUMvCsv_oDVHrDAhF_HrS06geuLAIAX5YbdaEKWbG8eOaJPD0yC7DP-o6-OkoCN0EnwanVVDwmi9Qsws1z8klywz7-Fur6WcZxGWMHCt8rMBAkqwwDI2sPn_Qv6bHWBcQNohIQ4Sy7Seab6PgwGsiG97bexTj03ypm1IlicNb7SUB79Efv3ny8ZekB-AUPsabyOkjQEgjiE8fXaABqPh6Ov57OTX9wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1MIJ7xgRRuT7nAZDn4sItrHN6Q-Q%2526client%253Dca-pub-5119020707824427%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:56:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1670930538
age: 576567
cf-polished: origSize=91628
x-guploader-uploadid: ADPycduR5Ol9pg3grc4HAIdmrbMEndwceyBRaKPEzp4btA3cKENGM-ZcNqNRgrH_pFRA6eQ6LFPYNJBaKno_nvJ48NOr
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 13 Dec 2022 11:22:46 GMT
server: cloudflare
etag: W/"575def06e70febb0cbd25403e37880bf"
vary: Accept-Encoding
x-goog-generation: 1670930566724484
content-type: text/css
x-goog-hash: crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LeMLFWwo892GDkwbOAvoNl8Sp71SlRjNtfRJ9yF9XKVhR87jGI4uLG%2BRyGJBI2OEzBlOJJSHml1PDpTK%2ByjJelD0PCqmFPxe3B8IukgP7%2BiVRZF57dt7hQAk5pwQyiZohZJ1vrY91Dc%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 91628
cf-ray: 77c5cafa5d809293-FRA
expires: Tue, 20 Dec 2022 05:56:41 GMT

GET
H2 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame ED8D 53 KB
54 KB 35ms
26ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C19491%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=728&d=90&e=&g=310bca33e790d4db034fa9bfe704e23c%2F15690049265862926546&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671512201277&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g1pnny7rkh47cn3157rvygjs8nsrpq5eb64fa50rybmtt57g1rqedfe52j2tz4w6tg97t2nkqjdr1b6atfgxkdh2c1x1g1v656x2kxq42fwkpb1qxenby1bdx7fva39ysqkafp79b5sr592g2zh75zbn4kevh19nkcr20wjqqbhh45b58w400mb4smhv873qae0fe21nd56g5t1aa0xx076gaxvy3kv9td4knxt8h90pb2mg9k60ehb25kqydzvr4a59tva324gt22s10j0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCTXRCiEChY5mYItKqrASI5JyIApDhgYRctqjCivACwI23ARABIABglYKAgLgHggEXY2EtcHViLTUxMTkwMjA3MDc4MjQ0MjfIAQmpAgwSLhYHzLE-qAMBqgSnAk_QrF0wD0YKpqSqwXYda9uPodELZDjnttqZx51s9ZKSoMlsHYJG9FukbdXig6pa9TykBEHiCch2Lw5V4KBB-XMgFauUU9nw4HYecCLqW4viQRG6CvMRLIIT8BOBvjklCQddqFMrz8z_j8dKNoy8xyHcpB_buEB7ajc9m_xgp8Q2PwPsLx_How1oaKlpsUMvCsv_oDVHrDAhF_HrS06geuLAIAX5YbdaEKWbG8eOaJPD0yC7DP-o6-OkoCN0EnwanVVDwmi9Qsws1z8klywz7-Fur6WcZxGWMHCt8rMBAkqwwDI2sPn_Qv6bHWBcQNohIQ4Sy7Seab6PgwGsiG97bexTj03ypm1IlicNb7SUB79Efv3ny8ZekB-AUPsabyOkjQEgjiE8fXaABqPh6Ov57OTX9wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1MIJ7xgRRuT7nAZDn4sItrHN6Q-Q%2526client%253Dca-pub-5119020707824427%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccc415761dc5487c6d953e1ff0de4904b7bca42512371811d84e712253628f97

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:56:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1588892
cf-polished: origFmt=png, origSize=115129
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 54554
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Feb 2021 15:11:24 GMT
server: cloudflare
etag: "0a277d59efca0369a6983645e273659e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HPoL4sw%2F6NZXdRHcbfxAtnnk%2FH3dI%2Bafrrt1mswXPTje%2F%2FJlIiGR%2FK1CckDuVV%2BZT%2BWAXNTHguguTi3r9c6iZwABEmnaRAyy4hOtqpCaWeZ4zJlSNn%2Btl4UdEGLnJk%2F9%2Fwuwz%2B8%2BC%2FNbVRQn"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 77c5cafa6ff8bb80-FRA
expires: Wed, 21 Dec 2022 04:56:41 GMT

GET
H2 200 3778CF797E3A529087D97C23A5BCA9FADE012AB01E21FB1929557E8BD70A789A1F44E5D867099979B17313F69D44515CF12B8C937634907539AB1C54C4F5334B
assets.ad4m.at/product_image/ Frame ED8D 11 KB
11 KB 25ms
17ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/3778CF797E3A529087D97C23A5BCA9FADE012AB01E21FB1929557E8BD70A789A1F44E5D867099979B17313F69D44515CF12B8C937634907539AB1C54C4F5334B
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C19491%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=728&d=90&e=&g=310bca33e790d4db034fa9bfe704e23c%2F15690049265862926546&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671512201277&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g1pnny7rkh47cn3157rvygjs8nsrpq5eb64fa50rybmtt57g1rqedfe52j2tz4w6tg97t2nkqjdr1b6atfgxkdh2c1x1g1v656x2kxq42fwkpb1qxenby1bdx7fva39ysqkafp79b5sr592g2zh75zbn4kevh19nkcr20wjqqbhh45b58w400mb4smhv873qae0fe21nd56g5t1aa0xx076gaxvy3kv9td4knxt8h90pb2mg9k60ehb25kqydzvr4a59tva324gt22s10j0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCTXRCiEChY5mYItKqrASI5JyIApDhgYRctqjCivACwI23ARABIABglYKAgLgHggEXY2EtcHViLTUxMTkwMjA3MDc4MjQ0MjfIAQmpAgwSLhYHzLE-qAMBqgSnAk_QrF0wD0YKpqSqwXYda9uPodELZDjnttqZx51s9ZKSoMlsHYJG9FukbdXig6pa9TykBEHiCch2Lw5V4KBB-XMgFauUU9nw4HYecCLqW4viQRG6CvMRLIIT8BOBvjklCQddqFMrz8z_j8dKNoy8xyHcpB_buEB7ajc9m_xgp8Q2PwPsLx_How1oaKlpsUMvCsv_oDVHrDAhF_HrS06geuLAIAX5YbdaEKWbG8eOaJPD0yC7DP-o6-OkoCN0EnwanVVDwmi9Qsws1z8klywz7-Fur6WcZxGWMHCt8rMBAkqwwDI2sPn_Qv6bHWBcQNohIQ4Sy7Seab6PgwGsiG97bexTj03ypm1IlicNb7SUB79Efv3ny8ZekB-AUPsabyOkjQEgjiE8fXaABqPh6Ov57OTX9wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1MIJ7xgRRuT7nAZDn4sItrHN6Q-Q%2526client%253Dca-pub-5119020707824427%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fc6327e965679b41a818cf88fdaf0b16e586c0ac03bc72d49c4f47e2ed02336

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:56:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1747014
cf-polished: qual=85, origFmt=jpeg, origSize=46259
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10888
cf-bgj: imgq:85,h2pri
last-modified: Wed, 16 Nov 2022 16:09:44 GMT
server: cloudflare
etag: "b2cf554576629d98986c459034c76d1a"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y0ziy1QjQ%2FxG4ptuRDyyF5hYw9mp21lXqdsiJUQVcTB3mJyx0DgcGZVn0qmIsmy4AToSxgIgK2tVTnd3oPPwluE5SNzHcX8yGQgaglyoOkXVSYP6gcX95vPOGWuAZuVk1yj8U4QZP2n5SsB9"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 77c5cafa6ffabb80-FRA
expires: Wed, 21 Dec 2022 04:56:41 GMT

GET
H/1.1

200
OK

/
partner.o2online.de/a/ Frame ED8D
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CMTggZi0h_wCFYSF_Qcd7ywCRw;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=viewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=viewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2022122005564179666418953X117703V1226132702MSviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_N...

49 B
1 KB

83ms
22ms

Image
image/gif

88.99.63.132
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2022122005564179666418953X117703V1226132702MSviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0&spid=2022122005564179666418953X117703V1226132702MSviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&wfid=117703&partnerid=12218
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C19491%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=728&d=90&e=&g=310bca33e790d4db034fa9bfe704e23c%2F15690049265862926546&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671512201277&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g1pnny7rkh47cn3157rvygjs8nsrpq5eb64fa50rybmtt57g1rqedfe52j2tz4w6tg97t2nkqjdr1b6atfgxkdh2c1x1g1v656x2kxq42fwkpb1qxenby1bdx7fva39ysqkafp79b5sr592g2zh75zbn4kevh19nkcr20wjqqbhh45b58w400mb4smhv873qae0fe21nd56g5t1aa0xx076gaxvy3kv9td4knxt8h90pb2mg9k60ehb25kqydzvr4a59tva324gt22s10j0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCTXRCiEChY5mYItKqrASI5JyIApDhgYRctqjCivACwI23ARABIABglYKAgLgHggEXY2EtcHViLTUxMTkwMjA3MDc4MjQ0MjfIAQmpAgwSLhYHzLE-qAMBqgSnAk_QrF0wD0YKpqSqwXYda9uPodELZDjnttqZx51s9ZKSoMlsHYJG9FukbdXig6pa9TykBEHiCch2Lw5V4KBB-XMgFauUU9nw4HYecCLqW4viQRG6CvMRLIIT8BOBvjklCQddqFMrz8z_j8dKNoy8xyHcpB_buEB7ajc9m_xgp8Q2PwPsLx_How1oaKlpsUMvCsv_oDVHrDAhF_HrS06geuLAIAX5YbdaEKWbG8eOaJPD0yC7DP-o6-OkoCN0EnwanVVDwmi9Qsws1z8klywz7-Fur6WcZxGWMHCt8rMBAkqwwDI2sPn_Qv6bHWBcQNohIQ4Sy7Seab6PgwGsiG97bexTj03ypm1IlicNb7SUB79Efv3ny8ZekB-AUPsabyOkjQEgjiE8fXaABqPh6Ov57OTX9wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1MIJ7xgRRuT7nAZDn4sItrHN6Q-Q%2526client%253Dca-pub-5119020707824427%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 88.99.63.132 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: nonstopads3.sunbonet.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 04:56:41 GMT
X-NODEIP: 88.99.63.132
Server: nginx/1.18.0 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2022122005564179666418953X117703V1226132702MSviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0&spid=2022122005564179666418953X117703V1226132702MSviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&wfid=117703&partnerid=12218
date: Tue, 20 Dec 2022 04:56:41 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H2 200 DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame ED8D 9 KB
9 KB 34ms
26ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C19491%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=728&d=90&e=&g=310bca33e790d4db034fa9bfe704e23c%2F15690049265862926546&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671512201277&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g1pnny7rkh47cn3157rvygjs8nsrpq5eb64fa50rybmtt57g1rqedfe52j2tz4w6tg97t2nkqjdr1b6atfgxkdh2c1x1g1v656x2kxq42fwkpb1qxenby1bdx7fva39ysqkafp79b5sr592g2zh75zbn4kevh19nkcr20wjqqbhh45b58w400mb4smhv873qae0fe21nd56g5t1aa0xx076gaxvy3kv9td4knxt8h90pb2mg9k60ehb25kqydzvr4a59tva324gt22s10j0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCTXRCiEChY5mYItKqrASI5JyIApDhgYRctqjCivACwI23ARABIABglYKAgLgHggEXY2EtcHViLTUxMTkwMjA3MDc4MjQ0MjfIAQmpAgwSLhYHzLE-qAMBqgSnAk_QrF0wD0YKpqSqwXYda9uPodELZDjnttqZx51s9ZKSoMlsHYJG9FukbdXig6pa9TykBEHiCch2Lw5V4KBB-XMgFauUU9nw4HYecCLqW4viQRG6CvMRLIIT8BOBvjklCQddqFMrz8z_j8dKNoy8xyHcpB_buEB7ajc9m_xgp8Q2PwPsLx_How1oaKlpsUMvCsv_oDVHrDAhF_HrS06geuLAIAX5YbdaEKWbG8eOaJPD0yC7DP-o6-OkoCN0EnwanVVDwmi9Qsws1z8klywz7-Fur6WcZxGWMHCt8rMBAkqwwDI2sPn_Qv6bHWBcQNohIQ4Sy7Seab6PgwGsiG97bexTj03ypm1IlicNb7SUB79Efv3ny8ZekB-AUPsabyOkjQEgjiE8fXaABqPh6Ov57OTX9wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1MIJ7xgRRuT7nAZDn4sItrHN6Q-Q%2526client%253Dca-pub-5119020707824427%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:56:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2191097
cf-polished: origFmt=png, origSize=24833
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9258
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Feb 2021 15:11:57 GMT
server: cloudflare
etag: "174bb0dc35647e204b09aa120965604a"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f4QMjyUwyNw%2BAPLVeH1d8m5FyY%2Br0mjyrBhXtFeHYLvrzu99gSYtUOFtAxC1bA403WEc9wkhNjHrFxWiwLSh%2BvaQCh81LlxcWtXuRwtsbRncDCjklx716axUCE%2FTr43%2B%2BSsvEHf7pMVvN4dO"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 77c5cafa6ffcbb80-FRA
expires: Wed, 21 Dec 2022 04:56:41 GMT

GET
H2 200 FDA524315CF1A84E9D46619FD10F0264DD2260394DD71198EE8FEC75572B31C1B960B5E4A647F88B6C04B0DBC247510EFFF5F03328E33405460FFEDC3D0CE020
assets.ad4m.at/product_image/ Frame ED8D 20 KB
20 KB 34ms
26ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/FDA524315CF1A84E9D46619FD10F0264DD2260394DD71198EE8FEC75572B31C1B960B5E4A647F88B6C04B0DBC247510EFFF5F03328E33405460FFEDC3D0CE020
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C19491%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=728&d=90&e=&g=310bca33e790d4db034fa9bfe704e23c%2F15690049265862926546&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671512201277&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g1pnny7rkh47cn3157rvygjs8nsrpq5eb64fa50rybmtt57g1rqedfe52j2tz4w6tg97t2nkqjdr1b6atfgxkdh2c1x1g1v656x2kxq42fwkpb1qxenby1bdx7fva39ysqkafp79b5sr592g2zh75zbn4kevh19nkcr20wjqqbhh45b58w400mb4smhv873qae0fe21nd56g5t1aa0xx076gaxvy3kv9td4knxt8h90pb2mg9k60ehb25kqydzvr4a59tva324gt22s10j0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCTXRCiEChY5mYItKqrASI5JyIApDhgYRctqjCivACwI23ARABIABglYKAgLgHggEXY2EtcHViLTUxMTkwMjA3MDc4MjQ0MjfIAQmpAgwSLhYHzLE-qAMBqgSnAk_QrF0wD0YKpqSqwXYda9uPodELZDjnttqZx51s9ZKSoMlsHYJG9FukbdXig6pa9TykBEHiCch2Lw5V4KBB-XMgFauUU9nw4HYecCLqW4viQRG6CvMRLIIT8BOBvjklCQddqFMrz8z_j8dKNoy8xyHcpB_buEB7ajc9m_xgp8Q2PwPsLx_How1oaKlpsUMvCsv_oDVHrDAhF_HrS06geuLAIAX5YbdaEKWbG8eOaJPD0yC7DP-o6-OkoCN0EnwanVVDwmi9Qsws1z8klywz7-Fur6WcZxGWMHCt8rMBAkqwwDI2sPn_Qv6bHWBcQNohIQ4Sy7Seab6PgwGsiG97bexTj03ypm1IlicNb7SUB79Efv3ny8ZekB-AUPsabyOkjQEgjiE8fXaABqPh6Ov57OTX9wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1MIJ7xgRRuT7nAZDn4sItrHN6Q-Q%2526client%253Dca-pub-5119020707824427%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b094a140ea1c9e6edece62a54ab0d4fb5a600ba71495dc8835a12621e49204e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:56:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 217186
cf-polished: qual=85, origFmt=jpeg, origSize=85977
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20094
cf-bgj: imgq:85,h2pri
last-modified: Wed, 16 Nov 2022 16:32:10 GMT
server: cloudflare
etag: "115bea0885590f780802fd14548a1cde"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ouJ2CVpSy2ojwzXdVu3A6LfLpXNwQ553sXArdE%2B2N%2BrTkDQcKFfhUNHzb62sYJkbc6%2FY79ZDoylk13Ohyi40HCRqRJ8QRuRxoorXlc60H%2FOa2oR0jZTgDVEdVZ%2BWTHJQQWEtfCHSkKkUUn3u"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 77c5cafa6ffdbb80-FRA
expires: Wed, 21 Dec 2022 04:56:41 GMT

GET
H/1.1

200
OK

/
partner.blau.de/a/ Frame ED8D
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed...
https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CMXlgZi0h_wCFYeZdwodHTwF9A;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_la...
https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=viewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=viewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2022122005564179666418957X113752V1225131106MSviewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netm...

49 B
1 KB

59ms
17ms

Image
image/gif

46.4.41.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2022122005564179666418957X113752V1225131106MSviewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C19491%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=728&d=90&e=&g=310bca33e790d4db034fa9bfe704e23c%2F15690049265862926546&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671512201277&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g1pnny7rkh47cn3157rvygjs8nsrpq5eb64fa50rybmtt57g1rqedfe52j2tz4w6tg97t2nkqjdr1b6atfgxkdh2c1x1g1v656x2kxq42fwkpb1qxenby1bdx7fva39ysqkafp79b5sr592g2zh75zbn4kevh19nkcr20wjqqbhh45b58w400mb4smhv873qae0fe21nd56g5t1aa0xx076gaxvy3kv9td4knxt8h90pb2mg9k60ehb25kqydzvr4a59tva324gt22s10j0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCTXRCiEChY5mYItKqrASI5JyIApDhgYRctqjCivACwI23ARABIABglYKAgLgHggEXY2EtcHViLTUxMTkwMjA3MDc4MjQ0MjfIAQmpAgwSLhYHzLE-qAMBqgSnAk_QrF0wD0YKpqSqwXYda9uPodELZDjnttqZx51s9ZKSoMlsHYJG9FukbdXig6pa9TykBEHiCch2Lw5V4KBB-XMgFauUU9nw4HYecCLqW4viQRG6CvMRLIIT8BOBvjklCQddqFMrz8z_j8dKNoy8xyHcpB_buEB7ajc9m_xgp8Q2PwPsLx_How1oaKlpsUMvCsv_oDVHrDAhF_HrS06geuLAIAX5YbdaEKWbG8eOaJPD0yC7DP-o6-OkoCN0EnwanVVDwmi9Qsws1z8klywz7-Fur6WcZxGWMHCt8rMBAkqwwDI2sPn_Qv6bHWBcQNohIQ4Sy7Seab6PgwGsiG97bexTj03ypm1IlicNb7SUB79Efv3ny8ZekB-AUPsabyOkjQEgjiE8fXaABqPh6Ov57OTX9wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1MIJ7xgRRuT7nAZDn4sItrHN6Q-Q%2526client%253Dca-pub-5119020707824427%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 46.4.41.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: nonstopads2.sunbonet.de
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 20 Dec 2022 04:56:41 GMT
X-NODEIP: 46.4.41.145
Server: nginx/1.10.3 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2022122005564179666418957X113752V1225131106MSviewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&cons=0
date: Tue, 20 Dec 2022 04:56:41 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H2 200 CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
assets.ad4m.at/logo/ Frame ED8D 16 KB
16 KB 34ms
27ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C19491%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=728&d=90&e=&g=310bca33e790d4db034fa9bfe704e23c%2F15690049265862926546&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671512201277&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g1pnny7rkh47cn3157rvygjs8nsrpq5eb64fa50rybmtt57g1rqedfe52j2tz4w6tg97t2nkqjdr1b6atfgxkdh2c1x1g1v656x2kxq42fwkpb1qxenby1bdx7fva39ysqkafp79b5sr592g2zh75zbn4kevh19nkcr20wjqqbhh45b58w400mb4smhv873qae0fe21nd56g5t1aa0xx076gaxvy3kv9td4knxt8h90pb2mg9k60ehb25kqydzvr4a59tva324gt22s10j0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCTXRCiEChY5mYItKqrASI5JyIApDhgYRctqjCivACwI23ARABIABglYKAgLgHggEXY2EtcHViLTUxMTkwMjA3MDc4MjQ0MjfIAQmpAgwSLhYHzLE-qAMBqgSnAk_QrF0wD0YKpqSqwXYda9uPodELZDjnttqZx51s9ZKSoMlsHYJG9FukbdXig6pa9TykBEHiCch2Lw5V4KBB-XMgFauUU9nw4HYecCLqW4viQRG6CvMRLIIT8BOBvjklCQddqFMrz8z_j8dKNoy8xyHcpB_buEB7ajc9m_xgp8Q2PwPsLx_How1oaKlpsUMvCsv_oDVHrDAhF_HrS06geuLAIAX5YbdaEKWbG8eOaJPD0yC7DP-o6-OkoCN0EnwanVVDwmi9Qsws1z8klywz7-Fur6WcZxGWMHCt8rMBAkqwwDI2sPn_Qv6bHWBcQNohIQ4Sy7Seab6PgwGsiG97bexTj03ypm1IlicNb7SUB79Efv3ny8ZekB-AUPsabyOkjQEgjiE8fXaABqPh6Ov57OTX9wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1MIJ7xgRRuT7nAZDn4sItrHN6Q-Q%2526client%253Dca-pub-5119020707824427%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7024493525030ecd098ce0dcb2f0aea839373775120b40580028137b1d125ac9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:56:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2192620
cf-polished: origFmt=png, origSize=39979
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15996
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Jan 2020 13:07:55 GMT
server: cloudflare
etag: "ad9334664514d900a0c3b76d17ca960f"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LJ3kWjaoe4sAHcVJpaGDeQ4KiUHzz8hF73bjCZLb6VhCyJOLLIgD4MuYa340ePw1LSt6SRbyCyIJ2CjEGNB7zx6aAaELahXr4X%2FYU1z3wjW54TvUAFVInq2rgacewf4q0GEJk7gNrq%2BqZMoo"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 77c5cafa6fffbb80-FRA
expires: Wed, 21 Dec 2022 04:56:41 GMT

GET
H2 200 EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame ED8D 222 KB
222 KB 25ms
18ms Image
image/webp 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C19491%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=728&d=90&e=&g=310bca33e790d4db034fa9bfe704e23c%2F15690049265862926546&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671512201277&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g1pnny7rkh47cn3157rvygjs8nsrpq5eb64fa50rybmtt57g1rqedfe52j2tz4w6tg97t2nkqjdr1b6atfgxkdh2c1x1g1v656x2kxq42fwkpb1qxenby1bdx7fva39ysqkafp79b5sr592g2zh75zbn4kevh19nkcr20wjqqbhh45b58w400mb4smhv873qae0fe21nd56g5t1aa0xx076gaxvy3kv9td4knxt8h90pb2mg9k60ehb25kqydzvr4a59tva324gt22s10j0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCTXRCiEChY5mYItKqrASI5JyIApDhgYRctqjCivACwI23ARABIABglYKAgLgHggEXY2EtcHViLTUxMTkwMjA3MDc4MjQ0MjfIAQmpAgwSLhYHzLE-qAMBqgSnAk_QrF0wD0YKpqSqwXYda9uPodELZDjnttqZx51s9ZKSoMlsHYJG9FukbdXig6pa9TykBEHiCch2Lw5V4KBB-XMgFauUU9nw4HYecCLqW4viQRG6CvMRLIIT8BOBvjklCQddqFMrz8z_j8dKNoy8xyHcpB_buEB7ajc9m_xgp8Q2PwPsLx_How1oaKlpsUMvCsv_oDVHrDAhF_HrS06geuLAIAX5YbdaEKWbG8eOaJPD0yC7DP-o6-OkoCN0EnwanVVDwmi9Qsws1z8klywz7-Fur6WcZxGWMHCt8rMBAkqwwDI2sPn_Qv6bHWBcQNohIQ4Sy7Seab6PgwGsiG97bexTj03ypm1IlicNb7SUB79Efv3ny8ZekB-AUPsabyOkjQEgjiE8fXaABqPh6Ov57OTX9wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1MIJ7xgRRuT7nAZDn4sItrHN6Q-Q%2526client%253Dca-pub-5119020707824427%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bfc7d34cd8bc7df36a984d6f3da50799752e33c48bbf07a4a1ee959b51476d0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:56:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2191574
cf-polished: origFmt=png, origSize=342797
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 226950
cf-bgj: imgq:85,h2pri
last-modified: Wed, 15 Jun 2022 14:01:11 GMT
server: cloudflare
etag: "82c7de0f42ff55fdd0acc07731664031"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eePU6oG79T4GSZAtBVXq5Uc8Xa5bs3gYrLfQ8Mt0CWUvs6Pr%2BGgpGZxVv9xvlOdT0igxvI1JEG8mxczFxlVwbLiKoAMIPU2OQc7DU5A3ewqJpwSNmAQ1O2W4G94jPbft479dPhps9bo4s52G"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 77c5cafa6800bb80-FRA
expires: Wed, 21 Dec 2022 04:56:41 GMT

GET
H2

200

ztpv.php
www.conrad.de/ Frame ED8D
Redirect Chain

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtVoneid__suite_Netmix_Reach43_TopRotaMonth&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.conrad.de/ztpv.php?awc=11354_412871_1671512201_b1861030-8022-11ed-bfbc-22342ff4a6f7&insert=AW&&gdpr=0&gdpr_consent=

0
638 B

74ms
47ms

Image
text/html

2606:4700::6812:7e05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.conrad.de/ztpv.php?awc=11354_412871_1671512201_b1861030-8022-11ed-bfbc-22342ff4a6f7&insert=AW&&gdpr=0&gdpr_consent=

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=192347%2C19491%2C14019&b=72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCM%2CR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7%2CD8qh3fWwhbJ6t3HmH9t1tZDAhWTmTgbtV&f=EzqfDf4EsEBxZczHAHjt6C441HqTVTzbF7%2CQpKH4fdjUWX7axH5HYt9CZZrTDT4TzPFV%2Cd9DSEfPkH43WhEHjHwtqCbXQf3T4T1rUj&c=728&d=90&e=&g=310bca33e790d4db034fa9bfe704e23c%2F15690049265862926546&i=20774%2C20773%2C21596&j=14%2C14%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach43_TopRotaMonth&r=1671512201277&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g1pnny7rkh47cn3157rvygjs8nsrpq5eb64fa50rybmtt57g1rqedfe52j2tz4w6tg97t2nkqjdr1b6atfgxkdh2c1x1g1v656x2kxq42fwkpb1qxenby1bdx7fva39ysqkafp79b5sr592g2zh75zbn4kevh19nkcr20wjqqbhh45b58w400mb4smhv873qae0fe21nd56g5t1aa0xx076gaxvy3kv9td4knxt8h90pb2mg9k60ehb25kqydzvr4a59tva324gt22s10j0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCTXRCiEChY5mYItKqrASI5JyIApDhgYRctqjCivACwI23ARABIABglYKAgLgHggEXY2EtcHViLTUxMTkwMjA3MDc4MjQ0MjfIAQmpAgwSLhYHzLE-qAMBqgSnAk_QrF0wD0YKpqSqwXYda9uPodELZDjnttqZx51s9ZKSoMlsHYJG9FukbdXig6pa9TykBEHiCch2Lw5V4KBB-XMgFauUU9nw4HYecCLqW4viQRG6CvMRLIIT8BOBvjklCQddqFMrz8z_j8dKNoy8xyHcpB_buEB7ajc9m_xgp8Q2PwPsLx_How1oaKlpsUMvCsv_oDVHrDAhF_HrS06geuLAIAX5YbdaEKWbG8eOaJPD0yC7DP-o6-OkoCN0EnwanVVDwmi9Qsws1z8klywz7-Fur6WcZxGWMHCt8rMBAkqwwDI2sPn_Qv6bHWBcQNohIQ4Sy7Seab6PgwGsiG97bexTj03ypm1IlicNb7SUB79Efv3ny8ZekB-AUPsabyOkjQEgjiE8fXaABqPh6Ov57OTX9wGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1MIJ7xgRRuT7nAZDn4sItrHN6Q-Q%2526client%253Dca-pub-5119020707824427%2526adurl%253D&y=1&s=&z=0

Protocol

Server

2606:4700::6812:7e05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:56:41 GMT
via: 1.1 additional-webserver-blue-j7sk (Varnish/7.2)
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=15552000
age: 0
content-type: text/html; charset=UTF-8
p3p: policyref="http://www.conrad.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
x-varnish: 185395298
cache-control: no-cache
cf-ray: 77c5cafb09666939-FRA
expires: -1

Redirect headers

Date: Tue, 20 Dec 2022 04:56:41 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.conrad.de/ztpv.php?awc=11354_412871_1671512201_b1861030-8022-11ed-bfbc-22342ff4a6f7&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2E26 42 B
64 B 43ms
42ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstAiHbb9jb5_djWRTfr1VzuZJaoaEPtpD3UAuYbQ6gjTr5rkMI2_JrWeVl7ibxgkaB4YDCy3gBlJwkfmWR5cqS5rvfQYKFu8MjIGTHU8UDH-GKJUeQtKBN6QQNcHk0W35ulmCUVzQ&sai=AMfl-YScYsKo2ZIOsCPlP815srdodVPL8glMjohrt-d4HMmTFY3F3g6FGcwCWPxwi_hDRdoEhv65S4bworbn6Ao&sig=Cg0ArKJSzLaSna2d91o5EAE&cid=CAQSGwDq26N99ts9cHQ5RDHoI9Leo6Vv_twn6F0nUhgBIBM&id=lidar2&mcvt=1001&p=0,0,280,748&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3602340273&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671512199470&rpt=861&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 04:56:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7527 13 KB
5 KB 9ms
8ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://en.firstgooal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 20412
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 19 Dec 2022 23:16:29 GMT
expires: Tue, 19 Dec 2023 23:16:29 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4954 783 B
536 B 18ms
17ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9981fe418ecdec353f9dfbf9f2bcd8be3a4093d0cf5cde7c24ec36bda7b5a3d9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vH6WXGju0js7iPmyPwWZDQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://en.firstgooal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-vH6WXGju0js7iPmyPwWZDQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 20 Dec 2022 04:56:41 GMT
expires: Tue, 20 Dec 2022 04:56:41 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 7527 36 KB
16 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 18 Dec 2022 07:28:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 163695
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16132
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 18 Dec 2023 07:28:26 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4954 0
0 41ms
41ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221207&jk=1580426415818966&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7527 0
10 B 7ms
7ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?McdNNw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Dec 2022 04:56:41 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1D12 42 B
64 B 45ms
45ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvj9JX6jG4Biyz6ULLf76ZkjFILQC52FYBRVbC5_GVu3G9VeaYEQnCqtttk004iI-i26oeFnuhYOvssa2PvT09YghjdSeR4wdwaNFeZHFq-p-NIcRKxT-ORDoAt0puf2aNmNW4KCovvncBDm2b7peUNvgN5AWbglEvanWkayx3E4yI5KPM2acZTi_KrbCvuOUmudtW5nWXEDx0-wbBkh_pSRPfX8zJBMXPdtNcSwpirlRiDD0t19fxNNu2Azv--X1cEUPJHYzIEmsIGRFi7NFcjuTZPQHy1ojctQ_w4uyCOq-uhKD_lvFPGXph3ZLMAaiWH9Gw6HGyL02JhVPzpTxSi1YLLuLUAwWB6vKTIbwHht_T7Ir6Zy6QznB9OqkvURQsSnfIGamspxJ1vx-M4p3fNPnC35ASUTetmLe_iTyuAj5tORXswV5LpGgu3LgfobLvHqx0AZJpjoQLTqCFpr_mkIyDGcxKPI_ftNUaItwO1oArzt3qWLjWT2jFceVBePdmCrI6jN4k_mqCzzDsqaLq8QjNxVxN0IXmPIZVhvY2mYwHIsYryF4atQOxFwB77DtZpe6x5d8yiMFQS2x2vOYZmvH1DJXb4ArNN-2nOFMNdy5yNlgt9F4zwz56CUbfTla1r2mmRyzvjzeM2_GSKwafBgaYvnsfR2jwfu-SIzua-XJYLrR7RcOmk38vTJBNkHJrLyB2cT9SBJQfhocJcgposC5C0gBUFxHFIy0yynk5245qS30ksI4WP39ta_nKnHK3yQnw-GGS6OhL0g-9biABfzIED67b7V-8FFUPNpVzJy44LWgbH3kSE4qVgFtPb8RvgGTqReXgIfMUSeFvzZoainItoak5ry5vkoC0uIekv02F09lZ7pX8cL3YzBTE9wceE8gSubd9Fn6U-B5W6-mcXLHDW3NYolZ2YIctRnyxpnKnL6jxZtRJr-p9bgOIcHcdaZdrSzC5y7Xtbq4O95TdlYrpRX_vvkpMCByj0ACKp9dAkK-veMiVu37m9eyXNq-ni6SWj0yycnBqBj_HklFLJp4H22U4KDj-fZbH3aOfrYg8n7fvQ2u9t7kYqjITl2Wve22cqWMVmav6tvyXilFsdtgvz&sai=AMfl-YROec_AHhfsxnrJ7N0WmgSJlPwf3T3HBJ4-9sECapco6at6EJTuyYt-3wlGA4HQcp0P4bUS0o6d53Y5Eyb63hELyskHO_AKN0gn&sig=Cg0ArKJSzBA1Ro1-X4WvEAE&cid=CAQSGwDq26N9pjR2Hd0L5Ni9W5p8H6jF54gPzTIdahgBIBM&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=83,761,1000,1075,1148&tos=83,678,239,75,73&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671512200581&rpt=239&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Dec 2022 04:56:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 45ms
44ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221207&jk=1580426415818966&bg=!ZmWlZSHNAAYgquz3AKo7ACkAdvg8Wiqk5Nw6Mkoh_c4Fnjq6xVnQwgqXsOq02W6nFiLnJ9x5m524zgIAAABNUgAAAANoAQeZAuLIlqp8Z0_MCtcbQIBo_ungs06FEkUzb4FFVT-QwyDYZbgtL4xXjEs4mb4KfGdcpt6edLjRCTTl8IxCeS_AAzZdje1at0UpmgW31thiIobhEc3OzZm3CusAuzq794Swoq9_tSMxHcK-goYLea58JJN3XbM1qu5TDkBg6c7Lhv7v3GjnHLIdA0uDWCUzM-5i1Y5wvkNl9hcyzS2niGwXAdCHOEEp2zb1T1WCf2ol-jR3b_Xh6ItzIvm6JrBeAwmBwioyDTL2mEMJfeF2Tfu-CRrwxyY6jV9QKDO9pVq_1feaB5Sl_gWnjoXpGtR-rTuu1BDOiYq3qCmXa-3y6YlPyT0pPbmxsB2FyXwadNLA4GOGL86etLtqWGvOPgY_Udb1ttlxAyltZtzqdoXag6wh4JPvsfFRKXDFs0fe-qzw71exPZnj7gorERbbr1Mb7Rs7i_OzcPpuE43AXmvo-hAn0zp4e8wjfU-H-CBEUSvu2IRXIoAXiaGjuqHBvstIxHapYxkgUjGR7wmNzXWfLoKR65Z-CgEbxYkBppeISwe5fmV4N4vvwxtTLyrbpwi7jkwzCFBD7548TofjLVdF5t0GrmZgH86Vg2qWnF1ut4iZ8gQE5oRFbU3Gx7oaRVFZzBIQVLivGRHbrisM8RBFoZkdljiNPb9OsVZJ7qPr3DXUX_0yZhAaJNEtGa9Ssk6lthmRMHkj2hHnaxv8T3mYYH9gsrx_D9UfrhU82Nw8puRfdKmSIdp4WsyfUsuosBKyHPvfhHImbPx_taZxJwn1fdaaCS54O6JJnfDQR1BauTJnGRZW1F1daLDpTMlcYk8MfYib7XHkbiio510shmvNdzHPgdSWN2f8OkXhKLTakiY-chaKTsciSVsOY4dEKcwt4ivh1zzOnIiiEaV-R-crbxpPcGpS5z-jziJ2LsaOATs-ZcFWffmUEEQquAaUEi-8Rr2t94P9Am752Sx1G2fP-bMH9KzhDoo
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://en.firstgooal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.google.com/	1970-01-20 17:48:18	Name: __Secure-ENID Value: 9.SE=kOW3RuF5QC9z5-8NGBeWZmeM9EpRMKCTKHgsg-zQBondInZbI5h7j6Phq61Ai46zAZlZmxO4APqF9hdojIdcwJDLfJa3e_7wO2uWhq1gsZltOCnGZMM14n9nrzIgUe3QYhy6-l5pdhLJHsKk0HsgJa75rI9yIcsIw3C_LGGCPV8
.google.com/	1970-01-20 17:54:32	Name: CONSENT Value: PENDING+890
en.firstgooal.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 962981c8600389ef25e88a542d583fd8
en.firstgooal.com/	1970-01-20 08:21:24	Name: qa_key Value: 6vh06qb9iy1dopual1lig5e5d8d1ylvh
.firstgooal.com/	1970-01-20 17:40:08	Name: __gads Value: ID=9b3a3e9d3ee1a715-22966f412fda00a6:T=1671512199:RT=1671512199:S=ALNI_MYkRV7qcrLN0KIpCzx16LYXnfz_FQ
.firstgooal.com/	1970-01-20 17:40:08	Name: __gpi Value: UID=00000b9564a08187:T=1671512199:RT=1671512199:S=ALNI_MaguXuVhQsI51f9Y8ig-QHIX0voYQ
.firstgooal.com/	1970-01-20 17:54:32	Name: _ga Value: GA1.2.1165645210.1671512199
.firstgooal.com/	1970-01-20 08:19:58	Name: _gid Value: GA1.2.700983501.1671512200
.firstgooal.com/	1970-01-20 08:18:32	Name: _gat_gtag_UA_62733008_15 Value: 1
.doubleclick.net/	1970-01-20 17:40:08	Name: IDE Value: AHWqTUnvMW0v3-IyWZBJEkLbLu35vdwVeifjKJt_6kN9wia_vne7S3wbRZs9shI6Yxg
.doubleclick.net/	1970-01-20 08:18:33	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-20 08:18:35	Name: DSID Value: NO_DATA
.quantserve.com/	1970-01-20 10:28:08	Name: d Value: EFIBCQHtJ4EA
.quantserve.com/	1970-01-20 17:48:46	Name: mc Value: 63a14089-1bb33-79979-1552c
.mathtag.com/	1970-01-20 17:44:27	Name: uuid Value: ca4563a1-4089-4a00-9326-841ae01613d0
.mathtag.com/	1970-01-20 09:01:44	Name: mt_mop Value: 4:1671512201
.yahoo.com/	1970-01-20 17:04:29	Name: A3 Value: d=AQABBIlAoWMCEIEUWr2HOf-oQFaqIHCM2w0FEgEBAQGSomOrYwAAAAAA_eMAAA&S=AQAAAn9W-wXTX_fV685Vsh7ZkGQ
.turn.com/	1970-01-20 12:37:44	Name: uid Value: 3976970417377995435
.360yield.com/	1970-01-20 10:28:08	Name: tuuid Value: 8eb846d9-1ff0-44ce-be10-e099ee326483
.360yield.com/	1970-01-20 10:28:08	Name: tuuid_lu Value: 1671512201
.awin1.com/	1970-01-20 08:22:51	Name: awpv11354 Value: 412871\|1671512201\|b1861030-8022-11ed-bfbc-22342ff4a6f7
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 377129:2470185
www.conrad.de/	1970-01-20 08:25:44	Name: HTLP_timestamp Value: 1671512201
www.conrad.de/	1970-01-20 08:25:44	Name: CEAffHA Value: YD
.www.conrad.de/	1970-01-20 08:18:34	Name: __cf_bm Value: 2GCMJ9q8BQyJEDAM_22wv8c4O.f89ZhBHkaWPPUHwY8-1671512201-0-AfcP0rqRb6ptK/y2y69HvOY2zx+uNjcxKqbD+b23FgiaxHhoEDi2E4h1dScXRAnRR/ASCfRowxd26WqLiZ4t09M=
.blau.de/	1970-01-20 08:28:37	Name: nscT486 Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTI3MDAwMDAwMDA2MTY3MTUxMjIwMXZsZWExZGUyMDIyMTIyMDA1NTY0MTc5NjY2NDE4OTU3WDExMzc1MlYxMjI1MTMxMTA2TVN2aWV3b25laWRSNVhmZ2Y2UUZYMjdUa0h3SDN0UXRkZEFGd1R6VDdnczdvbmVpZF9fc3VpdGVfTmV0bWl4X1JlYWNoNDNfVG9wUm90YU1vbnRoMTEzNzUy
.blau.de/	1970-01-20 08:28:37	Name: nscQ486 Value: V
.blau.de/	1970-01-20 08:28:37	Name: webShopPV Value: ?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_113752_-HTLP&utm_term=AFF_la_113752_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2022122005564179666418957X113752V1225131106MSviewoneidR5Xfgf6QFX27TkHwH3tQtddAFwTzT7gs7oneid__suite_Netmix_Reach43_TopRotaMonth&wfid=113752
.o2online.de/	1970-01-20 08:28:37	Name: nscT485 Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTI4MDAwMDAwMDA2MTY3MTUxMjIwMXZsZWExZGUyMDIyMTIyMDA1NTY0MTc5NjY2NDE4OTUzWDExNzcwM1YxMjI2MTMyNzAyTVN2aWV3b25laWQ3MnhjcWZnekhqWG1ydXJIWEhndEF0VlZlZkdUMVRNSkNNb25laWRfX3N1aXRlX05ldG1peF9SZWFjaDQzX1RvcFJvdGFNb250aDExNzcwMw
.o2online.de/	1970-01-20 08:28:37	Name: nscQ485 Value: V
.o2online.de/	1970-01-20 08:28:37	Name: webShopPV Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_117703_-HTLP&utm_term=AFF_la_117703_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2022122005564179666418953X117703V1226132702MSviewoneid72xcqfgzHjXmrurHXHgtAtVVefGT1TMJCMoneid__suite_Netmix_Reach43_TopRotaMonth&wfid=117703&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTI4MDAwMDAwMDA2MTY3MTUxMjIwMXZsZWExZGUyMDIyMTIyMDA1NTY0MTc5NjY2NDE4OTUzWDExNzcwM1YxMjI2MTMyNzAyT

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ad.turn.com
ad4m.at
adservice.google.com
adservice.google.de
as.ad4m.at
assets.ad4m.at
bit-ly.mobi
cm.g.doubleclick.net
cms.quantserve.com
en.firstgooal.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
match.360yield.com
onetag-sys.com
pagead2.googlesyndication.com
partner.blau.de
partner.googleadservices.com
partner.o2online.de
pr-bh.ybp.yahoo.com
prod-rtb.ad4mat.net
r.turn.com
ssbsync.smartadserver.com
static-de.ad4mat.net
sync.mathtag.com
tpc.googlesyndication.com
www.awin1.com
www.cepba.com
www.conrad.de
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.lead-alliance.net
www.telefonica-partner.de
142.11.214.173
142.250.186.66
172.217.18.6
184.24.12.207
185.29.132.241
185.86.137.108
200.68.105.151
2001:678:cb4:bbbb::11
2600:1901:0:76b9::
2606:4700:20::681a:61b
2606:4700:20::681a:ad1
2606:4700:20::ac43:4a81
2606:4700::6812:7e05
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1450:4001:806::2002
2a00:1450:4001:806::200e
2a00:1450:4001:80f::2004
2a00:1450:4001:810::2003
2a00:1450:4001:812::2002
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2008
2a05:d018:d29:3605:34b4:e687:cbf8:5ec7
2a06:98c1:3120::3
46.4.41.145
51.89.9.251
63.33.20.36
84.200.5.215
88.99.63.132
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
075c15c5e5b127cfd89b352a4f8e8d615d0abcc80977022ba45ad2032d26f535
07a75636966b34dd8bbafee0ebced659b03bab0e57641e1fa035ca7da0bd39ce
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cd7589fdfb2e5e2270125b6f55d48c05e92480c68ebdc6851990a57e41e1f15
0f3c69a00257cbd9c7189286843ba03ba5febbf57fe11dca020326fc25762be1
0f487a8e2eb60caa6603feadd7fc7457f3c2cdd4f4a44ace6fe01113795c08e8
0fc6327e965679b41a818cf88fdaf0b16e586c0ac03bc72d49c4f47e2ed02336
143daad80da8fd7212166e55b02db27e12112bc0cc53bc29fccb8bb4e9f13db7
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18e9556a8754dd91d36960cd93a25ec953ce7e4f4f0c2b09fb53b847409ca99d
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
247a43d8ce2bbc38b8df7dcaf65afbec014dbac1b6217fc4c2aac36ecd8e6ea9
29aba457c277278516480abb675c844f12e33896e08eafb34e06695ebeeef761
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358
4d0ed9630334a711204c67723b1eb52755c8316466fa7e4e601958e0c12a5da9
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
52208c2b1ba7375b1f96157575b2bf2239e088ed7bcc933775f0c687fcab4863
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5eecfa645aee35cb0c6820e187451ab14a9df51283635a2117d7ba866a6a74aa
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65f642d667248f7bbff678b8bdea6f755ddbcd4c1e492e7d6a60c25474f84c52
6b094a140ea1c9e6edece62a54ab0d4fb5a600ba71495dc8835a12621e49204e
6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7024493525030ecd098ce0dcb2f0aea839373775120b40580028137b1d125ac9
735b3be23232701a18d29f7f71b6a4438d0ce347329596ff4493693409d80d43
78ab873cd0de5bd4c8a2b6a87d85b95a047eed79c6d5a15366aa08014281fb28
824de40e353f2eaaf4828f927a03331984b995bf7fc59edc4ff08f9e178822db
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
8be9473e05b07647a8d0418abe9e30527781bf152097433e9ba86b7fa9652815
9624c9f30634be84a224d007e5df178a51107bff3e456e2a90b504cbf350d190
981792df4c11fb32fea9720db6c7c82dd96da4247fd29ff170b53903e116eecc
9981fe418ecdec353f9dfbf9f2bcd8be3a4093d0cf5cde7c24ec36bda7b5a3d9
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bfc7d34cd8bc7df36a984d6f3da50799752e33c48bbf07a4a1ee959b51476d0
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a367f9cf3571ed5286dde52201aa83d0358491ecc24efd875369dabb2241982b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6c80048fca18cc45f6c0749133c56392fa296253e0797f1b6cb5748eb15487e
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a90c4dd552003071e2c21de0a1d160a689f6f057423b3db8d601b285bdc2c96d
a90fe747bc217c49315c23c1c332bb255d3c5fd46ec85b0218b5f85bbbf6bd0c
a983ec1308781984ea4503dd1c4e1317b2b48dcb17dd1a6e68df68560951784b
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b4ef3a11367a47a75f7cb4ed6e944472d190c86813cd2ffdb04a32358dc4e799
b79950172d0e6c3091a44a69d615ee5711f57bb59e202b2a383d48e4ca2a4ce3
b813b0dc2bc80e9bfd7a8e0c604ae81d21e375e3a01f6e183804f9d3e97f0f17
ba9c6b6fc81aa86219088472877d00f9400e588b924a8af157cc4580abdd4a32
bc1911cb5784c8f52e1d4625bf827e07359236eb5d87b1d921efb9a29c5a7b35
c104ec098bbe63627860a2d0144e9864c4db095e1e4f1e9f38119affa80bc39c
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c7aca9ebef12465aad206aae5351ba575eebe4b5e3f0fb1d99f4f92f1c4f396d
c869eee7c2ce2a353b56673701ed011a859566a2a683127c340131b69fd1268b
ccc415761dc5487c6d953e1ff0de4904b7bca42512371811d84e712253628f97
cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
dc0267e17f3bd3a2977910d47c34855d4c282e97502e6e1b0d3eb44b8b231405
dd647e25ca1d7387ca88482d32b6526cb86f32b2bcee22f74e900f0dc5f8941d
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb39b6e853399ccb8cd2af2b6c43232e2fc840b466f18c18be533ff00e77989b
eb69d9e0cb830e3add604e60faf8f784835e5f1ba28bb38850ba19784f30911d
ec87b51d7f7c3a8984b9a740be243c15a44d3cec1f2c6c081fcc06d69bee6560
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f63ba732f86b82e5cd73a7bb3a8584dfaabd9d59d0210aed84a1c58fca9d4a7b
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f8b377f321625f6cdf3dc40980398c8d5ae8010100b9e5829abf92734eab3847
fc33b45263293ec5eabd643002366df8d5df896aeb804f7eafb339edf67c58f1

en.firstgooal.com Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

141 Requests

94 %HTTPS

64 %IPv6

28 Domains

37 Subdomains

28 IPs

6 Countries

1778 kBTransfer

4129 kBSize

31 Cookies

2 Outgoing links

Page URL History

Redirected requests

141 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

en.firstgooal.com Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

141
Requests

94 %
HTTPS

64 %
IPv6

28
Domains

37
Subdomains

28
IPs

6
Countries

1778 kB
Transfer

4129 kB
Size

31
Cookies

141 HTTP transactions
9 data transactions