www.firmasec.com Open in urlscan Pro
2606:4700:3033::6815:1d6d  Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://firmasec.com/ HTTP 301
   https://www.firmasec.com/ Page URL
   

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

• https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=2062093466&utmhn=www.firmasec.com&utme=8(Ana%20Sayfa)9(Ana%20Sayfa)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Firma%20se%C3%A7%20%2F%20firmasec.com&utmhid=1137137166&utmr=-&utmp=%2F&utmht=1682047571771&utmac=UA-54841386-1&utmcc=__utma%3D13758880.1099387567.1682047572.1682047572.1682047572.1%3B%2B__utmz%3D13758880.1682047572.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1953217776&utmredir=1&utmu=qQAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
• https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-54841386-1&cid=1099387567.1682047572&jid=1953217776&_v=5.7.2&z=2062093466 HTTP 302
• https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-54841386-1&cid=1099387567.1682047572&jid=1953217776&_v=5.7.2&z=2062093466 HTTP 302
• https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-54841386-1&cid=1099387567.1682047572&jid=1953217776&_v=5.7.2&z=2062093466&slf_rd=1&random=1875784171

Request Chain 45

• https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODo3u__mQEQsAkYsAkyCK19gLJhZIVR HTTP 301
• https://tpc.googlesyndication.com/simgad/10320518866760817365

Request Chain 122

• https://ad.turn.com/r/cs?pid=3&google_gid=CAESEAo7MMzpiS8yz_14ao4WtGE&google_cver=1&google_push=Aer7DvIBaNx-0P2XjBnWmZ_ap4TnfSVr4I7O2OCdm9az9Ll7uFLjlzRaq4bw362iCEqD2iH0afF4EIdua1Nwg6DUAZYq86DgpdrRqQ HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzMxMDE4MTg1MzM4OTYyMjkzMA==&gdpr=&gdpr_consent= HTTP 302
• https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAo7MMzpiS8yz_14ao4WtGE&google_cver=1

Request Chain 125

• https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESENKAnJrIUb4zINNrTge7FIY&google_cver=1&google_push=Aer7DvIvf3-y7-0m7yUoZa-8F-xBp6toK__T3R2cZVAfsK5UifAYVu-sjMD4h4P5XQrgsCq5lgL_z6fehhZpakzcqNmHwLJizAZD4Jc HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aer7DvIvf3-y7-0m7yUoZa-8F-xBp6toK__T3R2cZVAfsK5UifAYVu-sjMD4h4P5XQrgsCq5lgL_z6fehhZpakzcqNmHwLJizAZD4Jc&google_hm=hghBJctSRfWoLm9rfWhSUrg

Request Chain 126

• https://ads.travelaudience.com/google_pixel?google_gid=CAESEBkmyt90Lmu51vnm-YeF_0k&google_cver=1&google_push=Aer7DvJHQFAuKQ_MJflIGFsZZSCtRr7odj_MgLJNj0CjD-lCGbj0KUSVDnX67u8u2yo_FZqZmZK5wtLZuKfFGTEAhX7G9ULGyg6TQR0 HTTP 307
• https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=MbsUoHWXQNSZrNwlBowLog2&google_push=Aer7DvJHQFAuKQ_MJflIGFsZZSCtRr7odj_MgLJNj0CjD-lCGbj0KUSVDnX67u8u2yo_FZqZmZK5wtLZuKfFGTEAhX7G9ULGyg6TQR0

Request Chain 127

• https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMSVjRYRdw2HpUYk0nJRaJc&google_cver=1&google_push=Aer7DvJeAgkqlO470DbVTgGivR2B3rkMdJR58QGA-0eTKP1x4CczYs6e1A0GwY43oQ-LOqI1-lZouaMEEknhOhAEZN6aPbk3ajTmjnQ HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvJeAgkqlO470DbVTgGivR2B3rkMdJR58QGA-0eTKP1x4CczYs6e1A0GwY43oQ-LOqI1-lZouaMEEknhOhAEZN6aPbk3ajTmjnQ&google_hm=eS1WZzBkeWtGRTJwSG4xYzR4R0daRjhSb3U4TlE5bEhMZ35B

Request Chain 128

• https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEII_BES9OGHkJYyVJ-B81t8&google_cver=1&google_push=Aer7DvLXC5rZ9v8mSGzoYuLQ9XLTnxIhMS1aSKeRRvLmlA1OagRbouPomITotx7DnSthuTz6o1cImbeEF-dpylO9HDEitop1c2qMd3o HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdQWlAyTlMtMTctNEZOOQ==&google_push=Aer7DvLXC5rZ9v8mSGzoYuLQ9XLTnxIhMS1aSKeRRvLmlA1OagRbouPomITotx7DnSthuTz6o1cImbeEF-dpylO9HDEitop1c2qMd3o

Request Chain 142

• https://ad.turn.com/r/cs?pid=3&google_gid=CAESEAo7MMzpiS8yz_14ao4WtGE&google_cver=1&google_push=Aer7DvJ7G0K2Qibbox6M5UnRlT1TKxeL4kqokjX_HjOlEkHERxbHI9jhvmATIqlF3UJnu9pQgE0CNjnhAHMnJpkZ8urtbHSjpPxsTC8 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzIzODEyNDI1OTM1MTY5NDk5NA==&gdpr=&gdpr_consent= HTTP 302
• https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAo7MMzpiS8yz_14ao4WtGE&google_cver=1

Request Chain 144

• https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKrdRy9UjixmFxdmxlKyIEY&google_cver=1&google_push=Aer7DvIgLxL0RFZ8psI-PpNzW5Aa0hCguvUb9YTKVy10P2VTbSGbHNkU0KLR3oNpnaP-qDuOiduQPBbbPcAb3MG5w7PKKGUIcAWnG1w HTTP 302
• https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKrdRy9UjixmFxdmxlKyIEY&google_cver=1&google_push=Aer7DvIgLxL0RFZ8psI-PpNzW5Aa0hCguvUb9YTKVy10P2VTbSGbHNkU0KLR3oNpnaP-qDuOiduQPBbbPcAb3MG5w7PKKGUIcAWnG1w HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZERpRjB6ZncxUFBIcEE1&google_gid=CAESEKrdRy9UjixmFxdmxlKyIEY&google_cver=1&google_push=Aer7DvIgLxL0RFZ8psI-PpNzW5Aa0hCguvUb9YTKVy10P2VTbSGbHNkU0KLR3oNpnaP-qDuOiduQPBbbPcAb3MG5w7PKKGUIcAWnG1w

Request Chain 145

• https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEPT3FUf0K1WBmfzjmB8elno&google_cver=1&google_push=Aer7DvJM7_6FPgo2gNwxJ-t8q2mDj64VKCmt6ms09v102-7cvCUTsdUGav8-yuREq5SAcIOahcvg7Jg1bNxa_9SmA75ioQS9Lep8MA HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvJM7_6FPgo2gNwxJ-t8q2mDj64VKCmt6ms09v102-7cvCUTsdUGav8-yuREq5SAcIOahcvg7Jg1bNxa_9SmA75ioQS9Lep8MA

Request Chain 146

• https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESENKAnJrIUb4zINNrTge7FIY&google_cver=1&google_push=Aer7DvLN7S6VaYQkJSsjxDjN7Qta1J0UfowJZgoye3xctpOUbFUOg-RVxGcA2umbBnTRcSl4UYyYckSxWYij7dMKgmB2pvFvojJ9Ow HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aer7DvLN7S6VaYQkJSsjxDjN7Qta1J0UfowJZgoye3xctpOUbFUOg-RVxGcA2umbBnTRcSl4UYyYckSxWYij7dMKgmB2pvFvojJ9Ow&google_hm=e0GHkbAbTcSMM82JEmyS77g

Request Chain 147

• https://ads.travelaudience.com/google_pixel?google_gid=CAESEBkmyt90Lmu51vnm-YeF_0k&google_cver=1&google_push=Aer7DvICfEAFKht2cSLazgHsozDQWfP5x02jciS2aX8dYt7y2G0HcruXvUNGh8l0RVO5xsVnlqrp_gokmyMk9G-dNc2MUjUllF7VKg HTTP 307
• https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=bbw37khwS1KxqrEmFKSR8g2&google_push=Aer7DvICfEAFKht2cSLazgHsozDQWfP5x02jciS2aX8dYt7y2G0HcruXvUNGh8l0RVO5xsVnlqrp_gokmyMk9G-dNc2MUjUllF7VKg

Request Chain 148

• https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMSVjRYRdw2HpUYk0nJRaJc&google_cver=1&google_push=Aer7DvKNBD8lhVSszs5PPrmpc-ojC-DPAE5z2Ww94RXR8Pcbw8e7P4TAz2ENCUZJHszPAoWnXj4B2jgF-E-HdRYSEeMvSnR2bIb8oFI HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvKNBD8lhVSszs5PPrmpc-ojC-DPAE5z2Ww94RXR8Pcbw8e7P4TAz2ENCUZJHszPAoWnXj4B2jgF-E-HdRYSEeMvSnR2bIb8oFI&google_hm=eS1ianVYZXBkRTJwRkF3b1AwVHBRRDA3Vzd0RU1aQ0pic35B

Request Chain 151

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 157

• https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMoo38pA2OeZMcmq9luMOlU&google_cver=1&google_push=Aer7DvKm4wioeZAhjM5zHyJb3zgeCk4PeZ64kxuUxRSnfzdGirIFDzoOPXFGe99XrmlTm0DLb3nd3vgCUZgmvLp-MFXT217xn1-f_tHb HTTP 302
• https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=Aer7DvKm4wioeZAhjM5zHyJb3zgeCk4PeZ64kxuUxRSnfzdGirIFDzoOPXFGe99XrmlTm0DLb3nd3vgCUZgmvLp-MFXT217xn1-f_tHb&google_hm=4JzQBsXK8J3ka_PNxXc-HQ

Request Chain 158

• https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKrdRy9UjixmFxdmxlKyIEY&google_cver=1&google_push=Aer7DvLpv5lSqzaRS52HFvFvWghEwrgK4cpVMX0oQWFz6_kl5oHOIF63Nzh__-33CkSpStG8eWRRAOWUPJsHEAWpyeRcjWwh26THQA8l HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZERpRjB6ZncxUFBIcEE1&google_gid=CAESEKrdRy9UjixmFxdmxlKyIEY&google_cver=1&google_push=Aer7DvLpv5lSqzaRS52HFvFvWghEwrgK4cpVMX0oQWFz6_kl5oHOIF63Nzh__-33CkSpStG8eWRRAOWUPJsHEAWpyeRcjWwh26THQA8l

Request Chain 159

• https://a.tribalfusion.com/i.match?p=b6&u=CAESEFrN3rLN9sKLaXr7pCDnw_w&google_cver=1&google_push=Aer7DvLAV1A8NGgZav_O2FcpwosFCffKSW9d9GOiVmN7wb5e184KNGO27cujdAWYeZohCfWLGi96Jx6pAPxWJRS0JeuhF5kGcysLGNE&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAer7DvLAV1A8NGgZav_O2FcpwosFCffKSW9d9GOiVmN7wb5e184KNGO27cujdAWYeZohCfWLGi96Jx6pAPxWJRS0JeuhF5kGcysLGNE%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
• https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFrN3rLN9sKLaXr7pCDnw_w&google_cver=1&google_push=Aer7DvLAV1A8NGgZav_O2FcpwosFCffKSW9d9GOiVmN7wb5e184KNGO27cujdAWYeZohCfWLGi96Jx6pAPxWJRS0JeuhF5kGcysLGNE&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAer7DvLAV1A8NGgZav_O2FcpwosFCffKSW9d9GOiVmN7wb5e184KNGO27cujdAWYeZohCfWLGi96Jx6pAPxWJRS0JeuhF5kGcysLGNE%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 160

• https://um.simpli.fi/gp_match?google_gid=CAESEIVXjygQykzLCxLIMlixFDA&google_cver=1&google_push=Aer7DvJNG-C46HlbTX4jfz43vIzJvNnVKyiUQmwq87lp65WfWFN6U-jm1fIObvw_GUbdd9DpGaXYKAmB4MkV9wRCaUfmQ0N5ql8Hs_AE HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D8A6729D71D54AA5B43C82E54A4C02E9&google_push=Aer7DvJNG-C46HlbTX4jfz43vIzJvNnVKyiUQmwq87lp65WfWFN6U-jm1fIObvw_GUbdd9DpGaXYKAmB4MkV9wRCaUfmQ0N5ql8Hs_AE

Request Chain 161

• https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESENKAnJrIUb4zINNrTge7FIY&google_cver=1&google_push=Aer7DvL3vcy-3BjKh088t5uGj8N9Vz1Qp6264uHY_VVq5GvC18pub5v32_eAgqTRc-WmCpzGuLA6qaGOP97zrWNbBoPWXiWyJuh5t32u HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aer7DvL3vcy-3BjKh088t5uGj8N9Vz1Qp6264uHY_VVq5GvC18pub5v32_eAgqTRc-WmCpzGuLA6qaGOP97zrWNbBoPWXiWyJuh5t32u&google_hm=e0GHkbAbTcSMM82JEmyS77g

Request Chain 162

• https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECdDTcriaynJn5wwcBqTdxM&google_cver=1&google_push=Aer7DvJ3-d_tEtH6qsPIk2SXP8RLcYlaO0ZFI43qM5v2kzIAsfey3p-7vrjuSvSnfyO3S6oWbfStaDb5qGYp87abWYndcViyMWlSCO4c HTTP 302
• https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESECdDTcriaynJn5wwcBqTdxM&google_cver=1&google_push=Aer7DvJ3-d_tEtH6qsPIk2SXP8RLcYlaO0ZFI43qM5v2kzIAsfey3p-7vrjuSvSnfyO3S6oWbfStaDb5qGYp87abWYndcViyMWlSCO4c HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTA3ODg5NzcwNzMyMjI0MzU5OQ&google_push=Aer7DvJ3-d_tEtH6qsPIk2SXP8RLcYlaO0ZFI43qM5v2kzIAsfey3p-7vrjuSvSnfyO3S6oWbfStaDb5qGYp87abWYndcViyMWlSCO4c

Request Chain 163

• https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGbxOcOaO9oYbdy9EO-mxKQ&google_cver=1&google_push=Aer7DvJ-joo1FEn4IF-T3pf3iWKDr3-BQTrfTHChYW8xHmY56w2cBmK8uoSllzyuUTeN0QdJtuq8GLJQKssJMJmi85u0Df4zuRjLPUhq HTTP 302
• https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEGbxOcOaO9oYbdy9EO-mxKQ&google_push=Aer7DvJ-joo1FEn4IF-T3pf3iWKDr3-BQTrfTHChYW8xHmY56w2cBmK8uoSllzyuUTeN0QdJtuq8GLJQKssJMJmi85u0Df4zuRjLPUhq&s=184023&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGbxOcOaO9oYbdy9EO-mxKQ&google_hm=ZEICVtBPdtU5EneKbn-26wAADRQAAAAB&google_nid=index&google_push=Aer7DvJ-joo1FEn4IF-T3pf3iWKDr3-BQTrfTHChYW8xHmY56w2cBmK8uoSllzyuUTeN0QdJtuq8GLJQKssJMJmi85u0Df4zuRjLPUhq

Request Chain 165

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 166

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 167

• https://redirector.gvt1.com/videoplayback?id=88fe82f39e55ed14&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1682054772&sparams=ip,ipbits,expire,id,itag,source,requiressl&signature=4ADE0CCB7D94660444CEEC55A88694B6EDF429B3.25AE943D79AC6B6B4476FB9E6EB661AB7ADFA4C6&key=ck2 HTTP 302
• https://r5---sn-5hnednss.gvt1.com/videoplayback?id=88fe82f39e55ed14&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1682054772&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=4B3A1A7D817253D8594660FDD0B4F2BFD5ABC510.46CF2B1D75E6EA9700E1EB2E85044870CF078288&key=cms1&cms_redirect=yes&mh=Io&mip=2a03:1b20:6:f011::6e&mm=28&mn=sn-5hnednss&ms=nvh&mt=1682047176&mv=u&mvi=5&pl=48

Request Chain 171

• https://a.tribalfusion.com/i.match?p=b6&u=CAESEFrN3rLN9sKLaXr7pCDnw_w&google_cver=1&google_push=Aer7DvIuylREnrpMKua_tvt_P-whO0qYjD6GuHYYQgjb_xBH2pT3dy2hyIcuEblmuMLnqxLGRpJUwnL_wmWFxysD1Wli2F6vLoV7Igs&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAer7DvIuylREnrpMKua_tvt_P-whO0qYjD6GuHYYQgjb_xBH2pT3dy2hyIcuEblmuMLnqxLGRpJUwnL_wmWFxysD1Wli2F6vLoV7Igs%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
• https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFrN3rLN9sKLaXr7pCDnw_w&google_cver=1&google_push=Aer7DvIuylREnrpMKua_tvt_P-whO0qYjD6GuHYYQgjb_xBH2pT3dy2hyIcuEblmuMLnqxLGRpJUwnL_wmWFxysD1Wli2F6vLoV7Igs&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAer7DvIuylREnrpMKua_tvt_P-whO0qYjD6GuHYYQgjb_xBH2pT3dy2hyIcuEblmuMLnqxLGRpJUwnL_wmWFxysD1Wli2F6vLoV7Igs%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 173

• https://ads.travelaudience.com/google_pixel?google_gid=CAESEBkmyt90Lmu51vnm-YeF_0k&google_cver=1&google_push=Aer7DvIzM3Y_uJEBQiNRlR6JJffcxGHBtbmtJXJGjxoP-O1NCbQUAkRrEplYHxSdhKZmrbrqJkXNFT4n6_1B7FL6g9CkWXhZkFKIkq3L HTTP 307
• https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=bbw37khwS1KxqrEmFKSR8g2&google_push=Aer7DvIzM3Y_uJEBQiNRlR6JJffcxGHBtbmtJXJGjxoP-O1NCbQUAkRrEplYHxSdhKZmrbrqJkXNFT4n6_1B7FL6g9CkWXhZkFKIkq3L

Request Chain 174

• https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEBXggUtJR39w4-QwYcZR6Zk&google_cver=1&google_push=Aer7DvJEQVVdob0KDnswXh8qG_HAriG7nrkKmWaeP7U1mJm7fCzDJMpUdAxdqAz4ld4JohlYvv2AxkMguhocK43K2L1TTtm3fOvZycHa HTTP 302
• https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEBXggUtJR39w4-QwYcZR6Zk&google_cver=1&google_push=Aer7DvJEQVVdob0KDnswXh8qG_HAriG7nrkKmWaeP7U1mJm7fCzDJMpUdAxdqAz4ld4JohlYvv2AxkMguhocK43K2L1TTtm3fOvZycHa HTTP 302
• https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle HTTP 307
• https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle HTTP 302
• https://x.bidswitch.net/sync?dsp_id=59&user_id=d8eca6d5-f81e-449b-8b2b-d6241a679b53&ssp=google HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvJEQVVdob0KDnswXh8qG_HAriG7nrkKmWaeP7U1mJm7fCzDJMpUdAxdqAz4ld4JohlYvv2AxkMguhocK43K2L1TTtm3fOvZycHa&google_hm=D5oYvtpSRXKeX6u2OxOGCA==

Request Chain 175

• https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMSVjRYRdw2HpUYk0nJRaJc&google_cver=1&google_push=Aer7DvIOHIcecjXOyEM0eAsSEvGx7XIM7zij3BBI7Q8f2VxzkpLMPdKXbWTjX7xQ7CeqT77NN6zgVYYS0jCIEVa_pNyZLLSNIXXR994k HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvIOHIcecjXOyEM0eAsSEvGx7XIM7zij3BBI7Q8f2VxzkpLMPdKXbWTjX7xQ7CeqT77NN6zgVYYS0jCIEVa_pNyZLLSNIXXR994k&google_hm=eS1ianVYZXBkRTJwRkF3b1AwVHBRRDA3Vzd0RU1aQ0pic35B

Request Chain 176

• https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECdDTcriaynJn5wwcBqTdxM&google_cver=1&google_push=Aer7DvK2rh62uS3CHhpqLCNPwzFFbfOXqvJA4swxFh4V5px8W61cPe44wHeTTQ5lCOZDeBanggGJaJhC1rg2phQYxFdcMaKgXiPa-CjG HTTP 302
• https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESECdDTcriaynJn5wwcBqTdxM&google_cver=1&google_push=Aer7DvK2rh62uS3CHhpqLCNPwzFFbfOXqvJA4swxFh4V5px8W61cPe44wHeTTQ5lCOZDeBanggGJaJhC1rg2phQYxFdcMaKgXiPa-CjG HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzAzNjM1ODA0NjcxMDI1MzI4OQ&google_push=Aer7DvK2rh62uS3CHhpqLCNPwzFFbfOXqvJA4swxFh4V5px8W61cPe44wHeTTQ5lCOZDeBanggGJaJhC1rg2phQYxFdcMaKgXiPa-CjG

Request Chain 177

• https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEM151-fCxEFoWRKdfA2_dOA&google_cver=1&google_push=Aer7DvLkEz1uMtwjuUYAMcE_T9KMiYKAfRp1g2I5aCNOOVeZRHZ6EagiOH-P0dIJ4-R8r3_LDgbCVJ9NiZjOQS8ZZJEoRDBff_8cPRpUuQ HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aer7DvLkEz1uMtwjuUYAMcE_T9KMiYKAfRp1g2I5aCNOOVeZRHZ6EagiOH-P0dIJ4-R8r3_LDgbCVJ9NiZjOQS8ZZJEoRDBff_8cPRpUuQ HTTP 302
• https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 190

• https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3Dmm_SUBIDTEST_view HTTP 302
• https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CNH148GDuv4CFQ2FgwcdiQIECA;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3Dmm_SUBIDTEST_view HTTP 302
• https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=mm_SUBIDTEST_view HTTP 302
• https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=mm_SUBIDTEST_view HTTP 302
• https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023042105261584133024565X117703V1226132702MSmm_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=2023042105261584133024565X117703V1226132702MSmm_SUBIDTEST_view&wfid=117703&partnerid=12218

Request Chain 196

• https://c.clarity.ms/c.gif HTTP 302
• https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=498AC3FD68064DC99807D93859A97EDF&RedC=c.clarity.ms&MXFR=3BF39F6A1EB269FD3AAB8D901AB26719 HTTP 302
• https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=498AC3FD68064DC99807D93859A97EDF&MUID=24FE074FBFA96ADE033315B5BEC26B4B

199 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
9 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.firmasec.com/ Redirect Chain https://firmasec.com/ https://www.firmasec.com/	131 KB 16 KB	235ms 216ms	Document text/html	2606:4700:3033::6815:1d6d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.firmasec.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:1d6d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5953627540cfb9f7ecc6e58c53810c0800cb43591e57316d9fba5d7e2928736d Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control no-cache, private cf-cache-status DYNAMIC cf-ray 7bb286278f6f901f-FRA content-encoding br content-type text/html; charset=UTF-8 date Fri, 21 Apr 2023 03:26:11 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sQjE4HoYobQFQ8K5jaK57jNNPleFv52oc8GBSpAiqLBFulzt50sE%2B1PiqGdKCVe4KPMjP6MmvVEqCH5tqdPMFW9CzpO10jvZfCU%2Fy1S%2BX4WDNCD6UyQXWS%2Bx4OJ8TF4rgvSKVzDDsxmpv%2Bc1LMcW"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding Redirect headers cf-cache-status DYNAMIC cf-ray 7bb286273f3e901f-FRA content-type text/html date Fri, 21 Apr 2023 03:26:11 GMT location https://www.firmasec.com/ nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KhPB2tE6wlNY0ToRr2OhgMex%2FNalc%2BtLe9%2Bs%2B6TSvVQFh4OprMbjj76Bc0Cn25GW7FSzAGMOGLOCAA6UKIiSA1whJ7geznPcuNAy1Fr4YMO86uBqRJboxIiJYyE1qEofxnhnsqPHQMqnn4o%3D"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H2	200	logo.png www.firmasec.com/assets/img/	11 KB 12 KB	20ms 19ms	Image image/png	2606:4700:3033::6815:1d6d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.firmasec.com/assets/img/logo.png Requested by Host: www.firmasec.com URL: https://www.firmasec.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:1d6d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0fdeb84a665652d068eead6224d1ab22d3faf0653688456e79b6059198c49f26 Request headers accept-language de-DE,de;q=0.9 Referer https://www.firmasec.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 03:26:11 GMT cf-cache-status HIT last-modified Thu, 04 Feb 2021 00:45:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 39299 etag "601b43c2-2db9" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x2Ii6ls2%2FvRMGSwwabJMqtwCg0GCDFsErdafjRK75Acohjpv1GYa%2FIYHzQgXOaoZ1fvhCl9NxFDJVsY4j3SNSR2zLQWyJF0bQZFSse%2F%2Bsh6CGuuOINY55ZoYUJMRBYw9kYL32Tqv9sVMLzbUZayx"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=2592000 accept-ranges bytes cf-ray 7bb286291834901f-FRA content-length 11705 expires Sat, 20 May 2023 16:31:12 GMT
GET H2	200	logo-icon.png www.firmasec.com/assets/img/	10 KB 10 KB	21ms 21ms	Image image/png	2606:4700:3033::6815:1d6d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.firmasec.com/assets/img/logo-icon.png Requested by Host: www.firmasec.com URL: https://www.firmasec.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:1d6d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aea37a3c0fc392d4f0f76a43d5d880c6844be27863d19278649194cdc059ba8c Request headers accept-language de-DE,de;q=0.9 Referer https://www.firmasec.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 03:26:11 GMT cf-cache-status HIT last-modified Thu, 18 Feb 2021 13:24:41 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 39299 etag "602e6a99-26b3" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v4PAcvV6JmB1zFSEmxIji7nGfUJFY5jE46%2FrA0WpFXJ8oTrptAIsUFxTJ%2BXW5LxvQkFN0yvJJ00iDCss7Ravwlzm%2FlzFot%2BeODmnzqsQSwkizC8S6UIm1e49SVI%2Bok8v3EFGN88dCE708wyMQoLT"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=2592000 accept-ranges bytes cf-ray 7bb286291835901f-FRA content-length 9907 expires Sat, 20 May 2023 16:31:12 GMT
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	138 KB 47 KB	181ms 84ms	Script text/javascript	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7403327254807716 Requested by Host: www.firmasec.com URL: https://www.firmasec.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 1362e02b8708271f208b418b0068caeb1a170127b72602c07912b21d2d1ac1ee Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.firmasec.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 03:26:11 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 47977 x-xss-protection 0 server cafe etag 12837548921461858413 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600 timing-allow-origin * expires Fri, 21 Apr 2023 03:26:11 GMT
GET H2	200	jquery-3.6.0.min.js Show response www.firmasec.com/web/scripts/	87 KB 32 KB	40ms 38ms	Script application/javascript	2606:4700:3033::6815:1d6d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.firmasec.com/web/scripts/jquery-3.6.0.min.js Requested by Host: www.firmasec.com URL: https://www.firmasec.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:1d6d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Request headers accept-language de-DE,de;q=0.9 Referer https://www.firmasec.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 03:26:11 GMT content-encoding br cf-cache-status REVALIDATED last-modified Sun, 03 Apr 2022 21:13:29 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"624a0df9-15d9d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7h6dspYXRGrf%2BGPU2psYlH%2F1B6O0GjWHU1Y%2FcpBEctbqN0S%2FgOhDIAUXk9k8JuQ3jx4%2FZxOt7dpAzT1xIvm1QtALEJk%2F1zj1TD5dbCu%2Fz3J7T5DkFvApuchrdi7iiddKLcaL6w83yotoUZhysLYz"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 7bb286292840901f-FRA
GET H2	200	jquery-migrate-3.3.2.min.js Show response www.firmasec.com/web/scripts/	11 KB 4 KB	24ms 24ms	Script application/javascript	2606:4700:3033::6815:1d6d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.firmasec.com/web/scripts/jquery-migrate-3.3.2.min.js Requested by Host: www.firmasec.com URL: https://www.firmasec.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:1d6d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Request headers accept-language de-DE,de;q=0.9 Referer https://www.firmasec.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 03:26:11 GMT content-encoding br cf-cache-status HIT last-modified Sun, 03 Apr 2022 21:13:29 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 18274 etag W/"624a0df9-2bd8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qnbrBtzQ2ZnjLNfw1nif5lRffFaIHLlP9HHzjogQPKL27suQeoP82KzQiHc39UBUNEK2NmSS88LXLE9ZahSHzO8n6zUAMTZJbogElNRFFy6x9A7zopIY1VAwLz6DDbq%2FClmmn885E263n0D6HkSH"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 7bb28629586b901f-FRA
GET H2	200	mmenu.min.js Show response www.firmasec.com/web/scripts/	68 KB 18 KB	34ms 34ms	Script application/javascript	2606:4700:3033::6815:1d6d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.firmasec.com/web/scripts/mmenu.min.js Requested by Host: www.firmasec.com URL: https://www.firmasec.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:1d6d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3050220f89c0af76302e29a8770bc745f1976ce361d436befd3cb9e5d1e4a913 Request headers accept-language de-DE,de;q=0.9 Referer https://www.firmasec.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 03:26:11 GMT content-encoding br cf-cache-status REVALIDATED last-modified Sun, 03 Apr 2022 21:13:29 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"624a0df9-111a0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6oNOVplkCgE%2Fw5B3q%2BhdavFqWTUbSZOz5R72G97DapuJpOWdnGSOJCNS8nklIo2nW4jJsLVpmPw3oE6xySKLYLx247Q6PcsX%2FXPy98l3BKfK8DskUy6yFtLfD1aXq4OfaVyS%2FBBS3cRS%2FfPANzYY"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 7bb28629686f901f-FRA
GET H2	200	chosen.min.js Show response www.firmasec.com/web/scripts/	27 KB 7 KB	33ms 33ms	Script application/javascript	2606:4700:3033::6815:1d6d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.firmasec.com/web/scripts/chosen.min.js Requested by Host: www.firmasec.com URL: https://www.firmasec.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:1d6d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f5f357aa086fb2680b9a87e725d9ac476d9c52fd1cdc64819bb4c79ac32139c4 Request headers accept-language de-DE,de;q=0.9 Referer https://www.firmasec.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 03:26:11 GMT content-encoding br cf-cache-status REVALIDATED last-modified Sun, 03 Apr 2022 21:13:29 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"624a0df9-6afc" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FR%2FzY%2BTT2xYxBpbifEOfN4FBiW2DxU%2B2D2c5AzwLKJxv3wHbNBn0hEuqttJIKMPu3Oyz8CJnrS0IUN%2BwM9Jy5it%2FvMewamijdPB%2BWMnW%2Fb1EyOAX6ED4Scl621WVVchjm%2BK8WBbNDOxovOlR9fyo"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 7bb286297877901f-FRA
GET H2	200	rangeslider.min.js Show response www.firmasec.com/web/scripts/	8 KB 3 KB	32ms 32ms	Script application/javascript	2606:4700:3033::6815:1d6d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.firmasec.com/web/scripts/rangeslider.min.js Requested by Host: www.firmasec.com URL: https://www.firmasec.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:1d6d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7b85a02b04b5b57387fca1e766d3478accf8b14142f11cd2665fdd80c890f773 Request headers accept-language de-DE,de;q=0.9 Referer https://www.firmasec.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 03:26:11 GMT content-encoding br cf-cache-status REVALIDATED last-modified Sun, 03 Apr 2022 21:13:29 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"624a0df9-1fe8" vary Accept-Encoding, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xGXIPHx7dreB70rl6QnlvbZpjku0P2y1SPf%2Bm4oITQmY9AovoaTLDQvPGoC7xSMxmpdUexU6ZxC5USPvF0ksrkzWUnnx%2FXjssbanyaA8MQfH%2FMorto227%2FLh4UXUUBVOLsF3ct5JFXxhvNGHelEB"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=2592000 cf-ray 7bb28629787c901f-FRA expires Sun, 21 May 2023 03:26:11 GMT
GET H2	200	magnific-popup.min.js Show response www.firmasec.com/web/scripts/	21 KB 8 KB	36ms 34ms	Script application/javascript	2606:4700:3033::6815:1d6d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.firmasec.com/web/scripts/magnific-popup.min.js Requested by Host: www.firmasec.com URL: https://www.firmasec.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:1d6d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c3aa67b3decc478877d0c95a55dd2a4520004d1c52a2cb3234257f939220eb8b Request headers accept-language de-DE,de;q=0.9 Referer https://www.firmasec.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 03:26:11 GMT content-encoding br cf-cache-status REVALIDATED last-modified Sun, 03 Apr 2022 21:13:29 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"624a0df9-5290" vary Accept-Encoding, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZT87KTqHpRguxGDigTjwh61rDqannO%2BzKEBlbNGZbaCG0AtAm8HGbjUbYK4wFrmT6%2B6p%2BDnGefClzUxvvSMO4BjrYu7JtwrQGQ90c2GuIyUk2UM1C0gJxgIZlE1F90ZWPGGFmO4Z8L4iTBfSf31W"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=2592000 cf-ray 7bb286298882901f-FRA expires Sun, 21 May 2023 03:26:11 GMT
GET H2	200	tooltips.min.js Show response www.firmasec.com/web/scripts/	5 KB 2 KB	34ms 32ms	Script application/javascript	2606:4700:3033::6815:1d6d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.firmasec.com/web/scripts/tooltips.min.js Requested by Host: www.firmasec.com URL: https://www.firmasec.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:1d6d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a1f0064fbfc6ae12830f80f5f0ad799b88bda2104f21c772ca46165612793483 Request headers accept-language de-DE,de;q=0.9 Referer https://www.firmasec.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 03:26:11 GMT content-encoding br cf-cache-status REVALIDATED last-modified Sun, 03 Apr 2022 21:13:29 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"624a0df9-1481" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BOhb1sX2J9PIXWVe68GbcZ7U%2BSRvj3%2B3rxt4odKkCSnHCRQfIN423mCVKHGlinyKit0Ta1t4hRtpL%2B%2FcAHBeLVzwRFIFLutY7HEOFfAYqb4kpTl4pLULMXsOgHQ8NrC3Etr4%2F6t6OkTkYBDyu9ac"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 7bb286298884901f-FRA
GET H2	200	slick.min.js Show response www.firmasec.com/web/scripts/	41 KB 11 KB	36ms 36ms	Script application/javascript	2606:4700:3033::6815:1d6d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.firmasec.com/web/scripts/slick.min.js Requested by Host: www.firmasec.com URL: https://www.firmasec.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:1d6d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e02af7df9a190d88380e2dcec2050ecaa493ae2d23526dbeec67f6907df3a752 Request headers accept-language de-DE,de;q=0.9 Referer https://www.firmasec.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 03:26:11 GMT content-encoding br cf-cache-status REVALIDATED last-modified Sun, 03 Apr 2022 21:13:29 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"624a0df9-a3e1" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ddhRr9CPiGofaA28i5GHUjlMpyGxd2OtEhfwNXoj8WMr98SpcgZB8vSCYDOEY9LukKH%2FY4LCqNLbsDnG0sqybeSmCsA%2BxDuVLKIH3aXYqrNlFbE2fxryaoPH8Wxu9Knq2WF%2BN2IK%2F5gbObohhOSA"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 7bb28629888a901f-FRA
GET H2	200	custom.js Show response www.firmasec.com/web/scripts/	36 KB 9 KB	29ms 29ms	Script application/javascript	2606:4700:3033::6815:1d6d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.firmasec.com/web/scripts/custom.js Requested by Host: www.firmasec.com URL: https://www.firmasec.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:1d6d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8481ef93e49a2231b9f58f9c30edce8e4371e568b26c1f1c4948512bb8f6dc4c Request headers accept-language de-DE,de;q=0.9 Referer https://www.firmasec.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 03:26:11 GMT content-encoding br cf-cache-status REVALIDATED last-modified Tue, 05 Apr 2022 02:37:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"624bab4c-8f1d" vary Accept-Encoding, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qj%2FxVmptIaKh%2B0DrWmfmrVJLZU9n18Xsy%2BGc314ANF7VLHlqLYzX5NZHfLBm%2Bgv6%2B9IY0ZxYPzC2c5742ww8s7tiJsEjUXo1g9L7zfEQp550c2MAlZ%2BUgBLrsI2KxQHUKlzBy96ymf8Pa%2B1WpO5J"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=2592000 cf-ray 7bb286299895901f-FRA expires Sun, 21 May 2023 03:26:11 GMT
GET H2	200	leaflet.min.js Show response www.firmasec.com/web/scripts/	139 KB 42 KB	44ms 42ms	Script application/javascript	2606:4700:3033::6815:1d6d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.firmasec.com/web/scripts/leaflet.min.js Requested by Host: www.firmasec.com URL: https://www.firmasec.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:1d6d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c40c27fc5759fbd9e3679e697c481ded760fd6299b7449ac8a41820ad7af5563 Request headers accept-language de-DE,de;q=0.9 Referer https://www.firmasec.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 03:26:11 GMT content-encoding br cf-cache-status REVALIDATED last-modified Sun, 03 Apr 2022 21:13:29 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"624a0df9-22a09" vary Accept-Encoding, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AQB42lyyGuEzHejSA9MNHzQ4eLRPHoDqICpVTtJnDMo%2FC5XGFdYDIj8PA%2BqP%2F4ds7XI57iEYj2%2FDH1vM8MGi8940%2B6jIi39%2FSSZZyUVHxOzqDtpjKu%2B5bx0PtJdCq2SCid6%2B5hLYv5Fev%2FPTk7iw"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=2592000 cf-ray 7bb286292845901f-FRA expires Sun, 21 May 2023 03:26:11 GMT
GET H2	200	leaflet-markercluster.min.js Show response www.firmasec.com/web/scripts/	33 KB 9 KB	39ms 36ms	Script application/javascript	2606:4700:3033::6815:1d6d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.firmasec.com/web/scripts/leaflet-markercluster.min.js Requested by Host: www.firmasec.com URL: https://www.firmasec.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:1d6d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 58be871df61f6c512464e15db0941e63b9491bf1396a2ae3bea6f39e0854cd1c Request headers accept-language de-DE,de;q=0.9 Referer https://www.firmasec.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 03:26:11 GMT content-encoding br cf-cache-status REVALIDATED last-modified Sun, 03 Apr 2022 21:13:29 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"624a0df9-83bc" vary Accept-Encoding, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VZrHEx%2BofA3umUmY90MTva4zSFilM%2B0JtpOAkPw6C6jzn5LKjxKqQ1d6ZODtotI%2BR8QyIZx%2Ff2eGkoJtdUo1qEN5zmKDembPIwcqzPk6DHNXhsws7m5It6EXQidhSS7eGLl7KV3WSj79YP4TaD1g"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=2592000 cf-ray 7bb286292847901f-FRA expires Sun, 21 May 2023 03:26:11 GMT
GET H2	200	leaflet-gesture-handling.min.js Show response www.firmasec.com/web/scripts/	18 KB 7 KB	36ms 34ms	Script application/javascript	2606:4700:3033::6815:1d6d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.firmasec.com/web/scripts/leaflet-gesture-handling.min.js Requested by Host: www.firmasec.com URL: https://www.firmasec.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:1d6d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b8c8f6c16d2cae4c13eb8907a4a7fb396ecd70104269deb719ca90b3c74126 Request headers accept-language de-DE,de;q=0.9 Referer https://www.firmasec.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 03:26:11 GMT content-encoding br cf-cache-status REVALIDATED last-modified Sun, 03 Apr 2022 21:13:29 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"624a0df9-47b2" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6RkSTYl4vhvFyl8YicXFzD0smqXinCaraw9msptdVl5xXY80VoebsYPgevq8%2B5HLrrpiH1jjhiGkuYAwmXSTUiDx9QKTEH3JldtYt8lAVnFybp7Ld0Mvk2F1EtqchVOZm6r9CmAbBRn9rSvxyKmm"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 7bb286292848901f-FRA
GET H2	200	leaflet-listeo.js Show response www.firmasec.com/web/scripts/	9 KB 3 KB	20ms 19ms	Script application/javascript	2606:4700:3033::6815:1d6d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.firmasec.com/web/scripts/leaflet-listeo.js Requested by Host: www.firmasec.com URL: https://www.firmasec.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:1d6d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fa10afda665b9623c6261763eca7e2de6b4e4c7998aad1f23864f4d0b1b3e55a Request headers accept-language de-DE,de;q=0.9 Referer https://www.firmasec.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 03:26:11 GMT content-encoding br cf-cache-status HIT last-modified Tue, 05 Apr 2022 02:37:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 2577 etag W/"624bab4c-248f" vary Accept-Encoding, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mbvu42aiXW5o6M%2Bkw%2FN%2FrWZ%2BwC3s7mBDguBtsE42uOd1AuVBw9DUv9bNFsJKo308hD59TXZmP3X8QTVBW8BiLfPmczAuRkNUgbioCisw%2BNeuCrXa3BFUau52YxdsRdaDR%2FAf6ClTQPpV70Ew8tor"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=2592000 cf-ray 7bb286293854901f-FRA expires Sun, 21 May 2023 02:43:14 GMT
GET H2	200	sweetalert2@11 Show response cdn.jsdelivr.net/npm/	63 KB 19 KB	46ms 20ms	Script application/javascript	2606:4700::6810:5514 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/sweetalert2@11 Requested by Host: www.firmasec.com URL: https://www.firmasec.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b741437f08ff5a83072016e615fb8eb59bf5c2d03defb4027ec151de9d4ae0da Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.firmasec.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 03:26:11 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 40704 x-jsd-version 11.7.3 content-encoding br x-cache HIT, MISS cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-served-by cache-fra-eddf8230029-FRA, cache-yyz4533-YYZ x-jsd-version-type version server cloudflare etag W/"fb54-2L7bOYXVT4xM2BDJlwfWdfStbCc" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WMKqS0PFRX5gH69uXR10D24gREK10C64mPF0EcG2mvCplOrqpHfcNXdPAwGZFJ5cYNdQpdrfgKF4kV4AL2SHsXiJr9w8kpqfUKKh1A9%2Bi%2FaKnJDsf5XAhdeNEojYOopfa2VQiZyzrqEPLn0E81s%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 timing-allow-origin * cf-ray 7bb28629489d362d-FRA
GET H2	200	typed.js Show response www.firmasec.com/web/scripts/	11 KB 4 KB	21ms 20ms	Script application/javascript	2606:4700:3033::6815:1d6d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.firmasec.com/web/scripts/typed.js Requested by Host: www.firmasec.com URL: https://www.firmasec.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:1d6d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1a868cad4a0420be9dc3c4736e51184ea77dc1bf49c00b48f8433c74aa06ce25 Request headers accept-language de-DE,de;q=0.9 Referer https://www.firmasec.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 03:26:11 GMT content-encoding br cf-cache-status HIT last-modified Sun, 03 Apr 2022 21:13:29 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 37084 etag W/"624a0df9-2db4" vary Accept-Encoding, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mS9piGkOkXTo15Nxy2nMTnSbaKO2dFQIOZOey%2FKZ5IeEA25gA6AuYLVE52o0DZclGvof1I0%2BQZygqQlN0vWrWn%2FD2%2BA69W7ADdwL04cVZVZwOYpo%2FfzJA6fTdXhl2vWQzeKROYkp9c1VZb9qml08"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=2592000 cf-ray 7bb28629a89c901f-FRA expires Sat, 20 May 2023 17:08:07 GMT
GET H2	200	css2 fonts.googleapis.com/	16 KB 1 KB	145ms 47ms	Stylesheet text/css	2a00:1450:4001:811::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Open+Sans:wght@500;600;700&family=Raleway:wght@300;400;500;600;700&display=swap Requested by Host: www.firmasec.com URL: https://www.firmasec.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e5ea1ed3bb0380d34d5d2d17e41874103d134bedd751a678cd3af7dfd6cadbbb Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.firmasec.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 21 Apr 2023 03:26:11 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 21 Apr 2023 03:26:11 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 21 Apr 2023 03:26:11 GMT
GET H2	200	app.css www.firmasec.com/assets/css/	546 KB 102 KB	28ms 28ms	Stylesheet text/css	2606:4700:3033::6815:1d6d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.firmasec.com/assets/css/app.css?id=be4be8439bc6db102418 Requested by Host: www.firmasec.com URL: https://www.firmasec.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:1d6d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 12477a515633c93d78d3c190f09981a0567eb49823593ce483cc0876f4c3d8e9 Request headers accept-language de-DE,de;q=0.9 Referer https://www.firmasec.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 03:26:11 GMT content-encoding br cf-cache-status HIT last-modified Fri, 08 Apr 2022 14:04:12 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 34351 etag W/"625040dc-88716" vary Accept-Encoding, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gh2%2BsQVbnmqz8u1L79wi0l9nWobzvJVIoEODSIx4G11rmy7Y244WYso7DnDYu%2BY0sRXf57VgLwlF9I%2FnFlp6ifcViWwouwPqPemL12jkUpiipeHmOx0AKPDwWFSHmsQZlaiIAVjxrH4djEV8tBoC"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=2592000 cf-ray 7bb286295868901f-FRA expires Sat, 20 May 2023 17:53:40 GMT
GET H2	200	f6mr2uf0lz Show response www.clarity.ms/tag/	615 B 957 B	173ms 103ms	Script application/x-javascript	2620:1ec:4e:1::44 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.clarity.ms/tag/f6mr2uf0lz Requested by Host: www.firmasec.com URL: https://www.firmasec.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash c53749dabd830273e4d8d251edf1d133996681ad842fc71fa60586b680109658 Request headers accept-language de-DE,de;q=0.9 Referer https://www.firmasec.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers request-context appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12 date Fri, 21 Apr 2023 03:26:11 GMT cache-control no-cache, no-store expires -1 x-azure-ref 20230421T032611Z-cqbx8z6zb933d754vmhpqtemnn000000013000000000t7yy x-cache CONFIG_NOCACHE content-type application/x-javascript
GET H2	200	simple-line-icons.ttf www.firmasec.com/fonts/	45 KB 46 KB	38ms 36ms	Font application/octet-stream	2606:4700:3033::6815:1d6d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.firmasec.com/fonts/simple-line-icons.ttf?thkwh4 Requested by Host: www.firmasec.com URL: https://www.firmasec.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:1d6d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1a8ff22541abb659b5c965d334fdcbd92653979d3eec8bb581b104aa3812da9b Request headers Referer https://www.firmasec.com/ Origin https://www.firmasec.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 03:26:11 GMT cf-cache-status REVALIDATED last-modified Tue, 05 Apr 2022 02:37:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "624bab4c-b5c4" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LaeyOSKulL3lmpUZRF0fNk%2FcqScKAAzwfQfgqq3%2BDta73J3p%2B7ZhrHFcPlggZ%2BLJSUYXgisk6wWTM%2Fy7hOjl98iD3vH6u1Yq59aa%2FBlrbRYamX2cLV9GpttBRvKsuZMACFeAU4HtweUS0qtDKc%2FX"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream cache-control max-age=14400 accept-ranges bytes cf-ray 7bb286293855901f-FRA content-length 46532
GET H2	200	fontawesome-webfont.woff2 www.firmasec.com/fonts/	65 KB 65 KB	44ms 43ms	Font application/octet-stream	2606:4700:3033::6815:1d6d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.firmasec.com/fonts/fontawesome-webfont.woff2?v=4.6.3 Requested by Host: www.firmasec.com URL: https://www.firmasec.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:1d6d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995 Request headers Referer https://www.firmasec.com/ Origin https://www.firmasec.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 03:26:11 GMT cf-cache-status REVALIDATED last-modified Tue, 05 Apr 2022 02:37:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "624bab4c-10440" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5DfXCbhNvm1fK0HP0A2qcVK4BTMX9EdQ%2F5CO7%2FxdFJtZw9DAZccO9qYDCKeIUEt8frVuxKnEnK1vq7VOhynU37NNOpvZZ0D12ejtfebmM0Vy9uXPpH%2FuutsiAdUXru6M1nDYfIjkKHfl0VS93UMV"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream cache-control max-age=14400 accept-ranges bytes cf-ray 7bb286293856901f-FRA content-length 66624
GET H2	200	ga.js Show response ssl.google-analytics.com/	45 KB 17 KB	116ms 35ms	Script text/javascript	2a00:1450:4001:812::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ssl.google-analytics.com/ga.js Requested by Host: www.firmasec.com URL: https://www.firmasec.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.firmasec.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Fri, 21 Apr 2023 02:12:35 GMT last-modified Tue, 10 Jan 2023 21:29:14 GMT server Golfe2 age 4416 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 17168 expires Fri, 21 Apr 2023 04:12:35 GMT
GET H2	200	simple-line-icons.ttf www.firmasec.com/fonts/	45 KB 46 KB	36ms 35ms	Font application/octet-stream	2606:4700:3033::6815:1d6d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.firmasec.com/fonts/simple-line-icons.ttf?b086c71b8b7d9097697af91899695ebe Requested by Host: www.firmasec.com URL: https://www.firmasec.com/assets/css/app.css?id=be4be8439bc6db102418 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:1d6d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1a8ff22541abb659b5c965d334fdcbd92653979d3eec8bb581b104aa3812da9b Request headers Referer https://www.firmasec.com/assets/css/app.css?id=be4be8439bc6db102418 Origin https://www.firmasec.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 03:26:11 GMT cf-cache-status REVALIDATED last-modified Tue, 05 Apr 2022 02:37:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "624bab4c-b5c4" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a%2F%2FyvONqvbEnpIzjd2YmZXeeHl8YwtyVzCUN8s%2BgjrtOcdW4iG4yDI3vo7Jhsvb0MwPQgjsw4ogU4Cv7DXVyEOeamuFzW4bI6X3lmGLCPaIS%2FaeGj1akT9so4SYA%2FrpAsaPJcJSDw4pBSagkt9fO"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream cache-control max-age=14400 accept-ranges bytes cf-ray 7bb2862a18db901f-FRA content-length 46532
GET H2	200	fontawesome-webfont.woff2 www.firmasec.com/fonts/	65 KB 66 KB	34ms 33ms	Font application/octet-stream	2606:4700:3033::6815:1d6d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.firmasec.com/fonts/fontawesome-webfont.woff2?db812d8a70a4e88e888744c1c9a27e89 Requested by Host: www.firmasec.com URL: https://www.firmasec.com/assets/css/app.css?id=be4be8439bc6db102418 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:1d6d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995 Request headers Referer https://www.firmasec.com/assets/css/app.css?id=be4be8439bc6db102418 Origin https://www.firmasec.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 03:26:11 GMT cf-cache-status REVALIDATED last-modified Tue, 05 Apr 2022 02:37:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "624bab4c-10440" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FAjQeroK5jzJTAiao547XVXQottidwKKSApdOkJf%2Bwfgf%2BnDne9U6X9ahlC3XOTLSIs1tPLoLQdlBRlcD9dmfG52c1B4WCMgXALsWXz4QcoJjdOakZqzf25Ezn3XXMrFMEr2FHFIAzFpoxX9eCd3"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream cache-control max-age=14400 accept-ranges bytes cf-ray 7bb2862a18dd901f-FRA content-length 66624
GET DATA	200 OK	truncated /	2 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 3842feb5a52b01665a847ace36ff915e32116d1ba92d7315ef1b74b85cb78445 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET H2	200	fontello.woff www.firmasec.com/fonts/	9 KB 7 KB	35ms 34ms	Font application/font-woff	2606:4700:3033::6815:1d6d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.firmasec.com/fonts/fontello.woff?9fa4825f8b1b2fc3ce730672443ecf10 Requested by Host: www.firmasec.com URL: https://www.firmasec.com/assets/css/app.css?id=be4be8439bc6db102418 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:1d6d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fcd3b9a35d67c210cc6561100512853efc40fc9096bd5d1af6d05aa1725b3e8a Request headers Referer https://www.firmasec.com/assets/css/app.css?id=be4be8439bc6db102418 Origin https://www.firmasec.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 03:26:11 GMT content-encoding br cf-cache-status REVALIDATED last-modified Tue, 05 Apr 2022 02:37:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"624bab4c-257c" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cZtl%2F%2B4S8bP5diquiSdt9NFNM6IFWKXR08cUML6LQ3X%2BXw0xKGiBWCbEZdQ5Vyqaka5WCet6%2Bg2Rj2J%2B0328PlVxv37gIbtQ6SpKB9Urs2LviXckE573seMhV5vzzjrGMcTQthI9DKfOJlOagxYi"}],"group":"cf-nel","max_age":604800} content-type application/font-woff cache-control max-age=14400 cf-ray 7bb2862a38e5901f-FRA
GET H2	200	1Ptug8zYS_SKggPNyC0ITw.woff2 fonts.gstatic.com/s/raleway/v28/	45 KB 46 KB	475ms 35ms	Font font/woff2	2a00:1450:4001:812::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@500;600;700&family=Raleway:wght@300;400;500;600;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.firmasec.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Thu, 20 Apr 2023 00:22:17 GMT x-content-type-options nosniff age 97435 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 46524 x-xss-protection 0 last-modified Mon, 18 Jul 2022 19:58:01 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 19 Apr 2024 00:22:17 GMT
GET H2	200	1Ptug8zYS_SKggPNyCMIT5lu.woff2 fonts.gstatic.com/s/raleway/v28/	30 KB 30 KB	523ms 85ms	Font font/woff2	2a00:1450:4001:812::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyCMIT5lu.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@500;600;700&family=Raleway:wght@300;400;500;600;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ab47b8f50fe4195819b4af2ac0fffb2b3543502e11282d492d6cd73c124845cf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.firmasec.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Thu, 20 Apr 2023 02:19:14 GMT x-content-type-options nosniff age 90418 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 30448 x-xss-protection 0 last-modified Mon, 18 Jul 2022 20:08:52 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 19 Apr 2024 02:19:14 GMT
GET H2	200	clarity.js Show response www.clarity.ms/s/0.7.6/	56 KB 23 KB	34ms 34ms	Script application/javascript	2620:1ec:4e:1::44 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.clarity.ms/s/0.7.6/clarity.js Requested by Host: www.clarity.ms URL: https://www.clarity.ms/tag/f6mr2uf0lz Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:1ec:4e:1::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e63cf738c3a577e286765aaa9de59ed4300f6bf8b5d34773d131afd3da456b9c Request headers accept-language de-DE,de;q=0.9 Referer https://www.firmasec.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 03:26:11 GMT content-encoding br last-modified Thu, 20 Apr 2023 11:24:12 GMT etag W/"0x8DB4191C482824C" vary Accept-Encoding x-azure-ref 20230421T032611Z-cqbx8z6zb933d754vmhpqtemnn000000013000000000t7zu content-type application/javascript;charset=utf-8 access-control-allow-origin * x-ms-request-id 6571a124-801e-0005-0ec7-73fc00000000 cache-control public, max-age=86400 x-cache TCP_HIT x-ms-version 2018-03-28
GET H2	200	show_ads_impl_with_ama_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304110102/	345 KB 116 KB	98ms 97ms	Script text/javascript	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304110102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7403327254807716&plah=www.firmasec.com&bust=31074010 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7403327254807716 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e213be4fb04ac26a6a86ab5bec73758c42e05b347b4a8a233c40d61e1714d81a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.firmasec.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 03:26:11 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 118229 x-xss-protection 0 server cafe etag 14073916504749298795 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Fri, 21 Apr 2023 03:26:11 GMT
GET H2	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20230418/r20190131/ Frame 8DCB	10 KB 5 KB	116ms 35ms	Document text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20230418/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7403327254807716 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.firmasec.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 27514 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4549 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 20 Apr 2023 19:47:38 GMT etag 2378337311435320485 expires Thu, 04 May 2023 19:47:38 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	ga-audiences www.google.de/ads/ Redirect Chain https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=2062093466&utmhn=www.firmasec.com&utme=8(Ana%20Sayfa)9(Ana%20Sayfa)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utm... https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-54841386-1&cid=1099387567.1682047572&jid=1953217776&_v=5.7.2&z=2062093466 https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-54841386-1&cid=1099387567.1682047572&jid=1953217776&_v=5.7.2&z=2062093466 https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-54841386-1&cid=1099387567.1682047572&jid=1953217776&_v=5.7.2&z=2062093466&slf_rd=1&random=1875784171	42 B 408 B	146ms 51ms	Image image/gif	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-54841386-1&cid=1099387567.1682047572&jid=1953217776&_v=5.7.2&z=2062093466&slf_rd=1&random=1875784171 Requested by Host: www.firmasec.com URL: https://www.firmasec.com/ Protocol H2 Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.firmasec.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Fri, 21 Apr 2023 03:26:12 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Fri, 21 Apr 2023 03:26:12 GMT x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" location https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-54841386-1&cid=1099387567.1682047572&jid=1953217776&_v=5.7.2&z=2062093466&slf_rd=1&random=1875784171 content-type text/html; charset=UTF-8 cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	cookie.js Show response partner.googleadservices.com/gampad/	391 B 603 B	165ms 44ms	Script text/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://partner.googleadservices.com/gampad/cookie.js?domain=www.firmasec.com&callback=_gfp_s_&client=ca-pub-7403327254807716 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304110102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7403327254807716&plah=www.firmasec.com&bust=31074010 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 1fad4b291b370d267b0ed27c48a9a421895724a5b3f0ba569183d8a0847224de Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.firmasec.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 03:26:12 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type text/javascript; charset=UTF-8 cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 252 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.de/adsid/	107 B 531 B	155ms 44ms	Script application/javascript	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=www.firmasec.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304110102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7403327254807716&plah=www.firmasec.com&bust=31074010 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.firmasec.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 03:26:12 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 456 B	131ms 43ms	Script application/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.firmasec.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304110102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7403327254807716&plah=www.firmasec.com&bust=31074010 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.firmasec.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 03:26:12 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 093A	315 KB 74 KB	767ms 767ms	Document text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&adk=1812271804&adf=3025194257&lmt=1682047572&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.firmasec.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047571706&bpp=19&bdt=356&idt=425&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7399202642507&frm=20&pv=2&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=463 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304110102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7403327254807716&plah=www.firmasec.com&bust=31074010 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 089af564445bbb5880b011623d873c9f4c2bef4c086709035dd2a82ae27c9975 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.firmasec.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 75235 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 21 Apr 2023 03:26:12 GMT expires Fri, 21 Apr 2023 03:26:12 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 4EFD	92 KB 33 KB	623ms 622ms	Document text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=280&adk=4144480424&adf=2712143399&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1682047572&rafmt=1&to=qs&pwprc=3732620310&format=1200x280&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047571725&bpp=2&bdt=376&idt=450&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=90&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VdJ9OtQaeV&p=https%3A//www.firmasec.com&dtd=532 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304110102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7403327254807716&plah=www.firmasec.com&bust=31074010 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3ba95a8ce26e20fa640b511593a35778d3ca8c4e38a2eae8b4621229836f363d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.firmasec.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 33465 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 21 Apr 2023 03:26:12 GMT expires Fri, 21 Apr 2023 03:26:12 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
POST H/1.1	204 No Content	collect Show response y.clarity.ms/	0 296 B	333ms 94ms	XHR text/plain	104.211.35.148 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://y.clarity.ms/collect Requested by Host: www.clarity.ms URL: https://www.clarity.ms/s/0.7.6/clarity.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.211.35.148 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/x-clarity-gzip Referer https://www.firmasec.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Access-Control-Allow-Origin https://www.firmasec.com Date Fri, 21 Apr 2023 03:26:12 GMT Access-Control-Allow-Credentials true Server nginx/1.18.0 (Ubuntu) Connection keep-alive Vary Origin Request-Context appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0
POST H/1.1	204 No Content	collect Show response y.clarity.ms/	0 296 B	341ms 227ms	XHR text/plain	104.211.35.148 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://y.clarity.ms/collect Requested by Host: www.clarity.ms URL: https://www.clarity.ms/s/0.7.6/clarity.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.211.35.148 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/x-clarity-gzip Referer https://www.firmasec.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Access-Control-Allow-Origin https://www.firmasec.com Date Fri, 21 Apr 2023 03:26:12 GMT Access-Control-Allow-Credentials true Server nginx/1.18.0 (Ubuntu) Connection keep-alive Vary Origin Request-Context appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0
GET H2	200	css fonts.googleapis.com/ Frame 4EFD	2 KB 627 B	57ms 48ms	Stylesheet text/css	2a00:1450:4001:811::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=280&adk=4144480424&adf=2712143399&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1682047572&rafmt=1&to=qs&pwprc=3732620310&format=1200x280&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047571725&bpp=2&bdt=376&idt=450&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=90&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VdJ9OtQaeV&p=https%3A//www.firmasec.com&dtd=532 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash c02b9ec79fbd254fa28c4af580ef583bb835db70e1fe23cf73578011e8c66f14 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 21 Apr 2023 03:26:12 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 21 Apr 2023 01:58:39 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 21 Apr 2023 03:26:12 GMT
GET H2	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 4EFD	2 KB 843 B	181ms 74ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=280&adk=4144480424&adf=2712143399&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1682047572&rafmt=1&to=qs&pwprc=3732620310&format=1200x280&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047571725&bpp=2&bdt=376&idt=450&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=90&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VdJ9OtQaeV&p=https%3A//www.firmasec.com&dtd=532 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 03:26:13 GMT content-encoding br x-content-type-options nosniff age 0 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 738 x-xss-protection 0 server cafe etag 1394486882873449110 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 05 May 2023 03:26:13 GMT
GET H3	200	adview googleads.g.doubleclick.net/pagead/ Frame 4EFD	0 0	101ms 81ms	Fetch text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/adview?ai=CQMZRVAJCZImpEdqgrAT2wpKYCe230JFw5OHVicAQq-T3lsY4EAEgjs3CDWCV4pCCoAegAeHo-IMDyAEJqQK4Sb-1M2eyPqgDAcgDywSqBMoBT9C11FF12__LfkSkn5ma7nEyGV3uOw3u_A1Mbb2v-uzvEWSH2or9Zvj_hixN3H9igC9fRLCnw5L-CUTA8eit29ZgdNVxqZwAiC9-ravYNdmAqc1iOukFs36FE5i4YmuBnS8R9ZwxjmpqU3LwVdeTquIFoAouP7AgBhHc9Yuuqz_EHENvbhIzH65zmzG1EEuyg75c54T8FIeVAY3VO2dvXiotrieRw2tAPN60VHYLmfBqcK0gM6R7ti7HvClpJXV8YBxliv_hzo-6kMAEi_mDgpsEkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB5Di3okDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcFEIrMhQLSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDIgUB9AVAYAXAbIXHAoaCAASFHB1Yi03NDAzMzI3MjU0ODA3NzE2GAA&sigh=AJgYEqNFkhI&uach_m=[UACH]&cid=CAQSGwBygQiD0Jpf_gy0O0bmYp6PezmRa4ClREga9xgB&template_id=494 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=280&adk=4144480424&adf=2712143399&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1682047572&rafmt=1&to=qs&pwprc=3732620310&format=1200x280&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047571725&bpp=2&bdt=376&idt=450&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=90&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VdJ9OtQaeV&p=https%3A//www.firmasec.com&dtd=532 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=280&adk=4144480424&adf=2712143399&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1682047572&rafmt=1&to=qs&pwprc=3732620310&format=1200x280&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047571725&bpp=2&bdt=376&idt=450&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=90&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VdJ9OtQaeV&p=https%3A//www.firmasec.com&dtd=532 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Fri, 21 Apr 2023 03:26:12 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 21 Apr 2023 03:26:12 GMT
GET H2	200	shopping encrypted-tbn0.gstatic.com/ Frame 4EFD	22 KB 22 KB	152ms 38ms	Image image/jpeg	2a00:1450:4001:800::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTvUEmctdEvnKDobYf1MIz5ZcgD7rZMViaMY23culPqRTagAfREHnRheusjHg&usqp=CAI Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=280&adk=4144480424&adf=2712143399&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1682047572&rafmt=1&to=qs&pwprc=3732620310&format=1200x280&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047571725&bpp=2&bdt=376&idt=450&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=90&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VdJ9OtQaeV&p=https%3A//www.firmasec.com&dtd=532 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0f7e32fd18b86f1a3211fd5413f6d5235ff5129dfb0106a45ffdda5bdad67838 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Thu, 20 Apr 2023 07:44:03 GMT x-content-type-options nosniff age 70930 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 22456 x-xss-protection 0 last-modified Tue, 07 Sep 2021 14:20:01 GMT server sffe report-to {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]} content-type image/jpeg cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="images-tbn" expires Fri, 19 Apr 2024 07:44:03 GMT
GET H2	200	10320518866760817365 tpc.googlesyndication.com/simgad/ Frame 4EFD Redirect Chain https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODo3u__mQEQsAkYsAkyCK19gLJhZIVR https://tpc.googlesyndication.com/simgad/10320518866760817365	114 KB 114 KB	44ms 43ms	Image image/jpeg	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/10320518866760817365 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=280&adk=4144480424&adf=2712143399&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1682047572&rafmt=1&to=qs&pwprc=3732620310&format=1200x280&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047571725&bpp=2&bdt=376&idt=450&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=90&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VdJ9OtQaeV&p=https%3A//www.firmasec.com&dtd=532 Protocol H2 Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3f3b5cb29742e690f602fd82647bee0ba85be6e2af6beb2e0a931336a2588b10 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Thu, 20 Apr 2023 04:56:47 GMT x-content-type-options nosniff age 80966 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 116378 x-xss-protection 0 last-modified Mon, 28 Feb 2022 11:00:04 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Fri, 19 Apr 2024 04:56:47 GMT Redirect headers date Thu, 20 Apr 2023 07:26:39 GMT x-content-type-options nosniff server cafe age 71974 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" location https://tpc.googlesyndication.com/simgad/10320518866760817365 content-type text/html; charset=UTF-8 cache-control public, max-age=2592000 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Sat, 20 May 2023 07:26:39 GMT
GET H2	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230418/r20110914/ Frame 4EFD	21 KB 8 KB	242ms 144ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=280&adk=4144480424&adf=2712143399&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1682047572&rafmt=1&to=qs&pwprc=3732620310&format=1200x280&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047571725&bpp=2&bdt=376&idt=450&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=90&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VdJ9OtQaeV&p=https%3A//www.firmasec.com&dtd=532 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 03:26:13 GMT content-encoding br x-content-type-options nosniff age 0 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8535 x-xss-protection 0 server cafe etag 13968503839060854674 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 05 May 2023 03:26:13 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 4EFD	3 KB 1 KB	138ms 40ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=280&adk=4144480424&adf=2712143399&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1682047572&rafmt=1&to=qs&pwprc=3732620310&format=1200x280&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047571725&bpp=2&bdt=376&idt=450&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=90&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VdJ9OtQaeV&p=https%3A//www.firmasec.com&dtd=532 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Thu, 20 Apr 2023 16:45:07 GMT content-encoding br x-content-type-options nosniff age 38466 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 04 May 2023 16:45:07 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 4EFD	19 KB 8 KB	134ms 37ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=280&adk=4144480424&adf=2712143399&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1682047572&rafmt=1&to=qs&pwprc=3732620310&format=1200x280&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047571725&bpp=2&bdt=376&idt=450&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=90&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VdJ9OtQaeV&p=https%3A//www.firmasec.com&dtd=532 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Thu, 20 Apr 2023 16:45:05 GMT content-encoding br x-content-type-options nosniff age 38468 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8104 x-xss-protection 0 server cafe etag 11444945707709536616 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 04 May 2023 16:45:05 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 4EFD	159 KB 49 KB	187ms 48ms	Script text/javascript	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=280&adk=4144480424&adf=2712143399&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1682047572&rafmt=1&to=qs&pwprc=3732620310&format=1200x280&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047571725&bpp=2&bdt=376&idt=450&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=90&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VdJ9OtQaeV&p=https%3A//www.firmasec.com&dtd=532 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 03:26:13 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 49672 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1681929791789681" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Fri, 21 Apr 2023 03:26:13 GMT
GET H2	200	f8970ecc2196f374e9d99027c476dd6b.js Show response www.gstatic.com/mysidia/ Frame 4EFD	32 KB 14 KB	131ms 35ms	Script text/javascript	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/f8970ecc2196f374e9d99027c476dd6b.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=280&adk=4144480424&adf=2712143399&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1682047572&rafmt=1&to=qs&pwprc=3732620310&format=1200x280&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047571725&bpp=2&bdt=376&idt=450&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=90&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VdJ9OtQaeV&p=https%3A//www.firmasec.com&dtd=532 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 56cb66844b6e4806082b345cc9bf870b3e2493a6f4e277b865d85666f0fac439 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Thu, 20 Apr 2023 03:40:25 GMT content-encoding gzip x-content-type-options nosniff age 85548 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13747 x-xss-protection 0 last-modified Tue, 18 Apr 2023 02:08:12 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Wed, 19 Jul 2023 03:40:25 GMT
GET H3	200	reactive_library_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304110102/	150 KB 51 KB	86ms 84ms	Script text/javascript	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304110102/reactive_library_fy2021.js?bust=31074010 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304110102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7403327254807716&plah=www.firmasec.com&bust=31074010 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 2ac5259ea0750083c5b16d9deb40e5aacf983d1984aa000448a1f9d1cca3b41a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.firmasec.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 03:26:13 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 52056 x-xss-protection 0 server cafe etag 1204209087266795483 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Fri, 21 Apr 2023 03:26:13 GMT
GET H2	200	integrator.js Show response adservice.google.de/adsid/	107 B 165 B	50ms 47ms	Script application/javascript	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=www.firmasec.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304110102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7403327254807716&plah=www.firmasec.com&bust=31074010 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.firmasec.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 03:26:13 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 165 B	50ms 48ms	Script application/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.firmasec.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304110102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7403327254807716&plah=www.firmasec.com&bust=31074010 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.firmasec.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 03:26:13 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 1C35	31 KB 12 KB	293ms 291ms	Document text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=280&adk=1166757697&adf=2158498679&pi=t.aa~a.1082746971~rp.4&w=373&fwrn=4&fwrnh=100&lmt=1682047573&rafmt=1&to=qs&pwprc=3732620310&format=373x280&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047573066&bpp=1&bdt=1717&idt=-M&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5bf94a9a783d80b-227c0c2a9fdd001f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MYZPNtzsT6Yhmg03jopYK6dzlW7SQ&gpic=UID%3D00000bedf15d7e4f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MY3nY2oumkbWDhJ0CE5h_yMIHWWlw&prev_fmts=0x0%2C1200x280&nras=3&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1017&ady=2594&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=RM1MWD9jzd&p=https%3A//www.firmasec.com&dtd=26 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304110102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7403327254807716&plah=www.firmasec.com&bust=31074010 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash fd2d383c85dacf75ae8d2c76e611edd99035c4c601e093bf0117ff30d8651861 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.firmasec.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding br content-length 12556 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 21 Apr 2023 03:26:13 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 6A39	84 KB 33 KB	314ms 313ms	Document text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=280&adk=1166757697&adf=1123912271&pi=t.aa~a.1082735456~rp.4&w=373&fwrn=4&fwrnh=100&lmt=1682047573&rafmt=1&to=qs&pwprc=3732620310&format=373x280&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047573066&bpp=2&bdt=1716&idt=-M&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5bf94a9a783d80b-227c0c2a9fdd001f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MYZPNtzsT6Yhmg03jopYK6dzlW7SQ&gpic=UID%3D00000bedf15d7e4f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MY3nY2oumkbWDhJ0CE5h_yMIHWWlw&prev_fmts=0x0%2C1200x280%2C373x280&nras=4&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1017&ady=3239&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1wH98IpilB&p=https%3A//www.firmasec.com&dtd=34 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304110102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7403327254807716&plah=www.firmasec.com&bust=31074010 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 531c148fae0b494870f4ca54efd6362d7480bf2559bf0c0edaa3c759a32baf2f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.firmasec.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding br content-length 34258 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 21 Apr 2023 03:26:13 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 3E0B	84 KB 33 KB	258ms 254ms	Document text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=3291041699&pi=t.aa~a.1259045259~rp.4&w=313&fwrn=4&fwrnh=100&lmt=1682047573&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047573066&bpp=1&bdt=1716&idt=-M&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5bf94a9a783d80b-227c0c2a9fdd001f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MYZPNtzsT6Yhmg03jopYK6dzlW7SQ&gpic=UID%3D00000bedf15d7e4f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MY3nY2oumkbWDhJ0CE5h_yMIHWWlw&prev_fmts=0x0%2C1200x280%2C373x280%2C373x280&nras=5&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=3841&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=Jq1tGrrtOg&p=https%3A//www.firmasec.com&dtd=47 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304110102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7403327254807716&plah=www.firmasec.com&bust=31074010 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 6ada2c61fadd0182182512c8641fb3fdabf5f1b7f52897902eeaa46cde700e73 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.firmasec.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding br content-length 34243 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 21 Apr 2023 03:26:13 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame C30F	84 KB 33 KB	228ms 222ms	Document text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=2394730556&pi=t.aa~a.1259055193~rp.4&w=313&fwrn=4&fwrnh=100&lmt=1682047573&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047573066&bpp=2&bdt=1717&idt=2&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5bf94a9a783d80b-227c0c2a9fdd001f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MYZPNtzsT6Yhmg03jopYK6dzlW7SQ&gpic=UID%3D00000bedf15d7e4f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MY3nY2oumkbWDhJ0CE5h_yMIHWWlw&prev_fmts=0x0%2C1200x280%2C373x280%2C373x280%2C313x250&nras=6&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=4561&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=oThMqoEB4w&p=https%3A//www.firmasec.com&dtd=56 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304110102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7403327254807716&plah=www.firmasec.com&bust=31074010 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 503bc80ee8ae6f2195f8efda5d7b6c6eab5c581c5903da22cf91d9e85e0247f6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.firmasec.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-encoding br content-length 33992 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 21 Apr 2023 03:26:13 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	integrator.js Show response adservice.google.de/adsid/	107 B 122 B	45ms 45ms	Script application/javascript	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=www.firmasec.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304110102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7403327254807716&plah=www.firmasec.com&bust=31074010 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.firmasec.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 03:26:13 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H3	200	integrator.js Show response adservice.google.com/adsid/	107 B 122 B	47ms 47ms	Script application/javascript	2a00:1450:4001:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.firmasec.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304110102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7403327254807716&plah=www.firmasec.com&bust=31074010 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.firmasec.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 03:26:13 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100 x-xss-protection 0
GET H3	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/ Frame 45C1	10 KB 4 KB	166ms 165ms	Document text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304110102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7403327254807716&plah=www.firmasec.com&bust=31074010 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.firmasec.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4549 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 21 Apr 2023 03:26:13 GMT etag 2378337311435320485 expires Fri, 05 May 2023 03:26:13 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/ Frame 8B93	10 KB 4 KB	266ms 265ms	Document text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304110102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7403327254807716&plah=www.firmasec.com&bust=31074010 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.firmasec.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4549 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 21 Apr 2023 03:26:13 GMT etag 2378337311435320485 expires Fri, 05 May 2023 03:26:13 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET DATA	200 OK	truncated / Frame 4EFD	217 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 4fdfc9b8efe16701408f87e72af81abf74ff5441529ef263402b8b1011a1f675 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Content-Type image/png
GET H2	200	ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2 fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 4EFD	20 KB 20 KB	40ms 39ms	Font font/woff2	2a00:1450:4001:812::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://googleads.g.doubleclick.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 18 Apr 2023 02:01:11 GMT x-content-type-options nosniff age 264302 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20784 x-xss-protection 0 last-modified Tue, 19 Apr 2022 19:21:31 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 17 Apr 2024 02:01:11 GMT
GET H3	200	2403876656933901835 tpc.googlesyndication.com/simgad/ Frame C30F	50 KB 50 KB	41ms 40ms	Image image/png	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/2403876656933901835?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qk7leM6iVQbA9gB6_KpvO3h0c46ww Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=2394730556&pi=t.aa~a.1259055193~rp.4&w=313&fwrn=4&fwrnh=100&lmt=1682047573&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047573066&bpp=2&bdt=1717&idt=2&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5bf94a9a783d80b-227c0c2a9fdd001f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MYZPNtzsT6Yhmg03jopYK6dzlW7SQ&gpic=UID%3D00000bedf15d7e4f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MY3nY2oumkbWDhJ0CE5h_yMIHWWlw&prev_fmts=0x0%2C1200x280%2C373x280%2C373x280%2C313x250&nras=6&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=4561&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=oThMqoEB4w&p=https%3A//www.firmasec.com&dtd=56 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8fafc425299ee963a98ca64a51701a9ab8564dc3d9f982aa6882c94b38a6cd9e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 18 Apr 2023 05:13:11 GMT x-content-type-options nosniff age 252782 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 50700 x-xss-protection 0 last-modified Mon, 27 Feb 2023 07:18:24 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Wed, 17 Apr 2024 05:13:11 GMT
GET H3	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230418/r20110914/ Frame C30F	21 KB 8 KB	86ms 85ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=2394730556&pi=t.aa~a.1259055193~rp.4&w=313&fwrn=4&fwrnh=100&lmt=1682047573&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047573066&bpp=2&bdt=1717&idt=2&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5bf94a9a783d80b-227c0c2a9fdd001f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MYZPNtzsT6Yhmg03jopYK6dzlW7SQ&gpic=UID%3D00000bedf15d7e4f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MY3nY2oumkbWDhJ0CE5h_yMIHWWlw&prev_fmts=0x0%2C1200x280%2C373x280%2C373x280%2C313x250&nras=6&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=4561&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=oThMqoEB4w&p=https%3A//www.firmasec.com&dtd=56 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 03:26:13 GMT content-encoding br x-content-type-options nosniff age 0 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8535 x-xss-protection 0 server cafe etag 13968503839060854674 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 05 May 2023 03:26:13 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame C30F	3 KB 1 KB	72ms 71ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=2394730556&pi=t.aa~a.1259055193~rp.4&w=313&fwrn=4&fwrnh=100&lmt=1682047573&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047573066&bpp=2&bdt=1717&idt=2&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5bf94a9a783d80b-227c0c2a9fdd001f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MYZPNtzsT6Yhmg03jopYK6dzlW7SQ&gpic=UID%3D00000bedf15d7e4f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MY3nY2oumkbWDhJ0CE5h_yMIHWWlw&prev_fmts=0x0%2C1200x280%2C373x280%2C373x280%2C313x250&nras=6&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=4561&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=oThMqoEB4w&p=https%3A//www.firmasec.com&dtd=56 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Thu, 20 Apr 2023 16:45:07 GMT content-encoding br x-content-type-options nosniff age 38466 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 04 May 2023 16:45:07 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame C30F	19 KB 8 KB	37ms 36ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=2394730556&pi=t.aa~a.1259055193~rp.4&w=313&fwrn=4&fwrnh=100&lmt=1682047573&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047573066&bpp=2&bdt=1717&idt=2&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5bf94a9a783d80b-227c0c2a9fdd001f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MYZPNtzsT6Yhmg03jopYK6dzlW7SQ&gpic=UID%3D00000bedf15d7e4f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MY3nY2oumkbWDhJ0CE5h_yMIHWWlw&prev_fmts=0x0%2C1200x280%2C373x280%2C373x280%2C313x250&nras=6&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=4561&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=oThMqoEB4w&p=https%3A//www.firmasec.com&dtd=56 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Thu, 20 Apr 2023 16:45:05 GMT content-encoding br x-content-type-options nosniff age 38468 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8104 x-xss-protection 0 server cafe etag 11444945707709536616 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 04 May 2023 16:45:05 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame C30F	0 0	49ms 46ms	Image text/html	2a00:1450:4001:828::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaRqUg0akJSuT2YGfEg9fJTI10A01fvy6_LPmv2n5EJp4f5Z99iYzO_WZgPSU-7x_BsFA0rZhrqNfNaZzqBsIPSlBsG-aQ Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=2394730556&pi=t.aa~a.1259055193~rp.4&w=313&fwrn=4&fwrnh=100&lmt=1682047573&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047573066&bpp=2&bdt=1717&idt=2&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5bf94a9a783d80b-227c0c2a9fdd001f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MYZPNtzsT6Yhmg03jopYK6dzlW7SQ&gpic=UID%3D00000bedf15d7e4f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MY3nY2oumkbWDhJ0CE5h_yMIHWWlw&prev_fmts=0x0%2C1200x280%2C373x280%2C373x280%2C313x250&nras=6&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=4561&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=oThMqoEB4w&p=https%3A//www.firmasec.com&dtd=56 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame C30F	159 KB 49 KB	56ms 54ms	Script text/javascript	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=2394730556&pi=t.aa~a.1259055193~rp.4&w=313&fwrn=4&fwrnh=100&lmt=1682047573&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047573066&bpp=2&bdt=1717&idt=2&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5bf94a9a783d80b-227c0c2a9fdd001f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MYZPNtzsT6Yhmg03jopYK6dzlW7SQ&gpic=UID%3D00000bedf15d7e4f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MY3nY2oumkbWDhJ0CE5h_yMIHWWlw&prev_fmts=0x0%2C1200x280%2C373x280%2C373x280%2C313x250&nras=6&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=4561&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=oThMqoEB4w&p=https%3A//www.firmasec.com&dtd=56 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 03:26:13 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 49672 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1681929791789681" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Fri, 21 Apr 2023 03:26:13 GMT
GET H3	200	one_click_handler_one_afma_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame C30F	32 KB 13 KB	77ms 76ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/one_click_handler_one_afma_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=2394730556&pi=t.aa~a.1259055193~rp.4&w=313&fwrn=4&fwrnh=100&lmt=1682047573&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047573066&bpp=2&bdt=1717&idt=2&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5bf94a9a783d80b-227c0c2a9fdd001f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MYZPNtzsT6Yhmg03jopYK6dzlW7SQ&gpic=UID%3D00000bedf15d7e4f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MY3nY2oumkbWDhJ0CE5h_yMIHWWlw&prev_fmts=0x0%2C1200x280%2C373x280%2C373x280%2C313x250&nras=6&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=4561&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=oThMqoEB4w&p=https%3A//www.firmasec.com&dtd=56 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3e4e65e7db3c40d4bb9c16f3e85e1e7ed107d564d25c56e3170b38da5460506f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Thu, 20 Apr 2023 17:59:26 GMT content-encoding br x-content-type-options nosniff age 34007 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13160 x-xss-protection 0 server cafe etag 2897017380701680925 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 04 May 2023 17:59:26 GMT
GET H3	200	2403876656933901835 tpc.googlesyndication.com/simgad/ Frame 3E0B	50 KB 50 KB	44ms 40ms	Image image/png	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/2403876656933901835?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qk7leM6iVQbA9gB6_KpvO3h0c46ww Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=3291041699&pi=t.aa~a.1259045259~rp.4&w=313&fwrn=4&fwrnh=100&lmt=1682047573&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047573066&bpp=1&bdt=1716&idt=-M&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5bf94a9a783d80b-227c0c2a9fdd001f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MYZPNtzsT6Yhmg03jopYK6dzlW7SQ&gpic=UID%3D00000bedf15d7e4f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MY3nY2oumkbWDhJ0CE5h_yMIHWWlw&prev_fmts=0x0%2C1200x280%2C373x280%2C373x280&nras=5&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=3841&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=Jq1tGrrtOg&p=https%3A//www.firmasec.com&dtd=47 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8fafc425299ee963a98ca64a51701a9ab8564dc3d9f982aa6882c94b38a6cd9e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 18 Apr 2023 05:13:11 GMT x-content-type-options nosniff age 252782 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 50700 x-xss-protection 0 last-modified Mon, 27 Feb 2023 07:18:24 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Wed, 17 Apr 2024 05:13:11 GMT
GET H3	200	adview googleads.g.doubleclick.net/pagead/ Frame C30F	0 0	82ms 81ms	Fetch text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/adview?ai=CFwbcVQJCZOSjCYWhrATqqpLABcv_6O9v-KXNlL0RweKxm8wIEAEgjs3CDWCV4pCCoAegAYKBlYgDyAECqQK3Fkp6v6prPqgDAcgDyQSqBMwBT9A2e1_buL6zTfIIaYPc6fmCVyki6L2uoBUrgb500Mn1955iw26RKzGq0dXUGIgy3iMJqmd1FkQQs6xCcTukFEBqkZ_5sVXCVpTK-hgp0KusqGPVpjCjgbw1VEk6u9GdfH2PnZr-2F2eO7qqt70GbTRSY-WKrT8xFGLKZs5lqdT81-PVSgKmPuRA4B8Ip_8b6EGDxUz2KKlZdhTGvX4jbo-gjwSAMXf8EP9AG6U5Rrg7tYQT65wf_7QgdhrZZPU0W3vr_ARzZ8McstI5wASntPSVkQSSBQQIBBgBkgUECAUYBKAGAoAH5v7qd6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEMTsA9IIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTc0MDMzMjcyNTQ4MDc3MTYYAA&sigh=oB4ndsIaWoU&uach_m=[UACH]&cid=CAQSPABygQiDu8Wd_rNU15Zedv1jXVNZsBI2MQkrT4cYor4AWSNCVglI39t8wHQ1KPB-UoueRnGkWkTH_3Bt_BgB Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=2394730556&pi=t.aa~a.1259055193~rp.4&w=313&fwrn=4&fwrnh=100&lmt=1682047573&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047573066&bpp=2&bdt=1717&idt=2&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5bf94a9a783d80b-227c0c2a9fdd001f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MYZPNtzsT6Yhmg03jopYK6dzlW7SQ&gpic=UID%3D00000bedf15d7e4f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MY3nY2oumkbWDhJ0CE5h_yMIHWWlw&prev_fmts=0x0%2C1200x280%2C373x280%2C373x280%2C313x250&nras=6&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=4561&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=oThMqoEB4w&p=https%3A//www.firmasec.com&dtd=56 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=2394730556&pi=t.aa~a.1259055193~rp.4&w=313&fwrn=4&fwrnh=100&lmt=1682047573&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047573066&bpp=2&bdt=1717&idt=2&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5bf94a9a783d80b-227c0c2a9fdd001f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MYZPNtzsT6Yhmg03jopYK6dzlW7SQ&gpic=UID%3D00000bedf15d7e4f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MY3nY2oumkbWDhJ0CE5h_yMIHWWlw&prev_fmts=0x0%2C1200x280%2C373x280%2C373x280%2C313x250&nras=6&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=4561&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=oThMqoEB4w&p=https%3A//www.firmasec.com&dtd=56 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Fri, 21 Apr 2023 03:26:13 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	adview googleads.g.doubleclick.net/pagead/ Frame 3E0B	0 0	81ms 80ms	Fetch text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/adview?ai=C-EWRVQJCZIHwCMGf3gOG6aSYA8v_6O9v-KXNlL0RweKxm8wIEAEgjs3CDWCV4pCCoAegAYKBlYgDyAECqQK3Fkp6v6prPqgDAcgDyQSqBMwBT9D13KD3O8vk4_GG_Pgpn9gRoIvlarturvaxJDyDQWUIvVn3ieEuAOKBQgxpq4TUnPJqVeXJ4u7zExpruzuh24dAKhvwFSjSKENm2W4YZPSAEi_EStLmgMOwTPDs67VpJuP1CvUUBvuuFQacPhyQv9cU7Qj4rBGTRFEbg20b2zP0drwB9wAPzJ2ymeMUZeZRDQvKqIpyv_4OY-Ld2xASZ_CPFrADcS0iLyTtrp5bgZsdN7TXfMRrRAmsNHANvEUfAREAVj902H9oW_xTwASntPSVkQSSBQQIBBgBkgUECAUYBKAGAoAH5v7qd6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEENfsA9IIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTc0MDMzMjcyNTQ4MDc3MTYYAA&sigh=Ts9an_g-vhg&uach_m=[UACH]&cid=CAQSPABygQiDTrqDLQY1KdCh274Rb6-eQ9HUXXzNlWFJGShpYaMS-1EntotQjUApYl8NBTYsRf5H9wsFdj8B9RgB Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=3291041699&pi=t.aa~a.1259045259~rp.4&w=313&fwrn=4&fwrnh=100&lmt=1682047573&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047573066&bpp=1&bdt=1716&idt=-M&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5bf94a9a783d80b-227c0c2a9fdd001f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MYZPNtzsT6Yhmg03jopYK6dzlW7SQ&gpic=UID%3D00000bedf15d7e4f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MY3nY2oumkbWDhJ0CE5h_yMIHWWlw&prev_fmts=0x0%2C1200x280%2C373x280%2C373x280&nras=5&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=3841&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=Jq1tGrrtOg&p=https%3A//www.firmasec.com&dtd=47 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=3291041699&pi=t.aa~a.1259045259~rp.4&w=313&fwrn=4&fwrnh=100&lmt=1682047573&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047573066&bpp=1&bdt=1716&idt=-M&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5bf94a9a783d80b-227c0c2a9fdd001f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MYZPNtzsT6Yhmg03jopYK6dzlW7SQ&gpic=UID%3D00000bedf15d7e4f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MY3nY2oumkbWDhJ0CE5h_yMIHWWlw&prev_fmts=0x0%2C1200x280%2C373x280%2C373x280&nras=5&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=3841&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=Jq1tGrrtOg&p=https%3A//www.firmasec.com&dtd=47 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Fri, 21 Apr 2023 03:26:13 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	2403876656933901835 tpc.googlesyndication.com/simgad/ Frame 6A39	50 KB 50 KB	37ms 36ms	Image image/png	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/2403876656933901835?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qk7leM6iVQbA9gB6_KpvO3h0c46ww Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=280&adk=1166757697&adf=1123912271&pi=t.aa~a.1082735456~rp.4&w=373&fwrn=4&fwrnh=100&lmt=1682047573&rafmt=1&to=qs&pwprc=3732620310&format=373x280&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047573066&bpp=2&bdt=1716&idt=-M&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5bf94a9a783d80b-227c0c2a9fdd001f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MYZPNtzsT6Yhmg03jopYK6dzlW7SQ&gpic=UID%3D00000bedf15d7e4f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MY3nY2oumkbWDhJ0CE5h_yMIHWWlw&prev_fmts=0x0%2C1200x280%2C373x280&nras=4&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1017&ady=3239&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1wH98IpilB&p=https%3A//www.firmasec.com&dtd=34 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8fafc425299ee963a98ca64a51701a9ab8564dc3d9f982aa6882c94b38a6cd9e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 18 Apr 2023 05:13:11 GMT x-content-type-options nosniff age 252782 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 50700 x-xss-protection 0 last-modified Mon, 27 Feb 2023 07:18:24 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Wed, 17 Apr 2024 05:13:11 GMT
GET H3	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230418/r20110914/ Frame 6A39	21 KB 8 KB	114ms 113ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=280&adk=1166757697&adf=1123912271&pi=t.aa~a.1082735456~rp.4&w=373&fwrn=4&fwrnh=100&lmt=1682047573&rafmt=1&to=qs&pwprc=3732620310&format=373x280&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047573066&bpp=2&bdt=1716&idt=-M&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5bf94a9a783d80b-227c0c2a9fdd001f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MYZPNtzsT6Yhmg03jopYK6dzlW7SQ&gpic=UID%3D00000bedf15d7e4f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MY3nY2oumkbWDhJ0CE5h_yMIHWWlw&prev_fmts=0x0%2C1200x280%2C373x280&nras=4&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1017&ady=3239&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1wH98IpilB&p=https%3A//www.firmasec.com&dtd=34 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 03:26:13 GMT content-encoding br x-content-type-options nosniff age 0 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8535 x-xss-protection 0 server cafe etag 13968503839060854674 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 05 May 2023 03:26:13 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 6A39	3 KB 1 KB	46ms 40ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=280&adk=1166757697&adf=1123912271&pi=t.aa~a.1082735456~rp.4&w=373&fwrn=4&fwrnh=100&lmt=1682047573&rafmt=1&to=qs&pwprc=3732620310&format=373x280&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047573066&bpp=2&bdt=1716&idt=-M&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5bf94a9a783d80b-227c0c2a9fdd001f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MYZPNtzsT6Yhmg03jopYK6dzlW7SQ&gpic=UID%3D00000bedf15d7e4f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MY3nY2oumkbWDhJ0CE5h_yMIHWWlw&prev_fmts=0x0%2C1200x280%2C373x280&nras=4&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1017&ady=3239&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1wH98IpilB&p=https%3A//www.firmasec.com&dtd=34 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Thu, 20 Apr 2023 16:45:07 GMT content-encoding br x-content-type-options nosniff age 38466 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 04 May 2023 16:45:07 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 6A39	19 KB 8 KB	45ms 39ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=280&adk=1166757697&adf=1123912271&pi=t.aa~a.1082735456~rp.4&w=373&fwrn=4&fwrnh=100&lmt=1682047573&rafmt=1&to=qs&pwprc=3732620310&format=373x280&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047573066&bpp=2&bdt=1716&idt=-M&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5bf94a9a783d80b-227c0c2a9fdd001f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MYZPNtzsT6Yhmg03jopYK6dzlW7SQ&gpic=UID%3D00000bedf15d7e4f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MY3nY2oumkbWDhJ0CE5h_yMIHWWlw&prev_fmts=0x0%2C1200x280%2C373x280&nras=4&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1017&ady=3239&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1wH98IpilB&p=https%3A//www.firmasec.com&dtd=34 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Thu, 20 Apr 2023 16:45:05 GMT content-encoding br x-content-type-options nosniff age 38468 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8104 x-xss-protection 0 server cafe etag 11444945707709536616 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 04 May 2023 16:45:05 GMT
GET H3	204	l www.google.com/ads/measurement/ Frame 6A39	0 0	48ms 44ms	Image text/html	2a00:1450:4001:828::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaSBIKdJp4L0GINwMkkCf-cIRpPODNy-AdlXaL88vu4q6W_xP0WrtLzilYI2jfSvtDuM6f6LWSjunXkeYJRdICxtpb1ShQ Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=280&adk=1166757697&adf=1123912271&pi=t.aa~a.1082735456~rp.4&w=373&fwrn=4&fwrnh=100&lmt=1682047573&rafmt=1&to=qs&pwprc=3732620310&format=373x280&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047573066&bpp=2&bdt=1716&idt=-M&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5bf94a9a783d80b-227c0c2a9fdd001f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MYZPNtzsT6Yhmg03jopYK6dzlW7SQ&gpic=UID%3D00000bedf15d7e4f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MY3nY2oumkbWDhJ0CE5h_yMIHWWlw&prev_fmts=0x0%2C1200x280%2C373x280&nras=4&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1017&ady=3239&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1wH98IpilB&p=https%3A//www.firmasec.com&dtd=34 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 6A39	159 KB 49 KB	64ms 58ms	Script text/javascript	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=280&adk=1166757697&adf=1123912271&pi=t.aa~a.1082735456~rp.4&w=373&fwrn=4&fwrnh=100&lmt=1682047573&rafmt=1&to=qs&pwprc=3732620310&format=373x280&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047573066&bpp=2&bdt=1716&idt=-M&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5bf94a9a783d80b-227c0c2a9fdd001f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MYZPNtzsT6Yhmg03jopYK6dzlW7SQ&gpic=UID%3D00000bedf15d7e4f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MY3nY2oumkbWDhJ0CE5h_yMIHWWlw&prev_fmts=0x0%2C1200x280%2C373x280&nras=4&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1017&ady=3239&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1wH98IpilB&p=https%3A//www.firmasec.com&dtd=34 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 03:26:13 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 49672 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1681929791789681" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Fri, 21 Apr 2023 03:26:13 GMT
GET H3	200	one_click_handler_one_afma_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 6A39	32 KB 13 KB	45ms 41ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/one_click_handler_one_afma_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=280&adk=1166757697&adf=1123912271&pi=t.aa~a.1082735456~rp.4&w=373&fwrn=4&fwrnh=100&lmt=1682047573&rafmt=1&to=qs&pwprc=3732620310&format=373x280&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047573066&bpp=2&bdt=1716&idt=-M&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5bf94a9a783d80b-227c0c2a9fdd001f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MYZPNtzsT6Yhmg03jopYK6dzlW7SQ&gpic=UID%3D00000bedf15d7e4f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MY3nY2oumkbWDhJ0CE5h_yMIHWWlw&prev_fmts=0x0%2C1200x280%2C373x280&nras=4&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1017&ady=3239&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1wH98IpilB&p=https%3A//www.firmasec.com&dtd=34 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3e4e65e7db3c40d4bb9c16f3e85e1e7ed107d564d25c56e3170b38da5460506f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Thu, 20 Apr 2023 17:59:26 GMT content-encoding br x-content-type-options nosniff age 34007 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13160 x-xss-protection 0 server cafe etag 2897017380701680925 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 04 May 2023 17:59:26 GMT
GET H3	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230418/r20110914/ Frame 3E0B	21 KB 8 KB	194ms 190ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=3291041699&pi=t.aa~a.1259045259~rp.4&w=313&fwrn=4&fwrnh=100&lmt=1682047573&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047573066&bpp=1&bdt=1716&idt=-M&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5bf94a9a783d80b-227c0c2a9fdd001f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MYZPNtzsT6Yhmg03jopYK6dzlW7SQ&gpic=UID%3D00000bedf15d7e4f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MY3nY2oumkbWDhJ0CE5h_yMIHWWlw&prev_fmts=0x0%2C1200x280%2C373x280%2C373x280&nras=5&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=3841&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=Jq1tGrrtOg&p=https%3A//www.firmasec.com&dtd=47 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 03:26:13 GMT content-encoding br x-content-type-options nosniff age 0 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8535 x-xss-protection 0 server cafe etag 13968503839060854674 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 05 May 2023 03:26:13 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 3E0B	3 KB 1 KB	40ms 36ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=3291041699&pi=t.aa~a.1259045259~rp.4&w=313&fwrn=4&fwrnh=100&lmt=1682047573&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047573066&bpp=1&bdt=1716&idt=-M&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5bf94a9a783d80b-227c0c2a9fdd001f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MYZPNtzsT6Yhmg03jopYK6dzlW7SQ&gpic=UID%3D00000bedf15d7e4f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MY3nY2oumkbWDhJ0CE5h_yMIHWWlw&prev_fmts=0x0%2C1200x280%2C373x280%2C373x280&nras=5&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=3841&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=Jq1tGrrtOg&p=https%3A//www.firmasec.com&dtd=47 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Thu, 20 Apr 2023 16:45:07 GMT content-encoding br x-content-type-options nosniff age 38466 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 04 May 2023 16:45:07 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 3E0B	19 KB 8 KB	41ms 37ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=3291041699&pi=t.aa~a.1259045259~rp.4&w=313&fwrn=4&fwrnh=100&lmt=1682047573&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047573066&bpp=1&bdt=1716&idt=-M&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5bf94a9a783d80b-227c0c2a9fdd001f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MYZPNtzsT6Yhmg03jopYK6dzlW7SQ&gpic=UID%3D00000bedf15d7e4f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MY3nY2oumkbWDhJ0CE5h_yMIHWWlw&prev_fmts=0x0%2C1200x280%2C373x280%2C373x280&nras=5&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=3841&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=Jq1tGrrtOg&p=https%3A//www.firmasec.com&dtd=47 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Thu, 20 Apr 2023 16:45:05 GMT content-encoding br x-content-type-options nosniff age 38468 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8104 x-xss-protection 0 server cafe etag 11444945707709536616 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 04 May 2023 16:45:05 GMT
GET H3	204	l www.google.com/ads/measurement/ Frame 3E0B	0 0	48ms 45ms	Image text/html	2a00:1450:4001:828::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaQg-D_0Somxojj-lYbIyRCvu_gvLBbYnvgrd9cKEVM9ZDq5jgijLAh2nC6BxM_8TEmmQHKpiNKpP2lYvUUtQM_uvTjEHg Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=3291041699&pi=t.aa~a.1259045259~rp.4&w=313&fwrn=4&fwrnh=100&lmt=1682047573&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047573066&bpp=1&bdt=1716&idt=-M&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5bf94a9a783d80b-227c0c2a9fdd001f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MYZPNtzsT6Yhmg03jopYK6dzlW7SQ&gpic=UID%3D00000bedf15d7e4f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MY3nY2oumkbWDhJ0CE5h_yMIHWWlw&prev_fmts=0x0%2C1200x280%2C373x280%2C373x280&nras=5&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=3841&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=Jq1tGrrtOg&p=https%3A//www.firmasec.com&dtd=47 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 3E0B	159 KB 49 KB	53ms 50ms	Script text/javascript	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=3291041699&pi=t.aa~a.1259045259~rp.4&w=313&fwrn=4&fwrnh=100&lmt=1682047573&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047573066&bpp=1&bdt=1716&idt=-M&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5bf94a9a783d80b-227c0c2a9fdd001f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MYZPNtzsT6Yhmg03jopYK6dzlW7SQ&gpic=UID%3D00000bedf15d7e4f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MY3nY2oumkbWDhJ0CE5h_yMIHWWlw&prev_fmts=0x0%2C1200x280%2C373x280%2C373x280&nras=5&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=3841&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=Jq1tGrrtOg&p=https%3A//www.firmasec.com&dtd=47 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 03:26:13 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 49672 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1681929791789681" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Fri, 21 Apr 2023 03:26:13 GMT
GET H3	200	one_click_handler_one_afma_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 3E0B	32 KB 13 KB	42ms 38ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/one_click_handler_one_afma_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=3291041699&pi=t.aa~a.1259045259~rp.4&w=313&fwrn=4&fwrnh=100&lmt=1682047573&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047573066&bpp=1&bdt=1716&idt=-M&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5bf94a9a783d80b-227c0c2a9fdd001f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MYZPNtzsT6Yhmg03jopYK6dzlW7SQ&gpic=UID%3D00000bedf15d7e4f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MY3nY2oumkbWDhJ0CE5h_yMIHWWlw&prev_fmts=0x0%2C1200x280%2C373x280%2C373x280&nras=5&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=3841&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=Jq1tGrrtOg&p=https%3A//www.firmasec.com&dtd=47 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3e4e65e7db3c40d4bb9c16f3e85e1e7ed107d564d25c56e3170b38da5460506f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Thu, 20 Apr 2023 17:59:26 GMT content-encoding br x-content-type-options nosniff age 34007 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13160 x-xss-protection 0 server cafe etag 2897017380701680925 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 04 May 2023 17:59:26 GMT
GET H3	200	CJVz-q1y4QcI86kHGme05ne9YeJsi3pnNRBXtIEru_s.js Show response pagead2.googlesyndication.com/bg/ Frame 47AC	36 KB 14 KB	43ms 41ms	Script text/javascript	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/CJVz-q1y4QcI86kHGme05ne9YeJsi3pnNRBXtIEru_s.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=280&adk=4144480424&adf=2712143399&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1682047572&rafmt=1&to=qs&pwprc=3732620310&format=1200x280&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047571725&bpp=2&bdt=376&idt=450&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=90&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VdJ9OtQaeV&p=https%3A//www.firmasec.com&dtd=532 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 089573faad72e10708f3a9071a67b4e677bd61e26c8b7a67351057b4812bbbfb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 18 Apr 2023 06:46:42 GMT content-encoding br x-content-type-options nosniff age 247171 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14219 x-xss-protection 0 last-modified Mon, 17 Apr 2023 14:08:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 17 Apr 2024 06:46:42 GMT
GET H3	200	adview googleads.g.doubleclick.net/pagead/ Frame 6A39	0 0	93ms 89ms	Fetch text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/adview?ai=CC4IWVQJCZPjKB4OGrAT26oegCcv_6O9v-KXNlL0RweKxm8wIEAEgjs3CDWCV4pCCoAegAYKBlYgDyAECqQK3Fkp6v6prPqgDAcgDyQSqBMwBT9AvyXO2qTrgRtUREOTjdTK2cgyw0ty1mYnWCL4P_UJqFxM3lUl4KX6OGlVL_AN51hiEdxDL-_lQMe7QjJwQX43MY2lsGB_lOAG9xg3IZxcK4R7V6FCJxcLj7LTu5e_ABhGA9Q_UBv69d_tBRd0wg7kV3naK_K1vqENovkm2-wMwpFRpTPYL5DQSMjqkOeI4wLUIci7Oo-BvkTTr2qKmEu1QtIEzv81bAK7PUOVRIDj1XQX1yQEEa9OIBt4EbgfFTPtQYQtb-5dA5tXbwASntPSVkQSSBQQIBBgBkgUECAUYBKAGAoAH5v7qd6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEL39A9IIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTc0MDMzMjcyNTQ4MDc3MTYYAA&sigh=7R6gfaW5Kyk&uach_m=[UACH]&cid=CAQSPABygQiDT3qoTnS0-baG5WISW7poQAY-63Cs3NEOecuwjaCe-WTUWU7euiebnwis-YQ_jRtI1_qrDyJWrxgB Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=280&adk=1166757697&adf=1123912271&pi=t.aa~a.1082735456~rp.4&w=373&fwrn=4&fwrnh=100&lmt=1682047573&rafmt=1&to=qs&pwprc=3732620310&format=373x280&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047573066&bpp=2&bdt=1716&idt=-M&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5bf94a9a783d80b-227c0c2a9fdd001f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MYZPNtzsT6Yhmg03jopYK6dzlW7SQ&gpic=UID%3D00000bedf15d7e4f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MY3nY2oumkbWDhJ0CE5h_yMIHWWlw&prev_fmts=0x0%2C1200x280%2C373x280&nras=4&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1017&ady=3239&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1wH98IpilB&p=https%3A//www.firmasec.com&dtd=34 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=280&adk=1166757697&adf=1123912271&pi=t.aa~a.1082735456~rp.4&w=373&fwrn=4&fwrnh=100&lmt=1682047573&rafmt=1&to=qs&pwprc=3732620310&format=373x280&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047573066&bpp=2&bdt=1716&idt=-M&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5bf94a9a783d80b-227c0c2a9fdd001f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MYZPNtzsT6Yhmg03jopYK6dzlW7SQ&gpic=UID%3D00000bedf15d7e4f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MY3nY2oumkbWDhJ0CE5h_yMIHWWlw&prev_fmts=0x0%2C1200x280%2C373x280&nras=4&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1017&ady=3239&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1wH98IpilB&p=https%3A//www.firmasec.com&dtd=34 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Fri, 21 Apr 2023 03:26:13 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	css2 fonts.googleapis.com/ Frame 45C1	4 KB 632 B	55ms 55ms	Stylesheet text/css	2a00:1450:4001:811::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 1ae367420c242e83f64dd6cba96fca46a5285d40116c0e849c7752d40303c1ab Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 21 Apr 2023 03:26:13 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 21 Apr 2023 01:55:51 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 21 Apr 2023 03:26:13 GMT
GET H2	200	feedback_grey600_24dp.png www.gstatic.com/images/icons/material/system/2x/ Frame 45C1	205 B 518 B	49ms 41ms	Image image/png	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 03:06:08 GMT x-content-type-options nosniff age 1205 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 205 x-xss-protection 0 last-modified Tue, 22 Oct 2019 18:15:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Sat, 20 Apr 2024 03:06:08 GMT
GET H2	200	settings_grey600_24dp.png www.gstatic.com/images/icons/material/system/2x/ Frame 45C1	604 B 694 B	50ms 42ms	Image image/png	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 03:01:09 GMT x-content-type-options nosniff age 1504 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 604 x-xss-protection 0 last-modified Tue, 22 Oct 2019 18:15:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Sat, 20 Apr 2024 03:01:09 GMT
GET H3	200	interstitial_ad_frame_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230418/r20110914/elements/html/ Frame 45C1	19 KB 8 KB	51ms 46ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/elements/html/interstitial_ad_frame_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c5663a1ab2a975aedc88dbbf644d92980a966b614286321a39baac756077b738 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Thu, 20 Apr 2023 17:01:53 GMT content-encoding br x-content-type-options nosniff age 37460 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8167 x-xss-protection 0 server cafe etag 3140062999518874537 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 04 May 2023 17:01:53 GMT
GET H3	200	adview googleads.g.doubleclick.net/pagead/ Frame 9EC5	0 0	91ms 89ms	Fetch text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/adview?ai=CuboGVQJCZIyOB8Tb3wOtpLz4BpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTc0MDMzMjcyNTQ4MDc3MTbIAQmpArhJv7UzZ7I-qAMBqgS_AU_QztWZlpEw3VzpNQvXrMAuCu3Y5wPF1ytdzSCvvQEoCVgQL75Z5AnunPfvD1ZbF471twWRKjGwMVU6RU2OHWIO-Op0Gl5mJRmCks97COCaNH7JEeGgIKFF-twIzgUZPQOJWYblg0_ZWrgHYPrHcWpCKO6qeFGbL0P26VwcRODP_asdSJVnANk1Yd_AMsrjcjezw6DMGL1FOMuRKrGCQU4JSBZNXYnq0yRb09GxuDMCm1wxVg5aPEog7l1G7WvUgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi03NDAzMzI3MjU0ODA3NzE2GAA&sigh=BMst2i8SJpg&uach_m=[UACH]&cid=CAQSPABygQiDxUWMdo0LXTQ8AtxvO3tx7r9MNb75G3e05hx1Lgj_ZxJNP-85EMCLTV6IlvK-28cX6X11Q5deHxgB Requested by Host: www.firmasec.com URL: https://www.firmasec.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=280&adk=1166757697&adf=2158498679&pi=t.aa~a.1082746971~rp.4&w=373&fwrn=4&fwrnh=100&lmt=1682047573&rafmt=1&to=qs&pwprc=3732620310&format=373x280&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047573066&bpp=1&bdt=1717&idt=-M&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5bf94a9a783d80b-227c0c2a9fdd001f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MYZPNtzsT6Yhmg03jopYK6dzlW7SQ&gpic=UID%3D00000bedf15d7e4f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MY3nY2oumkbWDhJ0CE5h_yMIHWWlw&prev_fmts=0x0%2C1200x280&nras=3&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1017&ady=2594&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=RM1MWD9jzd&p=https%3A//www.firmasec.com&dtd=26 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Fri, 21 Apr 2023 03:26:13 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H2	204	winResponse prod-rtb.ad4mat.net/ Frame 9EC5	0 0	95ms 21ms	Fetch image/gif	2600:1901:0:76b9:: GOOGLE
General Check archive.org Show headers Download Go to Full URL https://prod-rtb.ad4mat.net/winResponse?a=1jjcp71g57p4c8hxc1s602h5tepzbybyg2whe4h2tvq1hpbrxn8cxxz0sw8t4dpbh3hzw61g8mgte89520xhe8vgxkv4s4w5x6w0ydnfswrdvcf2yy1gv98zyda1m3va30jzf8erabmtdthfvqewxqyr3n462fhgwqba1dr089sa88p2jy2a1e76ccmecpv2zbmee91vn1y5yq0fn3ctpr1q7h50tqd8hqjgzwr4qfbzdpc3ch3r8fa8p1e4n8p9c7npv2q4kvb4az0yb621ab9014qyvd1sdk50wtw5s9968xnv0p32xzdrx9wgnc4szsj37pjnf70j4pfwzkat9x4xarydkhq0jd681srjjd7kc2ry2m85b7jbydqar1pqbwepnbxwykxj220&b=ZEICVQABxwwKd-3EAA8SLQWYEDa5Sk5p57hPNA Requested by Host: www.firmasec.com URL: https://www.firmasec.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers access-control-allow-origin * date Fri, 21 Apr 2023 03:26:13 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-type image/gif
GET H2	200	dr Show response as.ad4m.at/ad/ Frame F749	2 KB 3 KB	76ms 34ms	Document text/html	2606:4700:20::681a:ad1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://as.ad4m.at/ad/dr?ed=1hm7hvczzfy0prqwqv6z3wdyd1mcjzr4mk6xhvd422wweqe7njs3fz99f49a9z4cek2x9t3gff7p9mt06jcx3z7mh1tzbba0b24z5wq8dtzzy4eyxk92825e1arap0b2jbsvkf707rvzmgx5m8vsg7jgktv2tvnzh9wn2wfdefyg7pw0aqegqbhrkpxyvwzvjze04myg85a9cge0b8hwd4azy0zkfpcy3269hqbt9herc3cn72z38zcq3jb36sr0wekgkvswa0n36vn4nr7nz6mnp8xx8801prw9sd12ejteac5hb6fbr4608znhmbxz3mkdpndyf9smcm4ct4mdsqctn5g9z38gg87g5y3b20py8f95g5dqs5hxp351gqy86c1mz420avg816cz7ngzenwpk2z5mj46fm8gjjhxsrvcd65056tf07fey2srpdk60e10vj22kg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEpqiVQJCZIyOB8Tb3wOtpLz4BpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTc0MDMzMjcyNTQ4MDc3MTbIAQmpArhJv7UzZ7I-qAMBqgTCAU_QztWZlpEw3VzpNQvXrMAuCu3Y5wPF1ytdzSCvvQEoCVgQL75Z5AnunPfvD1ZbF471twWRKjGwMVU6RU2OHWIO-Op0Gl5mJRmCks97COCaNH7JEeGgIKFF-twIzgUZPQOJWYblg0_ZWrgHYPrHcWpCKO6qeFGbL0P26VwcRODP_asdSJVnANk1Yd_AMsrjcjezw6DMGL1FOImTCyNVuMlJgJEFy1OjQdZix9scsh0aRtzzH5yiqFQM9oiaciscS2kwgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_26L8L72G14jB7OIbXKoEYl3WpQWQ%26client%3Dca-pub-7403327254807716%26adurl%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=280&adk=1166757697&adf=2158498679&pi=t.aa~a.1082746971~rp.4&w=373&fwrn=4&fwrnh=100&lmt=1682047573&rafmt=1&to=qs&pwprc=3732620310&format=373x280&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047573066&bpp=1&bdt=1717&idt=-M&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5bf94a9a783d80b-227c0c2a9fdd001f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MYZPNtzsT6Yhmg03jopYK6dzlW7SQ&gpic=UID%3D00000bedf15d7e4f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MY3nY2oumkbWDhJ0CE5h_yMIHWWlw&prev_fmts=0x0%2C1200x280&nras=3&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1017&ady=2594&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=RM1MWD9jzd&p=https%3A//www.firmasec.com&dtd=26 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 10b0acf5de69040a5f956a3c56b5edde114d292b9e121d142282abf9cb3e16a8 Security Headers Name Value Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none' Strict-Transport-Security max-age=86400; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate, proxy-revalidate cf-cache-status DYNAMIC cf-ray 7bb286370f3e9bd0-FRA content-encoding br content-security-policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none' content-type text/html; charset=utf-8 cross-origin-embedder-policy unsafe-none cross-origin-opener-policy unsafe-none cross-origin-resource-policy cross-origin date Fri, 21 Apr 2023 03:26:13 GMT expires 0 feature-policy geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self' nel {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true} pragma no-cache referrer-policy same-origin report-to {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400} server cloudflare strict-transport-security max-age=86400; includeSubDomains; preload surrogate-control no-store vary accept-encoding via 1.1 google x-content-type-options nosniff x-download-options noopen x-xss-protection 1; mode=block
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 9EC5	3 KB 1 KB	43ms 41ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=280&adk=1166757697&adf=2158498679&pi=t.aa~a.1082746971~rp.4&w=373&fwrn=4&fwrnh=100&lmt=1682047573&rafmt=1&to=qs&pwprc=3732620310&format=373x280&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047573066&bpp=1&bdt=1717&idt=-M&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5bf94a9a783d80b-227c0c2a9fdd001f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MYZPNtzsT6Yhmg03jopYK6dzlW7SQ&gpic=UID%3D00000bedf15d7e4f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MY3nY2oumkbWDhJ0CE5h_yMIHWWlw&prev_fmts=0x0%2C1200x280&nras=3&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1017&ady=2594&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=RM1MWD9jzd&p=https%3A//www.firmasec.com&dtd=26 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Thu, 20 Apr 2023 16:45:07 GMT content-encoding br x-content-type-options nosniff age 38466 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 04 May 2023 16:45:07 GMT
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame 78BB	1 KB 643 B	79ms 73ms	Document text/html	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=280&adk=1166757697&adf=2158498679&pi=t.aa~a.1082746971~rp.4&w=373&fwrn=4&fwrnh=100&lmt=1682047573&rafmt=1&to=qs&pwprc=3732620310&format=373x280&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047573066&bpp=1&bdt=1717&idt=-M&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5bf94a9a783d80b-227c0c2a9fdd001f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MYZPNtzsT6Yhmg03jopYK6dzlW7SQ&gpic=UID%3D00000bedf15d7e4f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MY3nY2oumkbWDhJ0CE5h_yMIHWWlw&prev_fmts=0x0%2C1200x280&nras=3&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1017&ady=2594&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=RM1MWD9jzd&p=https%3A//www.firmasec.com&dtd=26 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=86400 content-encoding br content-length 618 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 21 Apr 2023 03:26:13 GMT etag 48472445140208031 expires Sat, 22 Apr 2023 03:26:13 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 9EC5	19 KB 8 KB	45ms 40ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=280&adk=1166757697&adf=2158498679&pi=t.aa~a.1082746971~rp.4&w=373&fwrn=4&fwrnh=100&lmt=1682047573&rafmt=1&to=qs&pwprc=3732620310&format=373x280&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047573066&bpp=1&bdt=1717&idt=-M&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5bf94a9a783d80b-227c0c2a9fdd001f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MYZPNtzsT6Yhmg03jopYK6dzlW7SQ&gpic=UID%3D00000bedf15d7e4f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MY3nY2oumkbWDhJ0CE5h_yMIHWWlw&prev_fmts=0x0%2C1200x280&nras=3&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1017&ady=2594&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=RM1MWD9jzd&p=https%3A//www.firmasec.com&dtd=26 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Thu, 20 Apr 2023 16:45:05 GMT content-encoding br x-content-type-options nosniff age 38468 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8104 x-xss-protection 0 server cafe etag 11444945707709536616 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 04 May 2023 16:45:05 GMT
GET H3	204	l www.google.com/ads/measurement/ Frame 9EC5	0 0	62ms 57ms	Image text/html	2a00:1450:4001:828::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ0ShGY3MhhrOd9ZhS8aaB9tTjpYgPmNiVibsZdHLu_HZXw8WHAwCoBIRDzjXqX9DeEEvEaHqKAPipw1OnBdIujySQuoA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=280&adk=1166757697&adf=2158498679&pi=t.aa~a.1082746971~rp.4&w=373&fwrn=4&fwrnh=100&lmt=1682047573&rafmt=1&to=qs&pwprc=3732620310&format=373x280&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047573066&bpp=1&bdt=1717&idt=-M&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5bf94a9a783d80b-227c0c2a9fdd001f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MYZPNtzsT6Yhmg03jopYK6dzlW7SQ&gpic=UID%3D00000bedf15d7e4f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MY3nY2oumkbWDhJ0CE5h_yMIHWWlw&prev_fmts=0x0%2C1200x280&nras=3&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1017&ady=2594&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=RM1MWD9jzd&p=https%3A//www.firmasec.com&dtd=26 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 9EC5	159 KB 49 KB	75ms 70ms	Script text/javascript	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=280&adk=1166757697&adf=2158498679&pi=t.aa~a.1082746971~rp.4&w=373&fwrn=4&fwrnh=100&lmt=1682047573&rafmt=1&to=qs&pwprc=3732620310&format=373x280&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047573066&bpp=1&bdt=1717&idt=-M&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5bf94a9a783d80b-227c0c2a9fdd001f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MYZPNtzsT6Yhmg03jopYK6dzlW7SQ&gpic=UID%3D00000bedf15d7e4f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MY3nY2oumkbWDhJ0CE5h_yMIHWWlw&prev_fmts=0x0%2C1200x280&nras=3&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1017&ady=2594&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=RM1MWD9jzd&p=https%3A//www.firmasec.com&dtd=26 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 03:26:13 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 49672 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1681929791789681" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Fri, 21 Apr 2023 03:26:13 GMT
GET H3	200	s Show response googleads.g.doubleclick.net/pagead/drt/ Frame 6F8E	143 B 166 B	48ms 47ms	Document text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=2394730556&pi=t.aa~a.1259055193~rp.4&w=313&fwrn=4&fwrnh=100&lmt=1682047573&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047573066&bpp=2&bdt=1717&idt=2&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5bf94a9a783d80b-227c0c2a9fdd001f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MYZPNtzsT6Yhmg03jopYK6dzlW7SQ&gpic=UID%3D00000bedf15d7e4f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MY3nY2oumkbWDhJ0CE5h_yMIHWWlw&prev_fmts=0x0%2C1200x280%2C373x280%2C373x280%2C313x250&nras=6&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=4561&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=oThMqoEB4w&p=https%3A//www.firmasec.com&dtd=56 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=2394730556&pi=t.aa~a.1259055193~rp.4&w=313&fwrn=4&fwrnh=100&lmt=1682047573&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047573066&bpp=2&bdt=1717&idt=2&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5bf94a9a783d80b-227c0c2a9fdd001f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MYZPNtzsT6Yhmg03jopYK6dzlW7SQ&gpic=UID%3D00000bedf15d7e4f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MY3nY2oumkbWDhJ0CE5h_yMIHWWlw&prev_fmts=0x0%2C1200x280%2C373x280%2C373x280%2C313x250&nras=6&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=4561&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=oThMqoEB4w&p=https%3A//www.firmasec.com&dtd=56 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 1488 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=3600 content-encoding gzip content-length 145 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 21 Apr 2023 03:01:25 GMT server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	redir.html Show response p4-fpaqhpxkw2bgg-5mckcx6eriysypxn-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 24E1	247 B 868 B	192ms 44ms	Document text/html	142.250.185.163 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://p4-fpaqhpxkw2bgg-5mckcx6eriysypxn-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=2394730556&pi=t.aa~a.1259055193~rp.4&w=313&fwrn=4&fwrnh=100&lmt=1682047573&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047573066&bpp=2&bdt=1717&idt=2&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5bf94a9a783d80b-227c0c2a9fdd001f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MYZPNtzsT6Yhmg03jopYK6dzlW7SQ&gpic=UID%3D00000bedf15d7e4f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MY3nY2oumkbWDhJ0CE5h_yMIHWWlw&prev_fmts=0x0%2C1200x280%2C373x280%2C373x280%2C313x250&nras=6&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=4561&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=oThMqoEB4w&p=https%3A//www.firmasec.com&dtd=56 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.163 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f3.1e100.net Software sffe / Resource Hash ea980601c171a506224ef7f64c88daddfc7e4b61e4ef5e6ab2f9d87da7378c6a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, must-revalidate content-encoding gzip content-length 203 content-security-policy-report-only script-src 'nonce-Jp0haUCrmPSqxIF3YI9a2g' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none' content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" cross-origin-resource-policy cross-origin date Fri, 21 Apr 2023 03:26:13 GMT expires Fri, 01 Jan 1990 00:00:00 GMT last-modified Mon, 02 Dec 2019 20:15:00 GMT pragma no-cache report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	css fonts.googleapis.com/ Frame 8B93	8 KB 893 B	57ms 50ms	Stylesheet text/css	2a00:1450:4001:811::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 21 Apr 2023 03:26:13 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 21 Apr 2023 02:02:12 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 21 Apr 2023 03:26:13 GMT
GET H3	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 8B93	2 KB 765 B	172ms 156ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 03:26:13 GMT content-encoding br x-content-type-options nosniff age 0 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 738 x-xss-protection 0 server cafe etag 1394486882873449110 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 05 May 2023 03:26:13 GMT
GET H3	200	adview googleads.g.doubleclick.net/pagead/ Frame 8B93	0 0	103ms 83ms	Fetch text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/adview?ai=CgCVPVAJCZJXnC5eg3wO07qWYBMaA7-5vkaiv6qoRloLNhYgWEAEgjs3CDWCV4pCCoAegAd6GkKkCyAEJqQK4Sb-1M2eyPqgDAcgDywSqBNoBT9BqSpZVKjZ4GljtOd2kp1dh1MPlAt2tbaHCj8GS1JffFQmZJ9zrJFQu0CEVtUlBf8wSgKqnzXlxmnrWNOsa4pU11Bm2jwsMn6-0rROad5I0Qj-TE8GyiugVGGW-JzV3vP_jUABXvE7ReNoliEQD-pFcaJZrx0IQ6K9EcICxUFEqkhs5b4b9Jwm5vhqC5pRtGhtR11vfJ496Dk8W3-D12K9wtu7sdtqBdvhruduJqeSeeEFHkJc3VKqN53asB2W4_PGp3kVxJI-5Wbt3P9evVxwLuI7SQpscyGfABPvytqimBJIFBAgEGAGSBQQIBRgEoAYugAeK-e_WAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEObcLNIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BML0BUBgBcBshccChoIABIUcHViLTc0MDMzMjcyNTQ4MDc3MTYYAA&sigh=2SLTdabGhKA&uach_m=[UACH]&cid=CAQSGwBygQiDFxhFFxUaC4Vy4OosMs16L7bBKYDQtRgB&template_id=5000 Requested by Host: www.firmasec.com URL: https://www.firmasec.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Fri, 21 Apr 2023 03:26:13 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230418/r20110914/ Frame 8B93	21 KB 8 KB	179ms 159ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 03:26:13 GMT content-encoding br x-content-type-options nosniff age 0 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8535 x-xss-protection 0 server cafe etag 13968503839060854674 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 05 May 2023 03:26:13 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 8B93	3 KB 1 KB	62ms 41ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Thu, 20 Apr 2023 16:45:07 GMT content-encoding br x-content-type-options nosniff age 38466 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 04 May 2023 16:45:07 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 8B93	19 KB 8 KB	62ms 41ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Thu, 20 Apr 2023 16:45:05 GMT content-encoding br x-content-type-options nosniff age 38468 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8104 x-xss-protection 0 server cafe etag 11444945707709536616 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 04 May 2023 16:45:05 GMT
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 8B93	159 KB 49 KB	86ms 65ms	Script text/javascript	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 03:26:13 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 49672 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1681929791789681" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Fri, 21 Apr 2023 03:26:13 GMT
GET H3	200	f8970ecc2196f374e9d99027c476dd6b.js Show response www.gstatic.com/mysidia/ Frame 8B93	32 KB 13 KB	66ms 45ms	Script text/javascript	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/f8970ecc2196f374e9d99027c476dd6b.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 56cb66844b6e4806082b345cc9bf870b3e2493a6f4e277b865d85666f0fac439 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Thu, 20 Apr 2023 03:40:25 GMT content-encoding gzip x-content-type-options nosniff age 85548 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13747 x-xss-protection 0 last-modified Tue, 18 Apr 2023 02:08:12 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Wed, 19 Jul 2023 03:40:25 GMT
GET H3	200	14763004658117789537 tpc.googlesyndication.com/simgad/10024788175965285895/ Frame 8B93	25 KB 25 KB	66ms 57ms	Image image/jpeg	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/10024788175965285895/14763004658117789537?w=400&h=209 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash af3e573b6c72959f5e2d6812bb2e4e202a539b027d93b86a565618e98facecc3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Wed, 19 Apr 2023 11:42:19 GMT x-content-type-options nosniff age 143034 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 25290 x-xss-protection 0 last-modified Thu, 02 Mar 2023 14:25:04 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Thu, 18 Apr 2024 11:42:19 GMT
GET DATA	200 OK	truncated / Frame 8B93	209 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated / Frame 8B93	206 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Content-Type image/svg+xml
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame B662	1 KB 643 B	86ms 78ms	Document text/html	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=2394730556&pi=t.aa~a.1259055193~rp.4&w=313&fwrn=4&fwrnh=100&lmt=1682047573&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047573066&bpp=2&bdt=1717&idt=2&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5bf94a9a783d80b-227c0c2a9fdd001f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MYZPNtzsT6Yhmg03jopYK6dzlW7SQ&gpic=UID%3D00000bedf15d7e4f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MY3nY2oumkbWDhJ0CE5h_yMIHWWlw&prev_fmts=0x0%2C1200x280%2C373x280%2C373x280%2C313x250&nras=6&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=4561&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=oThMqoEB4w&p=https%3A//www.firmasec.com&dtd=56 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=86400 content-encoding br content-length 618 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 21 Apr 2023 03:26:13 GMT etag 48472445140208031 expires Sat, 22 Apr 2023 03:26:13 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET DATA	200 OK	truncated / Frame C30F	216 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d6e1a27393b749203d2ddfafdf37290b638acc1aac200fcd8e0df63d33bed8e3 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Content-Type image/png
GET H2	200	default.css as.ad4m.at/ad/style/0.1.39/one-ad/ Frame F749	94 KB 12 KB	26ms 19ms	Stylesheet text/css	2606:4700:20::681a:ad1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://as.ad4m.at/ad/style/0.1.39/one-ad/default.css Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/dr?ed=1hm7hvczzfy0prqwqv6z3wdyd1mcjzr4mk6xhvd422wweqe7njs3fz99f49a9z4cek2x9t3gff7p9mt06jcx3z7mh1tzbba0b24z5wq8dtzzy4eyxk92825e1arap0b2jbsvkf707rvzmgx5m8vsg7jgktv2tvnzh9wn2wfdefyg7pw0aqegqbhrkpxyvwzvjze04myg85a9cge0b8hwd4azy0zkfpcy3269hqbt9herc3cn72z38zcq3jb36sr0wekgkvswa0n36vn4nr7nz6mnp8xx8801prw9sd12ejteac5hb6fbr4608znhmbxz3mkdpndyf9smcm4ct4mdsqctn5g9z38gg87g5y3b20py8f95g5dqs5hxp351gqy86c1mz420avg816cz7ngzenwpk2z5mj46fm8gjjhxsrvcd65056tf07fey2srpdk60e10vj22kg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEpqiVQJCZIyOB8Tb3wOtpLz4BpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTc0MDMzMjcyNTQ4MDc3MTbIAQmpArhJv7UzZ7I-qAMBqgTCAU_QztWZlpEw3VzpNQvXrMAuCu3Y5wPF1ytdzSCvvQEoCVgQL75Z5AnunPfvD1ZbF471twWRKjGwMVU6RU2OHWIO-Op0Gl5mJRmCks97COCaNH7JEeGgIKFF-twIzgUZPQOJWYblg0_ZWrgHYPrHcWpCKO6qeFGbL0P26VwcRODP_asdSJVnANk1Yd_AMsrjcjezw6DMGL1FOImTCyNVuMlJgJEFy1OjQdZix9scsh0aRtzzH5yiqFQM9oiaciscS2kwgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_26L8L72G14jB7OIbXKoEYl3WpQWQ%26client%3Dca-pub-7403327254807716%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d Request headers accept-language de-DE,de;q=0.9 Referer https://as.ad4m.at/ad/dr?ed=1hm7hvczzfy0prqwqv6z3wdyd1mcjzr4mk6xhvd422wweqe7njs3fz99f49a9z4cek2x9t3gff7p9mt06jcx3z7mh1tzbba0b24z5wq8dtzzy4eyxk92825e1arap0b2jbsvkf707rvzmgx5m8vsg7jgktv2tvnzh9wn2wfdefyg7pw0aqegqbhrkpxyvwzvjze04myg85a9cge0b8hwd4azy0zkfpcy3269hqbt9herc3cn72z38zcq3jb36sr0wekgkvswa0n36vn4nr7nz6mnp8xx8801prw9sd12ejteac5hb6fbr4608znhmbxz3mkdpndyf9smcm4ct4mdsqctn5g9z38gg87g5y3b20py8f95g5dqs5hxp351gqy86c1mz420avg816cz7ngzenwpk2z5mj46fm8gjjhxsrvcd65056tf07fey2srpdk60e10vj22kg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEpqiVQJCZIyOB8Tb3wOtpLz4BpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTc0MDMzMjcyNTQ4MDc3MTbIAQmpArhJv7UzZ7I-qAMBqgTCAU_QztWZlpEw3VzpNQvXrMAuCu3Y5wPF1ytdzSCvvQEoCVgQL75Z5AnunPfvD1ZbF471twWRKjGwMVU6RU2OHWIO-Op0Gl5mJRmCks97COCaNH7JEeGgIKFF-twIzgUZPQOJWYblg0_ZWrgHYPrHcWpCKO6qeFGbL0P26VwcRODP_asdSJVnANk1Yd_AMsrjcjezw6DMGL1FOImTCyNVuMlJgJEFy1OjQdZix9scsh0aRtzzH5yiqFQM9oiaciscS2kwgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_26L8L72G14jB7OIbXKoEYl3WpQWQ%26client%3Dca-pub-7403327254807716%26adurl%3D User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 03:26:13 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-goog-meta-goog-reserved-file-mtime 1681210094 age 836492 cf-polished origSize=96968 x-guploader-uploadid ADPycdvBbBiAc2P41l3MPJ5-hXFPGXaQa8w7XhcYj92Xp8MLJ9mGx2Nxcd1NoISwl-CtOMwuiwBdZgqbw_DNCnSmQ168J3QFTvKy x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-bgj minify last-modified Tue, 11 Apr 2023 10:48:50 GMT server cloudflare etag W/"6110dc3a24c902508647a582294bcc25" vary Accept-Encoding x-goog-generation 1681210130860508 content-type text/css x-goog-hash crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ== cache-control public, max-age=3600 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5bACwsbODR5yDWIF9MLiUPEJWNp7OSY5tgCn33wYKs1ZUF5jC5ZnFHf%2BVupuS8mmlUXY8TjM1RYWjSRp1Ya1%2F2S7nKOOimZEoRWMkBWXGgibEsjBGgY1H4RQ%2FVGKmZXRyOvYhMXi65s%3D"}],"group":"cf-nel","max_age":604800} x-goog-stored-content-length 96968 cf-ray 7bb28637eff19bd0-FRA expires Fri, 21 Apr 2023 04:26:13 GMT
GET H2	200	r62eglto.js Show response ad4m.at/ Frame F749	25 KB 10 KB	63ms 29ms	Script application/javascript	2606:4700:20::681a:ad1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/r62eglto.js Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/dr?ed=1hm7hvczzfy0prqwqv6z3wdyd1mcjzr4mk6xhvd422wweqe7njs3fz99f49a9z4cek2x9t3gff7p9mt06jcx3z7mh1tzbba0b24z5wq8dtzzy4eyxk92825e1arap0b2jbsvkf707rvzmgx5m8vsg7jgktv2tvnzh9wn2wfdefyg7pw0aqegqbhrkpxyvwzvjze04myg85a9cge0b8hwd4azy0zkfpcy3269hqbt9herc3cn72z38zcq3jb36sr0wekgkvswa0n36vn4nr7nz6mnp8xx8801prw9sd12ejteac5hb6fbr4608znhmbxz3mkdpndyf9smcm4ct4mdsqctn5g9z38gg87g5y3b20py8f95g5dqs5hxp351gqy86c1mz420avg816cz7ngzenwpk2z5mj46fm8gjjhxsrvcd65056tf07fey2srpdk60e10vj22kg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEpqiVQJCZIyOB8Tb3wOtpLz4BpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTc0MDMzMjcyNTQ4MDc3MTbIAQmpArhJv7UzZ7I-qAMBqgTCAU_QztWZlpEw3VzpNQvXrMAuCu3Y5wPF1ytdzSCvvQEoCVgQL75Z5AnunPfvD1ZbF471twWRKjGwMVU6RU2OHWIO-Op0Gl5mJRmCks97COCaNH7JEeGgIKFF-twIzgUZPQOJWYblg0_ZWrgHYPrHcWpCKO6qeFGbL0P26VwcRODP_asdSJVnANk1Yd_AMsrjcjezw6DMGL1FOImTCyNVuMlJgJEFy1OjQdZix9scsh0aRtzzH5yiqFQM9oiaciscS2kwgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_26L8L72G14jB7OIbXKoEYl3WpQWQ%26client%3Dca-pub-7403327254807716%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2d5e67a38c9a11424cac19ce192c9fd124a6d74e64d3791a01561dbd3e39c0b4 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 03:26:13 GMT content-encoding br cf-cache-status HIT last-modified Tue, 14 Mar 2023 13:45:21 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 222024 etag W/"fcb2a26b07bd76d9a925cae661d6d94d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VTwtZWBE6DIIvF6MJwZMyl%2Fm6%2BSP3ZNzY%2BCP6ptUQ905PN3AISVbZ71n1VbHhQF6zV%2BtrylPcITcVbBINb3W1mATCQ2%2B%2B75gXutNsavNSIgvD4MjMmZIY7ZYTrqPSMmlxeg%2FG1M%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control public, max-age=3600, must-revalidate, stale-while-revalidate=300 cf-ray 7bb28638180e9bd0-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Tue, 18 Apr 2023 13:45:45 GMT
GET DATA	200 OK	truncated / Frame 9EC5	210 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash f6cd2cf3eaf2a61f8df53e0fd00830e37cd3717439babefa051e2eafbd6a9495 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Content-Type image/png
GET H3	200	s Show response googleads.g.doubleclick.net/pagead/drt/ Frame C0F6	143 B 166 B	74ms 52ms	Document text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=280&adk=1166757697&adf=1123912271&pi=t.aa~a.1082735456~rp.4&w=373&fwrn=4&fwrnh=100&lmt=1682047573&rafmt=1&to=qs&pwprc=3732620310&format=373x280&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047573066&bpp=2&bdt=1716&idt=-M&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5bf94a9a783d80b-227c0c2a9fdd001f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MYZPNtzsT6Yhmg03jopYK6dzlW7SQ&gpic=UID%3D00000bedf15d7e4f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MY3nY2oumkbWDhJ0CE5h_yMIHWWlw&prev_fmts=0x0%2C1200x280%2C373x280&nras=4&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1017&ady=3239&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1wH98IpilB&p=https%3A//www.firmasec.com&dtd=34 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=280&adk=1166757697&adf=1123912271&pi=t.aa~a.1082735456~rp.4&w=373&fwrn=4&fwrnh=100&lmt=1682047573&rafmt=1&to=qs&pwprc=3732620310&format=373x280&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047573066&bpp=2&bdt=1716&idt=-M&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5bf94a9a783d80b-227c0c2a9fdd001f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MYZPNtzsT6Yhmg03jopYK6dzlW7SQ&gpic=UID%3D00000bedf15d7e4f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MY3nY2oumkbWDhJ0CE5h_yMIHWWlw&prev_fmts=0x0%2C1200x280%2C373x280&nras=4&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1017&ady=3239&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1wH98IpilB&p=https%3A//www.firmasec.com&dtd=34 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 1489 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=3600 content-encoding gzip content-length 145 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 21 Apr 2023 03:01:25 GMT server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame 27AD	1 KB 643 B	92ms 71ms	Document text/html	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=280&adk=1166757697&adf=1123912271&pi=t.aa~a.1082735456~rp.4&w=373&fwrn=4&fwrnh=100&lmt=1682047573&rafmt=1&to=qs&pwprc=3732620310&format=373x280&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047573066&bpp=2&bdt=1716&idt=-M&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5bf94a9a783d80b-227c0c2a9fdd001f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MYZPNtzsT6Yhmg03jopYK6dzlW7SQ&gpic=UID%3D00000bedf15d7e4f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MY3nY2oumkbWDhJ0CE5h_yMIHWWlw&prev_fmts=0x0%2C1200x280%2C373x280&nras=4&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1017&ady=3239&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1wH98IpilB&p=https%3A//www.firmasec.com&dtd=34 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=86400 content-encoding br content-length 618 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 21 Apr 2023 03:26:14 GMT etag 48472445140208031 expires Sat, 22 Apr 2023 03:26:14 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET DATA	200 OK	truncated / Frame 6A39	214 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash cbf30e141837f43416368fe32f32182029a778a2b2ab5d5cb015797f5f3ace0d Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Content-Type image/png
GET H2	200	/ r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 78BB Redirect Chain https://ad.turn.com/r/cs?pid=3&google_gid=CAESEAo7MMzpiS8yz_14ao4WtGE&google_cver=1&google_push=Aer7DvIBaNx-0P2XjBnWmZ_ap4TnfSVr4I7O2OCdm9az9Ll7uFLjlzRaq4bw362iCEqD2iH0afF4EIdua1Nwg6DUAZYq86DgpdrRqQ https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzMxMDE4MTg1MzM4OTYyMjkzMA==&gdpr=&gdpr_consent= https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAo7MMzpiS8yz_14ao4WtGE&google_cver=1	43 B 398 B	53ms 14ms	Image image/gif	2001:678:cb4:bbbb::11 AMOBEE
General Check archive.org Show headers Download Go to Show image Full URL https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAo7MMzpiS8yz_14ao4WtGE&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=280&adk=1166757697&adf=2158498679&pi=t.aa~a.1082746971~rp.4&w=373&fwrn=4&fwrnh=100&lmt=1682047573&rafmt=1&to=qs&pwprc=3732620310&format=373x280&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047573066&bpp=1&bdt=1717&idt=-M&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5bf94a9a783d80b-227c0c2a9fdd001f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MYZPNtzsT6Yhmg03jopYK6dzlW7SQ&gpic=UID%3D00000bedf15d7e4f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MY3nY2oumkbWDhJ0CE5h_yMIHWWlw&prev_fmts=0x0%2C1200x280&nras=3&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1017&ady=2594&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=RM1MWD9jzd&p=https%3A//www.firmasec.com&dtd=26 Protocol H2 Server 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB), Reverse DNS Software / Resource Hash 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers content-type image/gif pragma no-cache date Fri, 21 Apr 2023 03:26:13 GMT cache-control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 content-length 43 p3p policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV" Redirect headers pragma no-cache date Fri, 21 Apr 2023 03:26:14 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAo7MMzpiS8yz_14ao4WtGE&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 329 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	dpixel cms.quantserve.com/ Frame 78BB	35 B 462 B	181ms 17ms	Image image/gif	2620:116:800d:21:de2e:c7b3:55c0:d5a0 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMoo38pA2OeZMcmq9luMOlU&google_cver=1&google_push=Aer7DvIhDg0rP11y9b-KNMJJTj_43ghb11MgcaxQjVntcYZz5JOus-EtL5RPELUU7ncDLjeg7QuDY8CEVSz353VARR96nMT5d5OUCb0 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=280&adk=1166757697&adf=2158498679&pi=t.aa~a.1082746971~rp.4&w=373&fwrn=4&fwrnh=100&lmt=1682047573&rafmt=1&to=qs&pwprc=3732620310&format=373x280&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047573066&bpp=1&bdt=1717&idt=-M&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5bf94a9a783d80b-227c0c2a9fdd001f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MYZPNtzsT6Yhmg03jopYK6dzlW7SQ&gpic=UID%3D00000bedf15d7e4f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MY3nY2oumkbWDhJ0CE5h_yMIHWWlw&prev_fmts=0x0%2C1200x280&nras=3&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1017&ady=2594&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=RM1MWD9jzd&p=https%3A//www.firmasec.com&dtd=26 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Fri, 21 Apr 2023 03:26:14 GMT strict-transport-security max-age=86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" content-type image/gif cache-control private, no-cache, no-store, proxy-revalidate content-length 35 expires Fri, 04 Aug 1978 12:00:00 GMT
GET H2	204	current dclk-match.dotomi.com/match/bounce/ Frame 78BB	0 104 B	187ms 23ms	Image text/plain	2a02:fa8:8806:20::2040 VCLK-EU-SE
General Check archive.org Show headers Download Go to Show image Full URL https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEEDJNblmQ195nmcrwBJ9wPQ&google_cver=1&google_push=Aer7DvJHXmFgXPqivS96y3OrRT9F-QIZNwXsz1hfx9yM7IVtaaaOl0jqhMIejr_Yhh9JowypeaBWy4WXlYlF7Xr9Zg89AfanrBb_tw Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=280&adk=1166757697&adf=2158498679&pi=t.aa~a.1082746971~rp.4&w=373&fwrn=4&fwrnh=100&lmt=1682047573&rafmt=1&to=qs&pwprc=3732620310&format=373x280&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047573066&bpp=1&bdt=1717&idt=-M&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5bf94a9a783d80b-227c0c2a9fdd001f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MYZPNtzsT6Yhmg03jopYK6dzlW7SQ&gpic=UID%3D00000bedf15d7e4f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MY3nY2oumkbWDhJ0CE5h_yMIHWWlw&prev_fmts=0x0%2C1200x280&nras=3&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1017&ady=2594&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=RM1MWD9jzd&p=https%3A//www.firmasec.com&dtd=26 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2a02:fa8:8806:20::2040 , Singapore, ASN41041 (VCLK-EU-SE, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Fri, 21 Apr 2023 03:26:14 GMT cache-control no-cache, private, max-age=0, no-store server nginx expires 0
GET H2	200	pixel cm.g.doubleclick.net/ Frame 78BB Redirect Chain https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESENKAnJrIUb4zINNrTge7FIY&google_cver=1&google_push=Aer7DvIvf3-y7-0m7yUoZa-8F-xBp6toK__T3R2cZVAfsK5UifAYVu-sjMD4h4P5XQrgsCq5lgL_z6fehhZ... https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aer7DvIvf3-y7-0m7yUoZa-8F-xBp6toK__T3R2cZVAfsK5UifAYVu-sjMD4h4P5XQrgsCq5lgL_z6fehhZpakzcqNmHwLJizAZD4Jc&google_hm=hghBJctSRfWoLm9rf...	170 B 232 B	46ms 45ms	Image image/png	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aer7DvIvf3-y7-0m7yUoZa-8F-xBp6toK__T3R2cZVAfsK5UifAYVu-sjMD4h4P5XQrgsCq5lgL_z6fehhZpakzcqNmHwLJizAZD4Jc&google_hm=hghBJctSRfWoLm9rfWhSUrg Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=280&adk=1166757697&adf=2158498679&pi=t.aa~a.1082746971~rp.4&w=373&fwrn=4&fwrnh=100&lmt=1682047573&rafmt=1&to=qs&pwprc=3732620310&format=373x280&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047573066&bpp=1&bdt=1717&idt=-M&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5bf94a9a783d80b-227c0c2a9fdd001f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MYZPNtzsT6Yhmg03jopYK6dzlW7SQ&gpic=UID%3D00000bedf15d7e4f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MY3nY2oumkbWDhJ0CE5h_yMIHWWlw&prev_fmts=0x0%2C1200x280&nras=3&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1017&ady=2594&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=RM1MWD9jzd&p=https%3A//www.firmasec.com&dtd=26 Protocol H2 Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Fri, 21 Apr 2023 03:26:14 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Fri, 21 Apr 2023 03:26:12 GMT via 1.1 google server Apache-Coyote/1.1 p3p CP="NOI DSP COR NID CUR OUR NOR" status 302 location https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aer7DvIvf3-y7-0m7yUoZa-8F-xBp6toK__T3R2cZVAfsK5UifAYVu-sjMD4h4P5XQrgsCq5lgL_z6fehhZpakzcqNmHwLJizAZD4Jc&google_hm=hghBJctSRfWoLm9rfWhSUrg content-type text/html;charset=UTF-8 cache-control no-cache, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 1; mode=block expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame 78BB Redirect Chain https://ads.travelaudience.com/google_pixel?google_gid=CAESEBkmyt90Lmu51vnm-YeF_0k&google_cver=1&google_push=Aer7DvJHQFAuKQ_MJflIGFsZZSCtRr7odj_MgLJNj0CjD-lCGbj0KUSVDnX67u8u2yo_FZqZmZK5wtLZuKfFGTEA... https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=MbsUoHWXQNSZrNwlBowLog2&google_push=Aer7DvJHQFAuKQ_MJflIGFsZZSCtRr7odj_MgLJNj0CjD-lCGbj0KUSVDnX67u8u2yo_FZqZmZK5wtLZuKfFGTEAhX7G9ULGyg6TQR0	170 B 232 B	48ms 48ms	Image image/png	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=MbsUoHWXQNSZrNwlBowLog2&google_push=Aer7DvJHQFAuKQ_MJflIGFsZZSCtRr7odj_MgLJNj0CjD-lCGbj0KUSVDnX67u8u2yo_FZqZmZK5wtLZuKfFGTEAhX7G9ULGyg6TQR0 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=280&adk=1166757697&adf=2158498679&pi=t.aa~a.1082746971~rp.4&w=373&fwrn=4&fwrnh=100&lmt=1682047573&rafmt=1&to=qs&pwprc=3732620310&format=373x280&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047573066&bpp=1&bdt=1717&idt=-M&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5bf94a9a783d80b-227c0c2a9fdd001f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MYZPNtzsT6Yhmg03jopYK6dzlW7SQ&gpic=UID%3D00000bedf15d7e4f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MY3nY2oumkbWDhJ0CE5h_yMIHWWlw&prev_fmts=0x0%2C1200x280&nras=3&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1017&ady=2594&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=RM1MWD9jzd&p=https%3A//www.firmasec.com&dtd=26 Protocol H2 Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Fri, 21 Apr 2023 03:26:14 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Fri, 21 Apr 2023 03:26:14 GMT via 1.1 google x-engine-version 0.0.0 server nginx/1.21.6 p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC" location https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=MbsUoHWXQNSZrNwlBowLog2&google_push=Aer7DvJHQFAuKQ_MJflIGFsZZSCtRr7odj_MgLJNj0CjD-lCGbj0KUSVDnX67u8u2yo_FZqZmZK5wtLZuKfFGTEAhX7G9ULGyg6TQR0 x-host tde-deliveryengine-production-64c8469d98-m45x5 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	pixel cm.g.doubleclick.net/ Frame 78BB Redirect Chain https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMSVjRYRdw2HpUYk0nJRaJc&google_cver=1&google_push=Aer7DvJeAgkqlO470DbVTgGivR2B3rkMdJR58QGA-0eTKP1x4CczYs6e1A0GwY43oQ-LOqI1-lZouaMEEknhOhAEZN6aPbk... https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvJeAgkqlO470DbVTgGivR2B3rkMdJR58QGA-0eTKP1x4CczYs6e1A0GwY43oQ-LOqI1-lZouaMEEknhOhAEZN6aPbk3ajTmjnQ&google_hm=eS1WZzBkeWtGRTJwSG4...	170 B 232 B	49ms 48ms	Image image/png	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvJeAgkqlO470DbVTgGivR2B3rkMdJR58QGA-0eTKP1x4CczYs6e1A0GwY43oQ-LOqI1-lZouaMEEknhOhAEZN6aPbk3ajTmjnQ&google_hm=eS1WZzBkeWtGRTJwSG4xYzR4R0daRjhSb3U4TlE5bEhMZ35B Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=280&adk=1166757697&adf=2158498679&pi=t.aa~a.1082746971~rp.4&w=373&fwrn=4&fwrnh=100&lmt=1682047573&rafmt=1&to=qs&pwprc=3732620310&format=373x280&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047573066&bpp=1&bdt=1717&idt=-M&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5bf94a9a783d80b-227c0c2a9fdd001f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MYZPNtzsT6Yhmg03jopYK6dzlW7SQ&gpic=UID%3D00000bedf15d7e4f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MY3nY2oumkbWDhJ0CE5h_yMIHWWlw&prev_fmts=0x0%2C1200x280&nras=3&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1017&ady=2594&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=RM1MWD9jzd&p=https%3A//www.firmasec.com&dtd=26 Protocol H2 Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Fri, 21 Apr 2023 03:26:14 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Fri, 21 Apr 2023 03:26:14 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff referrer-policy strict-origin-when-cross-origin server ATS content-security-policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic age 0 expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" x-frame-options DENY location https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvJeAgkqlO470DbVTgGivR2B3rkMdJR58QGA-0eTKP1x4CczYs6e1A0GwY43oQ-LOqI1-lZouaMEEknhOhAEZN6aPbk3ajTmjnQ&google_hm=eS1WZzBkeWtGRTJwSG4xYzR4R0daRjhSb3U4TlE5bEhMZ35B content-length 0
GET H2	200	pixel cm.g.doubleclick.net/ Frame 78BB Redirect Chain https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEII_BES9OGHkJYyVJ-B81t8&google_cver=1&google_push=Aer7DvLXC5rZ9v8mSGzoYuLQ9XLTnxIhMS1aSKeRRvLmlA1OagRbouPomITotx7DnSthuTz6o1c... https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdQWlAyTlMtMTctNEZOOQ==&google_push=Aer7DvLXC5rZ9v8mSGzoYuLQ9XLTnxIhMS1aSKeRRvLmlA1OagRbouPomITotx7DnSthuTz6o1cImbeEF-dpylO9HDEitop1c2qMd3o	170 B 329 B	53ms 47ms	Image image/png	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdQWlAyTlMtMTctNEZOOQ==&google_push=Aer7DvLXC5rZ9v8mSGzoYuLQ9XLTnxIhMS1aSKeRRvLmlA1OagRbouPomITotx7DnSthuTz6o1cImbeEF-dpylO9HDEitop1c2qMd3o Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=280&adk=1166757697&adf=2158498679&pi=t.aa~a.1082746971~rp.4&w=373&fwrn=4&fwrnh=100&lmt=1682047573&rafmt=1&to=qs&pwprc=3732620310&format=373x280&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047573066&bpp=1&bdt=1717&idt=-M&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5bf94a9a783d80b-227c0c2a9fdd001f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MYZPNtzsT6Yhmg03jopYK6dzlW7SQ&gpic=UID%3D00000bedf15d7e4f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MY3nY2oumkbWDhJ0CE5h_yMIHWWlw&prev_fmts=0x0%2C1200x280&nras=3&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1017&ady=2594&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=RM1MWD9jzd&p=https%3A//www.firmasec.com&dtd=26 Protocol H2 Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Fri, 21 Apr 2023 03:26:14 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Content-Type text/html Location https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdQWlAyTlMtMTctNEZOOQ==&google_push=Aer7DvLXC5rZ9v8mSGzoYuLQ9XLTnxIhMS1aSKeRRvLmlA1OagRbouPomITotx7DnSthuTz6o1cImbeEF-dpylO9HDEitop1c2qMd3o Cache-Control no-cache,no-store,must-revalidate content-length 0 X-RPHost 37b22a0c36bd84993dd2cda4a5e04b1d Expires 0
GET H2	204	attr cm.g.doubleclick.net/pixel/ Frame 78BB	0 40 B	207ms 44ms	Image text/html	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JgQOzG1XEfadouNEuHzKZJXgmlVAI0BS9Y5UfVlWsfSmc4SRkDZcQW9zFz_9qbvCMv1FTM Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=280&adk=1166757697&adf=2158498679&pi=t.aa~a.1082746971~rp.4&w=373&fwrn=4&fwrnh=100&lmt=1682047573&rafmt=1&to=qs&pwprc=3732620310&format=373x280&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047573066&bpp=1&bdt=1717&idt=-M&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5bf94a9a783d80b-227c0c2a9fdd001f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MYZPNtzsT6Yhmg03jopYK6dzlW7SQ&gpic=UID%3D00000bedf15d7e4f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MY3nY2oumkbWDhJ0CE5h_yMIHWWlw&prev_fmts=0x0%2C1200x280&nras=3&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1017&ady=2594&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=RM1MWD9jzd&p=https%3A//www.firmasec.com&dtd=26 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 03:26:14 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET H2	200	iframe.html Show response p4-fpaqhpxkw2bgg-5mckcx6eriysypxn-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 24E1	5 KB 2 KB	84ms 42ms	Document text/html	142.250.185.163 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://p4-fpaqhpxkw2bgg-5mckcx6eriysypxn-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html Requested by Host: p4-fpaqhpxkw2bgg-5mckcx6eriysypxn-if-v6exp3-v4.metric.gstatic.com URL: https://p4-fpaqhpxkw2bgg-5mckcx6eriysypxn-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.163 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f3.1e100.net Software sffe / Resource Hash 6e2303c52c65d6a0db8410cc841406454ca695645fc11553279a1fb3ea74c991 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://p4-fpaqhpxkw2bgg-5mckcx6eriysypxn-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, must-revalidate content-encoding gzip content-length 1986 content-security-policy-report-only script-src 'nonce-MUJI0aq4t8jDDA4yRe68CA' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none' content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" cross-origin-resource-policy cross-origin date Fri, 21 Apr 2023 03:26:14 GMT expires Fri, 01 Jan 1990 00:00:00 GMT last-modified Fri, 03 Feb 2023 22:38:00 GMT pragma no-cache report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	8e3adedd6f76ceb5825dd9d6f211c14b.js Show response www.gstatic.com/mysidia/ Frame C453	9 KB 4 KB	37ms 35ms	Script text/javascript	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/8e3adedd6f76ceb5825dd9d6f211c14b.js?tag=client_fast_engine_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash af3db37cd37f8c6425e168cdde71e01053db2350a26ce758c1393820a2497453 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Thu, 20 Apr 2023 01:41:17 GMT content-encoding gzip x-content-type-options nosniff age 92697 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3832 x-xss-protection 0 last-modified Tue, 18 Apr 2023 02:08:12 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Wed, 19 Jul 2023 01:41:17 GMT
GET H3	200	1ba75d3cdd2ac554b0602e2cb4c3eedf.js Show response www.gstatic.com/mysidia/ Frame C453	148 KB 55 KB	37ms 37ms	Script text/javascript	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/1ba75d3cdd2ac554b0602e2cb4c3eedf.js?tag=gpa/dynamic_fig_web_banner_v2 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c21d68c79b37204d16641a5f6a9228066944d671628270df8349b170a3f3d1fc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Thu, 20 Apr 2023 05:46:33 GMT content-encoding gzip x-content-type-options nosniff age 77981 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 55838 x-xss-protection 0 last-modified Tue, 18 Apr 2023 02:08:12 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Wed, 19 Jul 2023 05:46:33 GMT
GET H3	200	css fonts.googleapis.com/ Frame C453	6 KB 917 B	54ms 54ms	Stylesheet text/css	2a00:1450:4001:811::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%7CGoogle%20Sans%20Display%3A400 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 7e5900d08244740d02c9bcdcc045f1b3c8e06842af23e5a9b1df720bfa567f4b Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 21 Apr 2023 03:26:14 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 21 Apr 2023 02:01:33 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 21 Apr 2023 03:26:14 GMT
GET H3	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame C453	2 KB 765 B	157ms 157ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 03:26:14 GMT content-encoding br x-content-type-options nosniff age 0 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 738 x-xss-protection 0 server cafe etag 1394486882873449110 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 05 May 2023 03:26:14 GMT
GET H3	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230418/r20110914/ Frame C453	21 KB 8 KB	101ms 100ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 03:26:14 GMT content-encoding br x-content-type-options nosniff age 0 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8535 x-xss-protection 0 server cafe etag 13968503839060854674 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 05 May 2023 03:26:14 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame C453	3 KB 1 KB	35ms 35ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Thu, 20 Apr 2023 16:45:07 GMT content-encoding br x-content-type-options nosniff age 38467 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 04 May 2023 16:45:07 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame C453	19 KB 8 KB	35ms 35ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Thu, 20 Apr 2023 16:45:05 GMT content-encoding br x-content-type-options nosniff age 38469 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8104 x-xss-protection 0 server cafe etag 11444945707709536616 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 04 May 2023 16:45:05 GMT
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame C453	159 KB 49 KB	55ms 55ms	Script text/javascript	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 03:26:14 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 49672 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1681929791789681" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Fri, 21 Apr 2023 03:26:14 GMT
GET H3	200	f8970ecc2196f374e9d99027c476dd6b.js Show response www.gstatic.com/mysidia/ Frame C453	32 KB 13 KB	96ms 96ms	Script text/javascript	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/f8970ecc2196f374e9d99027c476dd6b.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 56cb66844b6e4806082b345cc9bf870b3e2493a6f4e277b865d85666f0fac439 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Thu, 20 Apr 2023 03:40:25 GMT content-encoding gzip x-content-type-options nosniff age 85549 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13747 x-xss-protection 0 last-modified Tue, 18 Apr 2023 02:08:12 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Wed, 19 Jul 2023 03:40:25 GMT
GET H3	200	s Show response googleads.g.doubleclick.net/pagead/drt/ Frame 2AB8	143 B 166 B	55ms 47ms	Document text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=3291041699&pi=t.aa~a.1259045259~rp.4&w=313&fwrn=4&fwrnh=100&lmt=1682047573&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047573066&bpp=1&bdt=1716&idt=-M&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5bf94a9a783d80b-227c0c2a9fdd001f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MYZPNtzsT6Yhmg03jopYK6dzlW7SQ&gpic=UID%3D00000bedf15d7e4f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MY3nY2oumkbWDhJ0CE5h_yMIHWWlw&prev_fmts=0x0%2C1200x280%2C373x280%2C373x280&nras=5&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=3841&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=Jq1tGrrtOg&p=https%3A//www.firmasec.com&dtd=47 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=3291041699&pi=t.aa~a.1259045259~rp.4&w=313&fwrn=4&fwrnh=100&lmt=1682047573&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047573066&bpp=1&bdt=1716&idt=-M&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5bf94a9a783d80b-227c0c2a9fdd001f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MYZPNtzsT6Yhmg03jopYK6dzlW7SQ&gpic=UID%3D00000bedf15d7e4f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MY3nY2oumkbWDhJ0CE5h_yMIHWWlw&prev_fmts=0x0%2C1200x280%2C373x280%2C373x280&nras=5&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=3841&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=Jq1tGrrtOg&p=https%3A//www.firmasec.com&dtd=47 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 1489 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=3600 content-encoding gzip content-length 145 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 21 Apr 2023 03:01:25 GMT server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame BB50	1 KB 643 B	184ms 175ms	Document text/html	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=3291041699&pi=t.aa~a.1259045259~rp.4&w=313&fwrn=4&fwrnh=100&lmt=1682047573&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047573066&bpp=1&bdt=1716&idt=-M&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5bf94a9a783d80b-227c0c2a9fdd001f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MYZPNtzsT6Yhmg03jopYK6dzlW7SQ&gpic=UID%3D00000bedf15d7e4f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MY3nY2oumkbWDhJ0CE5h_yMIHWWlw&prev_fmts=0x0%2C1200x280%2C373x280%2C373x280&nras=5&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=3841&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=Jq1tGrrtOg&p=https%3A//www.firmasec.com&dtd=47 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=86400 content-encoding br content-length 618 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 21 Apr 2023 03:26:14 GMT etag 48472445140208031 expires Sat, 22 Apr 2023 03:26:14 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	/ r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame B662 Redirect Chain https://ad.turn.com/r/cs?pid=3&google_gid=CAESEAo7MMzpiS8yz_14ao4WtGE&google_cver=1&google_push=Aer7DvJ7G0K2Qibbox6M5UnRlT1TKxeL4kqokjX_HjOlEkHERxbHI9jhvmATIqlF3UJnu9pQgE0CNjnhAHMnJpkZ8urtbHSjpPxsTC8 https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzIzODEyNDI1OTM1MTY5NDk5NA==&gdpr=&gdpr_consent= https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAo7MMzpiS8yz_14ao4WtGE&google_cver=1	43 B 398 B	53ms 15ms	Image image/gif	2001:678:cb4:bbbb::11 AMOBEE
General Check archive.org Show headers Download Go to Show image Full URL https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAo7MMzpiS8yz_14ao4WtGE&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=2394730556&pi=t.aa~a.1259055193~rp.4&w=313&fwrn=4&fwrnh=100&lmt=1682047573&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047573066&bpp=2&bdt=1717&idt=2&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5bf94a9a783d80b-227c0c2a9fdd001f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MYZPNtzsT6Yhmg03jopYK6dzlW7SQ&gpic=UID%3D00000bedf15d7e4f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MY3nY2oumkbWDhJ0CE5h_yMIHWWlw&prev_fmts=0x0%2C1200x280%2C373x280%2C373x280%2C313x250&nras=6&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=4561&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=oThMqoEB4w&p=https%3A//www.firmasec.com&dtd=56 Protocol H2 Server 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB), Reverse DNS Software / Resource Hash 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers content-type image/gif pragma no-cache date Fri, 21 Apr 2023 03:26:13 GMT cache-control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 content-length 43 p3p policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV" Redirect headers pragma no-cache date Fri, 21 Apr 2023 03:26:14 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAo7MMzpiS8yz_14ao4WtGE&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 329 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	dpixel cms.quantserve.com/ Frame B662	35 B 463 B	113ms 16ms	Image image/gif	2620:116:800d:21:de2e:c7b3:55c0:d5a0 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMoo38pA2OeZMcmq9luMOlU&google_cver=1&google_push=Aer7DvLk7SIvSdbUG4ZdqJ8kgAtzTWs2nuayh8FHRY9ehRU654JazuRih1jlpe2uSz31CidfQhcELcA9giWZYSIxJTd8Vsz3moINC_g Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=2394730556&pi=t.aa~a.1259055193~rp.4&w=313&fwrn=4&fwrnh=100&lmt=1682047573&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047573066&bpp=2&bdt=1717&idt=2&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5bf94a9a783d80b-227c0c2a9fdd001f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MYZPNtzsT6Yhmg03jopYK6dzlW7SQ&gpic=UID%3D00000bedf15d7e4f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MY3nY2oumkbWDhJ0CE5h_yMIHWWlw&prev_fmts=0x0%2C1200x280%2C373x280%2C373x280%2C313x250&nras=6&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=4561&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=oThMqoEB4w&p=https%3A//www.firmasec.com&dtd=56 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Fri, 21 Apr 2023 03:26:14 GMT strict-transport-security max-age=86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" content-type image/gif cache-control private, no-cache, no-store, proxy-revalidate content-length 35 expires Fri, 04 Aug 1978 12:00:00 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame B662 Redirect Chain https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKrdRy9UjixmFxdmxlKyIEY&google_cve... https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKrdRy9UjixmFxdmxlKyIEY&goog... https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZERpRjB6ZncxUFBIcEE1&google_gid=CAESEKrdRy9UjixmFxdmxlKyIEY&google_cver=1&google_push=Aer7DvIgLxL0RFZ8psI-PpNzW5Aa0hCguvUb9YTKVy10P2V...	170 B 232 B	63ms 62ms	Image image/png	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZERpRjB6ZncxUFBIcEE1&google_gid=CAESEKrdRy9UjixmFxdmxlKyIEY&google_cver=1&google_push=Aer7DvIgLxL0RFZ8psI-PpNzW5Aa0hCguvUb9YTKVy10P2VTbSGbHNkU0KLR3oNpnaP-qDuOiduQPBbbPcAb3MG5w7PKKGUIcAWnG1w Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=2394730556&pi=t.aa~a.1259055193~rp.4&w=313&fwrn=4&fwrnh=100&lmt=1682047573&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047573066&bpp=2&bdt=1717&idt=2&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5bf94a9a783d80b-227c0c2a9fdd001f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MYZPNtzsT6Yhmg03jopYK6dzlW7SQ&gpic=UID%3D00000bedf15d7e4f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MY3nY2oumkbWDhJ0CE5h_yMIHWWlw&prev_fmts=0x0%2C1200x280%2C373x280%2C373x280%2C313x250&nras=6&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=4561&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=oThMqoEB4w&p=https%3A//www.firmasec.com&dtd=56 Protocol H2 Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Fri, 21 Apr 2023 03:26:14 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Fri, 21 Apr 2023 03:26:14 GMT Strict-Transport-Security max-age=2592000; includeSubDomains Server PingMatch/v2.0.30-775-g5f74e41#rel-ec2-master i-0bdcd692e53b93ca1@eu-central-1a@dxedge-app-eu-central-1-prod-asg Location https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZERpRjB6ZncxUFBIcEE1&google_gid=CAESEKrdRy9UjixmFxdmxlKyIEY&google_cver=1&google_push=Aer7DvIgLxL0RFZ8psI-PpNzW5Aa0hCguvUb9YTKVy10P2VTbSGbHNkU0KLR3oNpnaP-qDuOiduQPBbbPcAb3MG5w7PKKGUIcAWnG1w Cache-Control no-cache, must-revalidate Connection keep-alive Content-Length 0 Expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame B662 Redirect Chain https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEPT3FUf0K1WBmfzjmB8elno&google_cver=1&google_push=Aer7DvJM7_6FPgo2gNwxJ-t8q2mDj64VKCmt6ms09v102-7cvCUTsdUGav8-yuREq5SAcIOahcvg7Jg1bNxa_9Sm... https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvJM7_6FPgo2gNwxJ-t8q2mDj64VKCmt6ms09v102-7cvCUTsdUGav8-yuREq5SAcIOahcvg7Jg1bNxa_9SmA75ioQS9Lep8MA	170 B 232 B	50ms 49ms	Image image/png	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvJM7_6FPgo2gNwxJ-t8q2mDj64VKCmt6ms09v102-7cvCUTsdUGav8-yuREq5SAcIOahcvg7Jg1bNxa_9SmA75ioQS9Lep8MA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=2394730556&pi=t.aa~a.1259055193~rp.4&w=313&fwrn=4&fwrnh=100&lmt=1682047573&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047573066&bpp=2&bdt=1717&idt=2&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5bf94a9a783d80b-227c0c2a9fdd001f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MYZPNtzsT6Yhmg03jopYK6dzlW7SQ&gpic=UID%3D00000bedf15d7e4f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MY3nY2oumkbWDhJ0CE5h_yMIHWWlw&prev_fmts=0x0%2C1200x280%2C373x280%2C373x280%2C313x250&nras=6&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=4561&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=oThMqoEB4w&p=https%3A//www.firmasec.com&dtd=56 Protocol H2 Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Fri, 21 Apr 2023 03:26:14 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Date Fri, 21 Apr 2023 03:26:14 GMT Server MT3 830 785530e master zrh-pixel-x26 config_version:"unknown" Content-Type image/gif Access-Control-Allow-Origin * location https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvJM7_6FPgo2gNwxJ-t8q2mDj64VKCmt6ms09v102-7cvCUTsdUGav8-yuREq5SAcIOahcvg7Jg1bNxa_9SmA75ioQS9Lep8MA P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Cache-Control no-cache Connection keep-alive Keep-Alive timeout=360 Content-Length 0 Expires Fri, 21 Apr 2023 03:26:13 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame B662 Redirect Chain https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESENKAnJrIUb4zINNrTge7FIY&google_cver=1&google_push=Aer7DvLN7S6VaYQkJSsjxDjN7Qta1J0UfowJZgoye3xctpOUbFUOg-RVxGcA2umbBnTRcSl4UYyYckSxWYi... https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aer7DvLN7S6VaYQkJSsjxDjN7Qta1J0UfowJZgoye3xctpOUbFUOg-RVxGcA2umbBnTRcSl4UYyYckSxWYij7dMKgmB2pvFvojJ9Ow&google_hm=e0GHkbAbTcSMM82JEm...	170 B 232 B	49ms 48ms	Image image/png	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aer7DvLN7S6VaYQkJSsjxDjN7Qta1J0UfowJZgoye3xctpOUbFUOg-RVxGcA2umbBnTRcSl4UYyYckSxWYij7dMKgmB2pvFvojJ9Ow&google_hm=e0GHkbAbTcSMM82JEmyS77g Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=2394730556&pi=t.aa~a.1259055193~rp.4&w=313&fwrn=4&fwrnh=100&lmt=1682047573&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047573066&bpp=2&bdt=1717&idt=2&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5bf94a9a783d80b-227c0c2a9fdd001f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MYZPNtzsT6Yhmg03jopYK6dzlW7SQ&gpic=UID%3D00000bedf15d7e4f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MY3nY2oumkbWDhJ0CE5h_yMIHWWlw&prev_fmts=0x0%2C1200x280%2C373x280%2C373x280%2C313x250&nras=6&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=4561&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=oThMqoEB4w&p=https%3A//www.firmasec.com&dtd=56 Protocol H2 Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Fri, 21 Apr 2023 03:26:14 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Fri, 21 Apr 2023 03:26:14 GMT via 1.1 google server Apache-Coyote/1.1 p3p CP="NOI DSP COR NID CUR OUR NOR" status 302 location https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aer7DvLN7S6VaYQkJSsjxDjN7Qta1J0UfowJZgoye3xctpOUbFUOg-RVxGcA2umbBnTRcSl4UYyYckSxWYij7dMKgmB2pvFvojJ9Ow&google_hm=e0GHkbAbTcSMM82JEmyS77g content-type text/html;charset=UTF-8 cache-control no-cache, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 1; mode=block expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame B662 Redirect Chain https://ads.travelaudience.com/google_pixel?google_gid=CAESEBkmyt90Lmu51vnm-YeF_0k&google_cver=1&google_push=Aer7DvICfEAFKht2cSLazgHsozDQWfP5x02jciS2aX8dYt7y2G0HcruXvUNGh8l0RVO5xsVnlqrp_gokmyMk9G-d... https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=bbw37khwS1KxqrEmFKSR8g2&google_push=Aer7DvICfEAFKht2cSLazgHsozDQWfP5x02jciS2aX8dYt7y2G0HcruXvUNGh8l0RVO5xsVnlqrp_gokmyMk9G-dNc2MUjUllF7VKg	170 B 232 B	46ms 46ms	Image image/png	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=bbw37khwS1KxqrEmFKSR8g2&google_push=Aer7DvICfEAFKht2cSLazgHsozDQWfP5x02jciS2aX8dYt7y2G0HcruXvUNGh8l0RVO5xsVnlqrp_gokmyMk9G-dNc2MUjUllF7VKg Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=2394730556&pi=t.aa~a.1259055193~rp.4&w=313&fwrn=4&fwrnh=100&lmt=1682047573&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047573066&bpp=2&bdt=1717&idt=2&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5bf94a9a783d80b-227c0c2a9fdd001f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MYZPNtzsT6Yhmg03jopYK6dzlW7SQ&gpic=UID%3D00000bedf15d7e4f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MY3nY2oumkbWDhJ0CE5h_yMIHWWlw&prev_fmts=0x0%2C1200x280%2C373x280%2C373x280%2C313x250&nras=6&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=4561&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=oThMqoEB4w&p=https%3A//www.firmasec.com&dtd=56 Protocol H2 Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Fri, 21 Apr 2023 03:26:14 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Fri, 21 Apr 2023 03:26:14 GMT via 1.1 google x-engine-version 0.0.0 server nginx/1.21.6 p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC" location https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=bbw37khwS1KxqrEmFKSR8g2&google_push=Aer7DvICfEAFKht2cSLazgHsozDQWfP5x02jciS2aX8dYt7y2G0HcruXvUNGh8l0RVO5xsVnlqrp_gokmyMk9G-dNc2MUjUllF7VKg x-host tde-deliveryengine-production-64c8469d98-wq4xg alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	pixel cm.g.doubleclick.net/ Frame B662 Redirect Chain https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMSVjRYRdw2HpUYk0nJRaJc&google_cver=1&google_push=Aer7DvKNBD8lhVSszs5PPrmpc-ojC-DPAE5z2Ww94RXR8Pcbw8e7P4TAz2ENCUZJHszPAoWnXj4B2jgF-E-HdRYSEeMvSnR... https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvKNBD8lhVSszs5PPrmpc-ojC-DPAE5z2Ww94RXR8Pcbw8e7P4TAz2ENCUZJHszPAoWnXj4B2jgF-E-HdRYSEeMvSnR2bIb8oFI&google_hm=eS1ianVYZXBkRTJwRkF...	170 B 232 B	47ms 46ms	Image image/png	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvKNBD8lhVSszs5PPrmpc-ojC-DPAE5z2Ww94RXR8Pcbw8e7P4TAz2ENCUZJHszPAoWnXj4B2jgF-E-HdRYSEeMvSnR2bIb8oFI&google_hm=eS1ianVYZXBkRTJwRkF3b1AwVHBRRDA3Vzd0RU1aQ0pic35B Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=2394730556&pi=t.aa~a.1259055193~rp.4&w=313&fwrn=4&fwrnh=100&lmt=1682047573&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047573066&bpp=2&bdt=1717&idt=2&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5bf94a9a783d80b-227c0c2a9fdd001f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MYZPNtzsT6Yhmg03jopYK6dzlW7SQ&gpic=UID%3D00000bedf15d7e4f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MY3nY2oumkbWDhJ0CE5h_yMIHWWlw&prev_fmts=0x0%2C1200x280%2C373x280%2C373x280%2C313x250&nras=6&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=4561&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=oThMqoEB4w&p=https%3A//www.firmasec.com&dtd=56 Protocol H2 Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Fri, 21 Apr 2023 03:26:14 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Fri, 21 Apr 2023 03:26:14 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff referrer-policy strict-origin-when-cross-origin server ATS content-security-policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic age 0 expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" x-frame-options DENY location https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvKNBD8lhVSszs5PPrmpc-ojC-DPAE5z2Ww94RXR8Pcbw8e7P4TAz2ENCUZJHszPAoWnXj4B2jgF-E-HdRYSEeMvSnR2bIb8oFI&google_hm=eS1ianVYZXBkRTJwRkF3b1AwVHBRRDA3Vzd0RU1aQ0pic35B content-length 0
GET H2	204	attr cm.g.doubleclick.net/pixel/ Frame B662	0 139 B	140ms 43ms	Image text/html	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L_hmbSpGz9YiGExu2Ii6q3NHlmTPqk1R6c3YM9MkdV9LHWASXV0eNRxcjN6xS0Yny7VxYi Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=2394730556&pi=t.aa~a.1259055193~rp.4&w=313&fwrn=4&fwrnh=100&lmt=1682047573&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047573066&bpp=2&bdt=1717&idt=2&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5bf94a9a783d80b-227c0c2a9fdd001f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MYZPNtzsT6Yhmg03jopYK6dzlW7SQ&gpic=UID%3D00000bedf15d7e4f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MY3nY2oumkbWDhJ0CE5h_yMIHWWlw&prev_fmts=0x0%2C1200x280%2C373x280%2C373x280%2C313x250&nras=6&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=4561&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=oThMqoEB4w&p=https%3A//www.firmasec.com&dtd=56 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 03:26:14 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET DATA	200 OK	truncated / Frame 8B93	215 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 94c6a7b148b5b98d0bcbd980c63995efecdcd6a24ffca1d3b0dad6f998f072c5 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Content-Type image/png
GET H3	200	si Show response googleads.g.doubleclick.net/pagead/drt/ Frame 6F8E Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 17 B	51ms 50ms	Document text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=2394730556&pi=t.aa~a.1259055193~rp.4&w=313&fwrn=4&fwrnh=100&lmt=1682047573&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047573066&bpp=2&bdt=1717&idt=2&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5bf94a9a783d80b-227c0c2a9fdd001f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MYZPNtzsT6Yhmg03jopYK6dzlW7SQ&gpic=UID%3D00000bedf15d7e4f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MY3nY2oumkbWDhJ0CE5h_yMIHWWlw&prev_fmts=0x0%2C1200x280%2C373x280%2C373x280%2C313x250&nras=6&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=4561&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=oThMqoEB4w&p=https%3A//www.firmasec.com&dtd=56 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 21 Apr 2023 03:26:14 GMT expires Fri, 21 Apr 2023 03:26:14 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 21 Apr 2023 03:26:14 GMT location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET DATA	200 OK	truncated / Frame 3E0B	209 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c8a0f148115d2438d8c5518456938382bb1737f68ce91f772cf4981c8c7a3f04 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Content-Type image/png
GET H2	200	adchoices_default.png static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame F749	3 KB 4 KB	77ms 22ms	Image image/png	2606:4700:20::ac43:444e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/style/0.1.39/one-ad/default.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e Request headers accept-language de-DE,de;q=0.9 Referer https://as.ad4m.at/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 03:26:14 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1181 x-guploader-uploadid ADPycdvJhDJKYvZsIp2Ww11hat0iiHw4veAZ8QUgXnw1zmWoUR8ONKiLLXvBdZlNPXUFpHAd-HCAS3GxW2yrg_0_0UFqZA x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 3262 last-modified Tue, 21 Jun 2022 12:31:17 GMT server cloudflare etag "794c84d30e213ec6a144d64215f07551" vary Accept-Encoding x-goog-generation 1655814677405990 content-type image/png content-language en x-goog-hash crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ== cache-control public, max-age=7200 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QcaOKedZFWc9HNlW0pzIHcqHGFBaHct1%2BB42wB8CJ93mzCAT7JgXkwzH1Pa7SdG3UTyGlxEhF6of3vnk4tKmlmyP%2FlefB5GSb1WeA4gjEASaXMejCgMXdysNMvzalKl%2FZ%2BHdwpubICGSDLlZK9p1UyAG"}],"group":"cf-nel","max_age":604800} x-goog-stored-content-length 3262 accept-ranges bytes cf-ray 7bb2863b3a45bb5b-FRA expires Fri, 21 Apr 2023 04:06:33 GMT
GET H3	200	frame.html Show response ad4m.at/ Frame 1879	2 KB 1 KB	20ms 17ms	Document text/html	2606:4700:20::681a:ad1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/frame.html Requested by Host: ad4m.at URL: https://ad4m.at/r62eglto.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 58824 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control public, max-age=3600 cf-cache-status HIT cf-ray 7bb2863b0b0a9bfa-FRA content-encoding br content-language en content-type text/html; charset=utf-8 date Fri, 21 Apr 2023 03:26:14 GMT expires Thu, 30 Mar 2023 21:56:13 GMT last-modified Thu, 25 Aug 2022 14:12:41 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T7IFypv%2B6XR%2BGZDwGyxCwN%2BAmrtuVYYCswqiYOLD80f8sNWOX9YTwEYV4R4uWxUXkJS7T%2B%2FY5pnbmf9GCgRiEbc71cwBJiiP2iQYvvBLzk%2FGD54pYTNTYD5Q%2BQA7RTydUiwAxe0%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H3	200	CJVz-q1y4QcI86kHGme05ne9YeJsi3pnNRBXtIEru_s.js Show response pagead2.googlesyndication.com/bg/ Frame 21C5	36 KB 14 KB	38ms 38ms	Script text/javascript	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/CJVz-q1y4QcI86kHGme05ne9YeJsi3pnNRBXtIEru_s.js Requested by Host: www.firmasec.com URL: https://www.firmasec.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 089573faad72e10708f3a9071a67b4e677bd61e26c8b7a67351057b4812bbbfb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 18 Apr 2023 06:46:42 GMT content-encoding br x-content-type-options nosniff age 247172 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14219 x-xss-protection 0 last-modified Mon, 17 Apr 2023 14:08:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 17 Apr 2024 06:46:42 GMT
POST H2	204	csi csi.gstatic.com/ Frame C453	0 225 B	68ms 18ms	Ping image/gif	2001:4860:4802:32::3 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lgpzp2u3&c=4951625908278&slotId=2475812954139&qqid=CJThpMCDuv4CFRfQdwodNHcJQw&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=ssc&ulv=1 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/mysidia/1ba75d3cdd2ac554b0602e2cb4c3eedf.js?tag=gpa/dynamic_fig_web_banner_v2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Fri, 21 Apr 2023 03:26:14 GMT last-modified Wed, 21 Jan 2004 19:51:30 GMT server Golfe2 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 27AD Redirect Chain https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMoo38pA2OeZMcmq9luMOlU&google_cver=1&google_push=Aer7DvKm4wioeZAhjM5zHyJb3zgeCk4PeZ64kxuUxRSnfzdGirIFDzoOPX... https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=Aer7DvKm4wioeZAhjM5zHyJb3zgeCk4PeZ64kxuUxRSnfzdGirIFDzoOPXFGe99XrmlTm0DLb3nd3vgCUZgmvLp-MFXT217xn1-f_tHb&google_hm=4JzQBsXK...	170 B 188 B	67ms 61ms	Image image/png	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=Aer7DvKm4wioeZAhjM5zHyJb3zgeCk4PeZ64kxuUxRSnfzdGirIFDzoOPXFGe99XrmlTm0DLb3nd3vgCUZgmvLp-MFXT217xn1-f_tHb&google_hm=4JzQBsXK8J3ka_PNxXc-HQ Requested by Host: www.firmasec.com URL: https://www.firmasec.com/ Protocol H3 Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Fri, 21 Apr 2023 03:26:14 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=Aer7DvKm4wioeZAhjM5zHyJb3zgeCk4PeZ64kxuUxRSnfzdGirIFDzoOPXFGe99XrmlTm0DLb3nd3vgCUZgmvLp-MFXT217xn1-f_tHb&google_hm=4JzQBsXK8J3ka_PNxXc-HQ pragma no-cache date Fri, 21 Apr 2023 03:26:14 GMT cache-control private, no-cache, no-store, proxy-revalidate strict-transport-security max-age=86400 content-length 0 expires Fri, 04 Aug 1978 12:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 27AD Redirect Chain https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKrdRy9UjixmFxdmxlKyIEY&google_cve... https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZERpRjB6ZncxUFBIcEE1&google_gid=CAESEKrdRy9UjixmFxdmxlKyIEY&google_cver=1&google_push=Aer7DvLpv5lSqzaRS52HFvFvWghEwrgK4cpVMX0oQWFz6_k...	170 B 188 B	69ms 63ms	Image image/png	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZERpRjB6ZncxUFBIcEE1&google_gid=CAESEKrdRy9UjixmFxdmxlKyIEY&google_cver=1&google_push=Aer7DvLpv5lSqzaRS52HFvFvWghEwrgK4cpVMX0oQWFz6_kl5oHOIF63Nzh__-33CkSpStG8eWRRAOWUPJsHEAWpyeRcjWwh26THQA8l Requested by Host: www.firmasec.com URL: https://www.firmasec.com/ Protocol H3 Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Fri, 21 Apr 2023 03:26:14 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Fri, 21 Apr 2023 03:26:14 GMT Strict-Transport-Security max-age=2592000; includeSubDomains Server PingMatch/v2.0.30-775-g5f74e41#rel-ec2-master i-0a06c616171ab44f5@eu-central-1b@dxedge-app-eu-central-1-prod-asg Location https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZERpRjB6ZncxUFBIcEE1&google_gid=CAESEKrdRy9UjixmFxdmxlKyIEY&google_cver=1&google_push=Aer7DvLpv5lSqzaRS52HFvFvWghEwrgK4cpVMX0oQWFz6_kl5oHOIF63Nzh__-33CkSpStG8eWRRAOWUPJsHEAWpyeRcjWwh26THQA8l Cache-Control no-cache, must-revalidate Connection keep-alive Content-Length 0 Expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	i.match s.tribalfusion.com/z/ Frame 27AD Redirect Chain https://a.tribalfusion.com/i.match?p=b6&u=CAESEFrN3rLN9sKLaXr7pCDnw_w&google_cver=1&google_push=Aer7DvLAV1A8NGgZav_O2FcpwosFCffKSW9d9GOiVmN7wb5e184KNGO27cujdAWYeZohCfWLGi96Jx6pAPxWJRS0JeuhF5kGcysLG... https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFrN3rLN9sKLaXr7pCDnw_w&google_cver=1&google_push=Aer7DvLAV1A8NGgZav_O2FcpwosFCffKSW9d9GOiVmN7wb5e184KNGO27cujdAWYeZohCfWLGi96Jx6pAPxWJRS0JeuhF5kGcys...	43 B 395 B	748ms 689ms	Image image/gif	2606:4700::6812:19ad CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFrN3rLN9sKLaXr7pCDnw_w&google_cver=1&google_push=Aer7DvLAV1A8NGgZav_O2FcpwosFCffKSW9d9GOiVmN7wb5e184KNGO27cujdAWYeZohCfWLGi96Jx6pAPxWJRS0JeuhF5kGcysLGNE&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAer7DvLAV1A8NGgZav_O2FcpwosFCffKSW9d9GOiVmN7wb5e184KNGO27cujdAWYeZohCfWLGi96Jx6pAPxWJRS0JeuhF5kGcysLGNE%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 Requested by Host: www.firmasec.com URL: https://www.firmasec.com/ Protocol H2 Server 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Fri, 21 Apr 2023 03:26:15 GMT cf-cache-status DYNAMIC x-function 302 server cloudflare content-type image/gif; charset=utf-8 p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private cf-ray 7bb2863e8a659b7d-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 43 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers pragma no-cache date Fri, 21 Apr 2023 03:26:14 GMT cf-cache-status DYNAMIC x-function 206 server cloudflare x-reuse-index 585 content-type text/html location https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFrN3rLN9sKLaXr7pCDnw_w&google_cver=1&google_push=Aer7DvLAV1A8NGgZav_O2FcpwosFCffKSW9d9GOiVmN7wb5e184KNGO27cujdAWYeZohCfWLGi96Jx6pAPxWJRS0JeuhF5kGcysLGNE&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAer7DvLAV1A8NGgZav_O2FcpwosFCffKSW9d9GOiVmN7wb5e184KNGO27cujdAWYeZohCfWLGi96Jx6pAPxWJRS0JeuhF5kGcysLGNE%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private cf-ray 7bb2863cf9339b7d-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 27AD Redirect Chain https://um.simpli.fi/gp_match?google_gid=CAESEIVXjygQykzLCxLIMlixFDA&google_cver=1&google_push=Aer7DvJNG-C46HlbTX4jfz43vIzJvNnVKyiUQmwq87lp65WfWFN6U-jm1fIObvw_GUbdd9DpGaXYKAmB4MkV9wRCaUfmQ0N5ql8Hs_AE https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D8A6729D71D54AA5B43C82E54A4C02E9&google_push=Aer7DvJNG-C46HlbTX4jfz43vIzJvNnVKyiUQmwq87lp65WfWFN6U-jm1fIObvw_GUbdd9DpGaXYKAmB4MkV9wR...	170 B 188 B	46ms 45ms	Image image/png	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D8A6729D71D54AA5B43C82E54A4C02E9&google_push=Aer7DvJNG-C46HlbTX4jfz43vIzJvNnVKyiUQmwq87lp65WfWFN6U-jm1fIObvw_GUbdd9DpGaXYKAmB4MkV9wRCaUfmQ0N5ql8Hs_AE Requested by Host: www.firmasec.com URL: https://www.firmasec.com/ Protocol H3 Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Fri, 21 Apr 2023 03:26:14 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Fri, 21 Apr 2023 03:26:14 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D8A6729D71D54AA5B43C82E54A4C02E9&google_push=Aer7DvJNG-C46HlbTX4jfz43vIzJvNnVKyiUQmwq87lp65WfWFN6U-jm1fIObvw_GUbdd9DpGaXYKAmB4MkV9wRCaUfmQ0N5ql8Hs_AE access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Thu, 20 Apr 2023 03:26:14 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 27AD Redirect Chain https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESENKAnJrIUb4zINNrTge7FIY&google_cver=1&google_push=Aer7DvL3vcy-3BjKh088t5uGj8N9Vz1Qp6264uHY_VVq5GvC18pub5v32_eAgqTRc-WmCpzGuLA6qaGOP97... https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aer7DvL3vcy-3BjKh088t5uGj8N9Vz1Qp6264uHY_VVq5GvC18pub5v32_eAgqTRc-WmCpzGuLA6qaGOP97zrWNbBoPWXiWyJuh5t32u&google_hm=e0GHkbAbTcSMM82J...	170 B 188 B	46ms 45ms	Image image/png	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aer7DvL3vcy-3BjKh088t5uGj8N9Vz1Qp6264uHY_VVq5GvC18pub5v32_eAgqTRc-WmCpzGuLA6qaGOP97zrWNbBoPWXiWyJuh5t32u&google_hm=e0GHkbAbTcSMM82JEmyS77g Requested by Host: www.firmasec.com URL: https://www.firmasec.com/ Protocol H3 Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Fri, 21 Apr 2023 03:26:14 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Fri, 21 Apr 2023 03:26:14 GMT via 1.1 google server Apache-Coyote/1.1 p3p CP="NOI DSP COR NID CUR OUR NOR" status 302 location https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=Aer7DvL3vcy-3BjKh088t5uGj8N9Vz1Qp6264uHY_VVq5GvC18pub5v32_eAgqTRc-WmCpzGuLA6qaGOP97zrWNbBoPWXiWyJuh5t32u&google_hm=e0GHkbAbTcSMM82JEmyS77g content-type text/html;charset=UTF-8 cache-control no-cache, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 1; mode=block expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 27AD Redirect Chain https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECdDTcriaynJn5wwcBqTdxM&google_cver=1&google_push=Aer7DvJ3-d_tEtH6qsPIk2SXP8RLcYlaO0ZFI43qM5v2kzIAsfey3p-7vrjuSvSnfyO3S6oWbfStaDb5... https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESECdDTcriaynJn5wwcBqTdxM&google_cver=1&google_push=Aer7DvJ3-d_tEtH6qsPIk2SXP8RLcYlaO0ZFI43qM5v2kzIAsfey3p-7vrjuSvSnfyO3S6oWbfS... https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTA3ODg5NzcwNzMyMjI0MzU5OQ&google_push=Aer7DvJ3-d_tEtH6qsPIk2SXP8RLcYlaO0ZFI43qM5v2kzIAsfey3p-7vrjuSvSnfyO3S6oWbfStaD...	170 B 188 B	61ms 54ms	Image image/png	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTA3ODg5NzcwNzMyMjI0MzU5OQ&google_push=Aer7DvJ3-d_tEtH6qsPIk2SXP8RLcYlaO0ZFI43qM5v2kzIAsfey3p-7vrjuSvSnfyO3S6oWbfStaDb5qGYp87abWYndcViyMWlSCO4c Requested by Host: www.firmasec.com URL: https://www.firmasec.com/ Protocol H3 Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Fri, 21 Apr 2023 03:26:14 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Fri, 21 Apr 2023 03:26:14 GMT strict-transport-security max-age=31536000; includeSubDomains server nginx accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-max-age 86400 access-control-allow-methods GET location https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTA3ODg5NzcwNzMyMjI0MzU5OQ&google_push=Aer7DvJ3-d_tEtH6qsPIk2SXP8RLcYlaO0ZFI43qM5v2kzIAsfey3p-7vrjuSvSnfyO3S6oWbfStaDb5qGYp87abWYndcViyMWlSCO4c access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With content-length 0 expires -1
GET H3	200	pixel cm.g.doubleclick.net/ Frame 27AD Redirect Chain https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGbxOcOaO9oYbdy9EO-mxKQ&google_cver=1&googl... https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEGbxOcOaO9oYbdy9EO-mxKQ&google_push=Ae... https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGbxOcOaO9oYbdy9EO-mxKQ&google_hm=ZEICVtBPdtU5EneKbn-26wAADRQAAAAB&google_nid=index&google_push=Aer7DvJ-joo1FEn4IF-T3pf3iWKDr3-BQTrfT...	170 B 188 B	56ms 55ms	Image image/png	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGbxOcOaO9oYbdy9EO-mxKQ&google_hm=ZEICVtBPdtU5EneKbn-26wAADRQAAAAB&google_nid=index&google_push=Aer7DvJ-joo1FEn4IF-T3pf3iWKDr3-BQTrfTHChYW8xHmY56w2cBmK8uoSllzyuUTeN0QdJtuq8GLJQKssJMJmi85u0Df4zuRjLPUhq Requested by Host: www.firmasec.com URL: https://www.firmasec.com/ Protocol H3 Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Fri, 21 Apr 2023 03:26:14 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Fri, 21 Apr 2023 03:26:14 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Location https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGbxOcOaO9oYbdy9EO-mxKQ&google_hm=ZEICVtBPdtU5EneKbn-26wAADRQAAAAB&google_nid=index&google_push=Aer7DvJ-joo1FEn4IF-T3pf3iWKDr3-BQTrfTHChYW8xHmY56w2cBmK8uoSllzyuUTeN0QdJtuq8GLJQKssJMJmi85u0Df4zuRjLPUhq Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=499 Content-Length 0 Expires 0
GET H3	204	attr cm.g.doubleclick.net/pixel/ Frame 27AD	0 12 B	51ms 48ms	Image text/html	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Ir1XGFe1PAp6s1IGqDiz3fbzmktKB7JkOi_VvWkPGz8h8GmmW1jRkZxJ7fppfPnpRtZ-mN Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=280&adk=1166757697&adf=1123912271&pi=t.aa~a.1082735456~rp.4&w=373&fwrn=4&fwrnh=100&lmt=1682047573&rafmt=1&to=qs&pwprc=3732620310&format=373x280&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047573066&bpp=2&bdt=1716&idt=-M&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5bf94a9a783d80b-227c0c2a9fdd001f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MYZPNtzsT6Yhmg03jopYK6dzlW7SQ&gpic=UID%3D00000bedf15d7e4f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MY3nY2oumkbWDhJ0CE5h_yMIHWWlw&prev_fmts=0x0%2C1200x280%2C373x280&nras=4&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1017&ady=3239&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1wH98IpilB&p=https%3A//www.firmasec.com&dtd=34 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 03:26:14 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET H3	200	si Show response googleads.g.doubleclick.net/pagead/drt/ Frame C0F6 Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 17 B	63ms 61ms	Document text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=280&adk=1166757697&adf=1123912271&pi=t.aa~a.1082735456~rp.4&w=373&fwrn=4&fwrnh=100&lmt=1682047573&rafmt=1&to=qs&pwprc=3732620310&format=373x280&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047573066&bpp=2&bdt=1716&idt=-M&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5bf94a9a783d80b-227c0c2a9fdd001f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MYZPNtzsT6Yhmg03jopYK6dzlW7SQ&gpic=UID%3D00000bedf15d7e4f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MY3nY2oumkbWDhJ0CE5h_yMIHWWlw&prev_fmts=0x0%2C1200x280%2C373x280&nras=4&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1017&ady=3239&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1wH98IpilB&p=https%3A//www.firmasec.com&dtd=34 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 21 Apr 2023 03:26:14 GMT expires Fri, 21 Apr 2023 03:26:14 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 21 Apr 2023 03:26:14 GMT location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	si Show response googleads.g.doubleclick.net/pagead/drt/ Frame 2AB8 Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 17 B	50ms 46ms	Document text/html	2a00:1450:4001:810::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=3291041699&pi=t.aa~a.1259045259~rp.4&w=313&fwrn=4&fwrnh=100&lmt=1682047573&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047573066&bpp=1&bdt=1716&idt=-M&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5bf94a9a783d80b-227c0c2a9fdd001f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MYZPNtzsT6Yhmg03jopYK6dzlW7SQ&gpic=UID%3D00000bedf15d7e4f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MY3nY2oumkbWDhJ0CE5h_yMIHWWlw&prev_fmts=0x0%2C1200x280%2C373x280%2C373x280&nras=5&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=3841&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=Jq1tGrrtOg&p=https%3A//www.firmasec.com&dtd=47 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 21 Apr 2023 03:26:14 GMT expires Fri, 21 Apr 2023 03:26:14 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 21 Apr 2023 03:26:14 GMT location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	206	videoplayback r5---sn-5hnednss.gvt1.com/ Frame C453 Redirect Chain https://redirector.gvt1.com/videoplayback?id=88fe82f39e55ed14&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1682054772&sparams=ip,ipbits,expire,id,... https://r5---sn-5hnednss.gvt1.com/videoplayback?id=88fe82f39e55ed14&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1682054772&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,m...	1 MB 1 MB	228ms 136ms	Media video/mp4	2a00:1450:400e:1b::a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://r5---sn-5hnednss.gvt1.com/videoplayback?id=88fe82f39e55ed14&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1682054772&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=4B3A1A7D817253D8594660FDD0B4F2BFD5ABC510.46CF2B1D75E6EA9700E1EB2E85044870CF078288&key=cms1&cms_redirect=yes&mh=Io&mip=2a03:1b20:6:f011::6e&mm=28&mn=sn-5hnednss&ms=nvh&mt=1682047176&mv=u&mvi=5&pl=48 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Server 2a00:1450:400e:1b::a , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software gvs 1.0 / Resource Hash 0a34dbb304c30c07c4fd8de667846eadaa5b3e25c784b99e6db332d3cca8b343 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers client-protocol quic date Fri, 21 Apr 2023 03:26:15 GMT x-content-type-options nosniff last-modified Sun, 16 Apr 2023 20:54:33 GMT server gvs 1.0 vary Origin content-type video/mp4 Content-Range bytes 0-1349747/1349748 cache-control private, max-age=6897 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" Content-Length 1349748 expires Fri, 21 Apr 2023 03:26:15 GMT Redirect headers pragma no-cache date Fri, 21 Apr 2023 03:26:14 GMT x-content-type-options nosniff server ClientMapServer x-frame-options SAMEORIGIN content-type text/html; charset=UTF-8 location https://r5---sn-5hnednss.gvt1.com/videoplayback?id=88fe82f39e55ed14&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1682054772&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=4B3A1A7D817253D8594660FDD0B4F2BFD5ABC510.46CF2B1D75E6EA9700E1EB2E85044870CF078288&key=cms1&cms_redirect=yes&mh=Io&mip=2a03:1b20:6:f011::6e&mm=28&mn=sn-5hnednss&ms=nvh&mt=1682047176&mv=u&mvi=5&pl=48 cache-control no-cache, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 707 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	CJVz-q1y4QcI86kHGme05ne9YeJsi3pnNRBXtIEru_s.js Show response pagead2.googlesyndication.com/bg/ Frame 794B	36 KB 14 KB	42ms 35ms	Script text/javascript	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/CJVz-q1y4QcI86kHGme05ne9YeJsi3pnNRBXtIEru_s.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=2394730556&pi=t.aa~a.1259055193~rp.4&w=313&fwrn=4&fwrnh=100&lmt=1682047573&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047573066&bpp=2&bdt=1717&idt=2&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5bf94a9a783d80b-227c0c2a9fdd001f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MYZPNtzsT6Yhmg03jopYK6dzlW7SQ&gpic=UID%3D00000bedf15d7e4f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MY3nY2oumkbWDhJ0CE5h_yMIHWWlw&prev_fmts=0x0%2C1200x280%2C373x280%2C373x280%2C313x250&nras=6&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=4561&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=oThMqoEB4w&p=https%3A//www.firmasec.com&dtd=56 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 089573faad72e10708f3a9071a67b4e677bd61e26c8b7a67351057b4812bbbfb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 18 Apr 2023 06:46:42 GMT content-encoding br x-content-type-options nosniff age 247172 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14219 x-xss-protection 0 last-modified Mon, 17 Apr 2023 14:08:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 17 Apr 2024 06:46:42 GMT
GET H3	200	CJVz-q1y4QcI86kHGme05ne9YeJsi3pnNRBXtIEru_s.js Show response pagead2.googlesyndication.com/bg/ Frame C675	36 KB 14 KB	43ms 37ms	Script text/javascript	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/CJVz-q1y4QcI86kHGme05ne9YeJsi3pnNRBXtIEru_s.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=280&adk=1166757697&adf=1123912271&pi=t.aa~a.1082735456~rp.4&w=373&fwrn=4&fwrnh=100&lmt=1682047573&rafmt=1&to=qs&pwprc=3732620310&format=373x280&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047573066&bpp=2&bdt=1716&idt=-M&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5bf94a9a783d80b-227c0c2a9fdd001f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MYZPNtzsT6Yhmg03jopYK6dzlW7SQ&gpic=UID%3D00000bedf15d7e4f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MY3nY2oumkbWDhJ0CE5h_yMIHWWlw&prev_fmts=0x0%2C1200x280%2C373x280&nras=4&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1017&ady=3239&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=1wH98IpilB&p=https%3A//www.firmasec.com&dtd=34 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 089573faad72e10708f3a9071a67b4e677bd61e26c8b7a67351057b4812bbbfb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 18 Apr 2023 06:46:42 GMT content-encoding br x-content-type-options nosniff age 247172 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14219 x-xss-protection 0 last-modified Mon, 17 Apr 2023 14:08:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 17 Apr 2024 06:46:42 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 4EFD	42 B 64 B	161ms 75ms	Fetch image/gif	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvCC02sgwRRJP9ZznuZPCUCPUdP2Az8Ons-j1wibpKXvmIB_Ra1H4hUTjzq3M4lPSq1i6fA6bJa7zYhLCOk5hn75gCzwcwSyUNpcfK8vUoJrl9YQLg-EJTcVJmNAfVabfjhUVJ9bw&sai=AMfl-YT8M_GxpeteAClkAIOFftMs_TVqL6_VWZ_qJEy3Rv2y39lN9-91kfZaRehIyeHKrruvpYE-uNen981q&sig=Cg0ArKJSzPJlJJJHf86OEAE&cid=CAQSGwBygQiD0Jpf_gy0O0bmYp6PezmRa4ClREga9xgB&id=lidar2&mcvt=1055&p=0,0,280,1200&mtos=1055,1055,1055,1055,1055&tos=1055,0,0,0,0&v=20230419&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=4144480424&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1682047572258&rpt=1207&met=mue&wmsd=0&pbe=0&vae=0&spb=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Fri, 21 Apr 2023 03:26:14 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	i.match s.tribalfusion.com/z/ Frame BB50 Redirect Chain https://a.tribalfusion.com/i.match?p=b6&u=CAESEFrN3rLN9sKLaXr7pCDnw_w&google_cver=1&google_push=Aer7DvIuylREnrpMKua_tvt_P-whO0qYjD6GuHYYQgjb_xBH2pT3dy2hyIcuEblmuMLnqxLGRpJUwnL_wmWFxysD1Wli2F6vLoV7I... https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFrN3rLN9sKLaXr7pCDnw_w&google_cver=1&google_push=Aer7DvIuylREnrpMKua_tvt_P-whO0qYjD6GuHYYQgjb_xBH2pT3dy2hyIcuEblmuMLnqxLGRpJUwnL_wmWFxysD1Wli2F6vLoV...	43 B 441 B	150ms 150ms	Image image/gif	2606:4700::6812:19ad CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFrN3rLN9sKLaXr7pCDnw_w&google_cver=1&google_push=Aer7DvIuylREnrpMKua_tvt_P-whO0qYjD6GuHYYQgjb_xBH2pT3dy2hyIcuEblmuMLnqxLGRpJUwnL_wmWFxysD1Wli2F6vLoV7Igs&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAer7DvIuylREnrpMKua_tvt_P-whO0qYjD6GuHYYQgjb_xBH2pT3dy2hyIcuEblmuMLnqxLGRpJUwnL_wmWFxysD1Wli2F6vLoV7Igs%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 Requested by Host: www.firmasec.com URL: https://www.firmasec.com/ Protocol H2 Server 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Fri, 21 Apr 2023 03:26:15 GMT cf-cache-status DYNAMIC x-function 302 server cloudflare content-type image/gif; charset=utf-8 p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private cf-ray 7bb2863fdb719b7d-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 43 expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers pragma no-cache date Fri, 21 Apr 2023 03:26:14 GMT cf-cache-status DYNAMIC x-function 206 server cloudflare x-reuse-index 519 content-type text/html location https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFrN3rLN9sKLaXr7pCDnw_w&google_cver=1&google_push=Aer7DvIuylREnrpMKua_tvt_P-whO0qYjD6GuHYYQgjb_xBH2pT3dy2hyIcuEblmuMLnqxLGRpJUwnL_wmWFxysD1Wli2F6vLoV7Igs&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAer7DvIuylREnrpMKua_tvt_P-whO0qYjD6GuHYYQgjb_xBH2pT3dy2hyIcuEblmuMLnqxLGRpJUwnL_wmWFxysD1Wli2F6vLoV7Igs%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 p3p CP="NOI DEVo TAIa OUR BUS" cache-control no-cache, private cf-ray 7bb2863d295c9b7d-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	google match.adsrvr.org/track/cmf/ Frame BB50	70 B 265 B	115ms 29ms	Image image/gif	15.197.193.217 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.adsrvr.org/track/cmf/google?google_gid=CAESELKVSO4yrMOIhKwaUXOPso0&google_cver=1&google_push=Aer7DvI8H4rZhA7Vu-QbQywVdtRh-bkZS0KGpXagWkVl2i9R7_6ajxjFNECnoBq4yMK2R5yOej0KsAIpMAPdJwSkB19s6EUTy0vjfssr Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=3291041699&pi=t.aa~a.1259045259~rp.4&w=313&fwrn=4&fwrnh=100&lmt=1682047573&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047573066&bpp=1&bdt=1716&idt=-M&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5bf94a9a783d80b-227c0c2a9fdd001f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MYZPNtzsT6Yhmg03jopYK6dzlW7SQ&gpic=UID%3D00000bedf15d7e4f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MY3nY2oumkbWDhJ0CE5h_yMIHWWlw&prev_fmts=0x0%2C1200x280%2C373x280%2C373x280&nras=5&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=3841&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=Jq1tGrrtOg&p=https%3A//www.firmasec.com&dtd=47 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 15.197.193.217 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a12b7a488abeaa9e4.awsglobalaccelerator.com Software / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers content-type image/gif pragma no-cache date Fri, 21 Apr 2023 03:26:14 GMT cache-control private,no-cache, must-revalidate x-aspnet-version 4.0.30319 content-length 70 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
GET H3	200	pixel cm.g.doubleclick.net/ Frame BB50 Redirect Chain https://ads.travelaudience.com/google_pixel?google_gid=CAESEBkmyt90Lmu51vnm-YeF_0k&google_cver=1&google_push=Aer7DvIzM3Y_uJEBQiNRlR6JJffcxGHBtbmtJXJGjxoP-O1NCbQUAkRrEplYHxSdhKZmrbrqJkXNFT4n6_1B7FL6... https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=bbw37khwS1KxqrEmFKSR8g2&google_push=Aer7DvIzM3Y_uJEBQiNRlR6JJffcxGHBtbmtJXJGjxoP-O1NCbQUAkRrEplYHxSdhKZmrbrqJkXNFT4n6_1B7FL6g9CkWXhZkFKIkq3L	170 B 188 B	51ms 51ms	Image image/png	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=bbw37khwS1KxqrEmFKSR8g2&google_push=Aer7DvIzM3Y_uJEBQiNRlR6JJffcxGHBtbmtJXJGjxoP-O1NCbQUAkRrEplYHxSdhKZmrbrqJkXNFT4n6_1B7FL6g9CkWXhZkFKIkq3L Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=3291041699&pi=t.aa~a.1259045259~rp.4&w=313&fwrn=4&fwrnh=100&lmt=1682047573&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047573066&bpp=1&bdt=1716&idt=-M&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5bf94a9a783d80b-227c0c2a9fdd001f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MYZPNtzsT6Yhmg03jopYK6dzlW7SQ&gpic=UID%3D00000bedf15d7e4f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MY3nY2oumkbWDhJ0CE5h_yMIHWWlw&prev_fmts=0x0%2C1200x280%2C373x280%2C373x280&nras=5&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=3841&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=Jq1tGrrtOg&p=https%3A//www.firmasec.com&dtd=47 Protocol H3 Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Fri, 21 Apr 2023 03:26:14 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Fri, 21 Apr 2023 03:26:14 GMT via 1.1 google x-engine-version 0.0.0 server nginx/1.21.6 p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC" location https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=bbw37khwS1KxqrEmFKSR8g2&google_push=Aer7DvIzM3Y_uJEBQiNRlR6JJffcxGHBtbmtJXJGjxoP-O1NCbQUAkRrEplYHxSdhKZmrbrqJkXNFT4n6_1B7FL6g9CkWXhZkFKIkq3L x-host tde-deliveryengine-production-64c8469d98-m45x5 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame BB50 Redirect Chain https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEBXggUtJR39w4-QwYcZR6Zk&google_cver=1&google_push=Aer7DvJEQVVdob0KDnswXh8qG_HAriG7nrkKmWaeP7U1mJm7fCzDJMpUdAxdqAz4ld4JohlYvv2AxkMguhocK43K2L1T... https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEBXggUtJR39w4-QwYcZR6Zk&google_cver=1&google_push=Aer7DvJEQVVdob0KDnswXh8qG_HAriG7nrkKmWaeP7U1mJm7fCzDJMpUdAxdqAz4ld4JohlYvv2AxkMguhocK4... https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle https://x.bidswitch.net/sync?dsp_id=59&user_id=d8eca6d5-f81e-449b-8b2b-d6241a679b53&ssp=google https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvJEQVVdob0KDnswXh8qG_HAriG7nrkKmWaeP7U1mJm7fCzDJMpUdAxdqAz4ld4JohlYvv2AxkMguhocK43K2L1TTtm3fOvZycHa&google_hm=D5oYvtpSRXKeX6u2OxO...	170 B 188 B	50ms 46ms	Image image/png	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvJEQVVdob0KDnswXh8qG_HAriG7nrkKmWaeP7U1mJm7fCzDJMpUdAxdqAz4ld4JohlYvv2AxkMguhocK43K2L1TTtm3fOvZycHa&google_hm=D5oYvtpSRXKeX6u2OxOGCA== Requested by Host: www.firmasec.com URL: https://www.firmasec.com/ Protocol H3 Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Fri, 21 Apr 2023 03:26:15 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvJEQVVdob0KDnswXh8qG_HAriG7nrkKmWaeP7U1mJm7fCzDJMpUdAxdqAz4ld4JohlYvv2AxkMguhocK43K2L1TTtm3fOvZycHa&google_hm=D5oYvtpSRXKeX6u2OxOGCA== date Fri, 21 Apr 2023 03:26:15 GMT cache-control no-cache, no-store, must-revalidate content-length 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame BB50 Redirect Chain https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMSVjRYRdw2HpUYk0nJRaJc&google_cver=1&google_push=Aer7DvIOHIcecjXOyEM0eAsSEvGx7XIM7zij3BBI7Q8f2VxzkpLMPdKXbWTjX7xQ7CeqT77NN6zgVYYS0jCIEVa_pNyZLLS... https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvIOHIcecjXOyEM0eAsSEvGx7XIM7zij3BBI7Q8f2VxzkpLMPdKXbWTjX7xQ7CeqT77NN6zgVYYS0jCIEVa_pNyZLLSNIXXR994k&google_hm=eS1ianVYZXBkRTJwRk...	170 B 188 B	50ms 50ms	Image image/png	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvIOHIcecjXOyEM0eAsSEvGx7XIM7zij3BBI7Q8f2VxzkpLMPdKXbWTjX7xQ7CeqT77NN6zgVYYS0jCIEVa_pNyZLLSNIXXR994k&google_hm=eS1ianVYZXBkRTJwRkF3b1AwVHBRRDA3Vzd0RU1aQ0pic35B Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=3291041699&pi=t.aa~a.1259045259~rp.4&w=313&fwrn=4&fwrnh=100&lmt=1682047573&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047573066&bpp=1&bdt=1716&idt=-M&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5bf94a9a783d80b-227c0c2a9fdd001f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MYZPNtzsT6Yhmg03jopYK6dzlW7SQ&gpic=UID%3D00000bedf15d7e4f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MY3nY2oumkbWDhJ0CE5h_yMIHWWlw&prev_fmts=0x0%2C1200x280%2C373x280%2C373x280&nras=5&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=3841&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=Jq1tGrrtOg&p=https%3A//www.firmasec.com&dtd=47 Protocol H3 Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Fri, 21 Apr 2023 03:26:14 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Fri, 21 Apr 2023 03:26:14 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff referrer-policy strict-origin-when-cross-origin server ATS content-security-policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic age 0 expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" x-frame-options DENY location https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvIOHIcecjXOyEM0eAsSEvGx7XIM7zij3BBI7Q8f2VxzkpLMPdKXbWTjX7xQ7CeqT77NN6zgVYYS0jCIEVa_pNyZLLSNIXXR994k&google_hm=eS1ianVYZXBkRTJwRkF3b1AwVHBRRDA3Vzd0RU1aQ0pic35B content-length 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame BB50 Redirect Chain https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESECdDTcriaynJn5wwcBqTdxM&google_cver=1&google_push=Aer7DvK2rh62uS3CHhpqLCNPwzFFbfOXqvJA4swxFh4V5px8W61cPe44wHeTTQ5lCOZDeBanggGJaJhC... https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESECdDTcriaynJn5wwcBqTdxM&google_cver=1&google_push=Aer7DvK2rh62uS3CHhpqLCNPwzFFbfOXqvJA4swxFh4V5px8W61cPe44wHeTTQ5lCOZDeBanggG... https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzAzNjM1ODA0NjcxMDI1MzI4OQ&google_push=Aer7DvK2rh62uS3CHhpqLCNPwzFFbfOXqvJA4swxFh4V5px8W61cPe44wHeTTQ5lCOZDeBanggGJaJ...	170 B 188 B	59ms 52ms	Image image/png	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzAzNjM1ODA0NjcxMDI1MzI4OQ&google_push=Aer7DvK2rh62uS3CHhpqLCNPwzFFbfOXqvJA4swxFh4V5px8W61cPe44wHeTTQ5lCOZDeBanggGJaJhC1rg2phQYxFdcMaKgXiPa-CjG Requested by Host: www.firmasec.com URL: https://www.firmasec.com/ Protocol H3 Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Fri, 21 Apr 2023 03:26:14 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Fri, 21 Apr 2023 03:26:14 GMT strict-transport-security max-age=31536000; includeSubDomains server nginx accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-max-age 86400 access-control-allow-methods GET location https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzAzNjM1ODA0NjcxMDI1MzI4OQ&google_push=Aer7DvK2rh62uS3CHhpqLCNPwzFFbfOXqvJA4swxFh4V5px8W61cPe44wHeTTQ5lCOZDeBanggGJaJhC1rg2phQYxFdcMaKgXiPa-CjG access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With content-length 0 expires -1
GET H2	200	report sync.teads.tv/um/ Frame BB50 Redirect Chain https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEM151-fCxEFoWRKdfA2_dOA&... https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aer7DvLkEz1uMtwjuUYAMcE_T9KMiYKAfRp1g2I5aCNOOVeZRHZ6EagiOH-P0dIJ4-R8r3_LDgbCVJ9NiZjOQS8ZZJEoRDBff_8cPRpUuQ https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab	23 B 172 B	31ms 31ms	Image image/gif	104.111.217.42 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab Requested by Host: www.firmasec.com URL: https://www.firmasec.com/ Protocol H2 Server 104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-217-42.deploy.static.akamaitechnologies.com Software akka-http/10.2.10 / Resource Hash 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers expires Fri, 21 Apr 2023 03:26:15 GMT pragma no-cache date Fri, 21 Apr 2023 03:26:15 GMT cache-control max-age=0, no-cache, no-store server akka-http/10.2.10 content-length 23 content-type image/gif Redirect headers pragma no-cache date Fri, 21 Apr 2023 03:26:14 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 260 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	attr cm.g.doubleclick.net/pixel/ Frame BB50	0 12 B	61ms 58ms	Image text/html	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kvzfx0b-3QxRh5fXh6xDXFZeyp-2br8cIcXLMovoIFh_HmuU_cm1o4hlhEOkXayx2ws7JFGw Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=3291041699&pi=t.aa~a.1259045259~rp.4&w=313&fwrn=4&fwrnh=100&lmt=1682047573&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047573066&bpp=1&bdt=1716&idt=-M&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5bf94a9a783d80b-227c0c2a9fdd001f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MYZPNtzsT6Yhmg03jopYK6dzlW7SQ&gpic=UID%3D00000bedf15d7e4f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MY3nY2oumkbWDhJ0CE5h_yMIHWWlw&prev_fmts=0x0%2C1200x280%2C373x280%2C373x280&nras=5&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=3841&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=Jq1tGrrtOg&p=https%3A//www.firmasec.com&dtd=47 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 03:26:14 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 content-type text/html
GET H3	200	CJVz-q1y4QcI86kHGme05ne9YeJsi3pnNRBXtIEru_s.js Show response pagead2.googlesyndication.com/bg/ Frame 22F6	36 KB 14 KB	38ms 35ms	Script text/javascript	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/CJVz-q1y4QcI86kHGme05ne9YeJsi3pnNRBXtIEru_s.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7403327254807716&output=html&h=250&adk=1455411326&adf=3291041699&pi=t.aa~a.1259045259~rp.4&w=313&fwrn=4&fwrnh=100&lmt=1682047573&rafmt=1&to=qs&pwprc=3732620310&format=313x250&url=https%3A%2F%2Fwww.firmasec.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682047573066&bpp=1&bdt=1716&idt=-M&shv=r20230418&mjsv=m202304110102&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd5bf94a9a783d80b-227c0c2a9fdd001f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MYZPNtzsT6Yhmg03jopYK6dzlW7SQ&gpic=UID%3D00000bedf15d7e4f%3AT%3D1682047572%3ART%3D1682047572%3AS%3DALNI_MY3nY2oumkbWDhJ0CE5h_yMIHWWlw&prev_fmts=0x0%2C1200x280%2C373x280%2C373x280&nras=5&correlator=7399202642507&frm=20&pv=1&ga_vid=1099387567.1682047572&ga_sid=1682047572&ga_hid=1137137166&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1047&ady=3841&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074010&oid=2&pvsid=2192333139131729&tmod=1284760563&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=Jq1tGrrtOg&p=https%3A//www.firmasec.com&dtd=47 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 089573faad72e10708f3a9071a67b4e677bd61e26c8b7a67351057b4812bbbfb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 18 Apr 2023 06:46:42 GMT content-encoding br x-content-type-options nosniff age 247173 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14219 x-xss-protection 0 last-modified Mon, 17 Apr 2023 14:08:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 17 Apr 2024 06:46:42 GMT
POST H/1.1	204 No Content	collect Show response y.clarity.ms/	0 296 B	92ms 92ms	XHR text/plain	104.211.35.148 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://y.clarity.ms/collect Requested by Host: www.clarity.ms URL: https://www.clarity.ms/s/0.7.6/clarity.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.211.35.148 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/x-clarity-gzip Referer https://www.firmasec.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Access-Control-Allow-Origin https://www.firmasec.com Date Fri, 21 Apr 2023 03:26:15 GMT Access-Control-Allow-Credentials true Server nginx/1.18.0 (Ubuntu) Connection keep-alive Vary Origin Request-Context appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0
POST H3	200	rs Show response ad4m.at/ Frame F749	1 KB 2 KB	38ms 35ms	XHR text/plain	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/rs Requested by Host: ad4m.at URL: https://ad4m.at/r62eglto.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5bf0d4318ffeb6d2bcc63e812ea8887ad4c0a903bf6775703d7d8b965e443d96 Request headers Referer accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Content-Type application/json Response headers date Fri, 21 Apr 2023 03:26:15 GMT via 1.1 google content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DOvb9OaB8Y%2BmsNX%2BXn8b8F3fLFR2IAUZnWV4JJHVU8akODZ%2FwA2ktk7oGmY8QaYSra4ky9qQaT8YJ8ht%2FOJhSVXUVVvkqXmbN8gROmCLJ1Nic5wsKR4VmlVuT0Sfgz109pMiXEM%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain access-control-allow-origin https://as.ad4m.at access-control-allow-credentials true cf-ray 7bb286408cde8fd0-FRA x-backend-server aa-reachservice-group-europe-west1-pvdv alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
OPTIONS H3	200	rs ad4m.at/ Frame	0 0	86ms 75ms	Preflight text/plain	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/rs Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://as.ad4m.at Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers content-type access-control-allow-methods GET,PATCH,POST,OPTIONS,DELETE access-control-allow-origin https://as.ad4m.at access-control-max-age 1800 allow HEAD,POST,GET,OPTIONS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7bb2863ffc8d8fd0-FRA content-length 24 content-type text/plain date Fri, 21 Apr 2023 03:26:15 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JabcCcBsitEU5AQduOPW0J5%2BG3xxbh6SicYwHnOw%2FxA3sqsBpHjyQkfW7EGMSFixPKlhZmQ%2FqSbF71jV4ijrcxPvnp8iQFJOuWGxT3vwJyp5YxxDl6EF0i28OGrhWX6%2BlmfQzHo%3D"}],"group":"cf-nel","max_age":604800} server cloudflare via 1.1 google x-backend-server aa-reachservice-group-europe-west1-bcvw
GET H3	200	rar Show response as.ad4m.at/ad/ Frame AF1E	11 KB 5 KB	31ms 30ms	Document text/html	2606:4700:20::681a:ad1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://as.ad4m.at/ad/rar?a=117569%2C195016%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=300&d=250&e=&g=6c8e5ae69726dc7a6a9e6f3a90952c52%2F10327562314184052399&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1682047575141&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kcbd5ysgtxgt7zc2ze55qjj51ndsaebjakv8snz6383xzcfbfs0dtxffg1ra8v30249rkmgckrt9129rjvq3w80e2vf8yk4mges0rmgwj34vqyss9vfbfsrgfc09jmmepfd2wdkkg52v9c2118pny3063aghcvp3ngmyc4p6rx50yy0xr0nvnw4w06xd4bt6zpf0mecp9x2qxg3p1p4jej0ap146nqb47rjcc18xj5xzth6ccbz0re7fcma9b5b1bbq2kap7bys59p9abw8xkzc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCEpqiVQJCZIyOB8Tb3wOtpLz4BpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTc0MDMzMjcyNTQ4MDc3MTbIAQmpArhJv7UzZ7I-qAMBqgTCAU_QztWZlpEw3VzpNQvXrMAuCu3Y5wPF1ytdzSCvvQEoCVgQL75Z5AnunPfvD1ZbF471twWRKjGwMVU6RU2OHWIO-Op0Gl5mJRmCks97COCaNH7JEeGgIKFF-twIzgUZPQOJWYblg0_ZWrgHYPrHcWpCKO6qeFGbL0P26VwcRODP_asdSJVnANk1Yd_AMsrjcjezw6DMGL1FOImTCyNVuMlJgJEFy1OjQdZix9scsh0aRtzzH5yiqFQM9oiaciscS2kwgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_26L8L72G14jB7OIbXKoEYl3WpQWQ%2526client%253Dca-pub-7403327254807716%2526adurl%253D&y=1&s=&z=0 Requested by Host: ad4m.at URL: https://ad4m.at/r62eglto.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 305d5323faac44efa6edd8550bbd76ac5890f50723bfb95ef01e84587c95770e Security Headers Name Value Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none' Strict-Transport-Security max-age=86400; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://as.ad4m.at/ad/dr?ed=1hm7hvczzfy0prqwqv6z3wdyd1mcjzr4mk6xhvd422wweqe7njs3fz99f49a9z4cek2x9t3gff7p9mt06jcx3z7mh1tzbba0b24z5wq8dtzzy4eyxk92825e1arap0b2jbsvkf707rvzmgx5m8vsg7jgktv2tvnzh9wn2wfdefyg7pw0aqegqbhrkpxyvwzvjze04myg85a9cge0b8hwd4azy0zkfpcy3269hqbt9herc3cn72z38zcq3jb36sr0wekgkvswa0n36vn4nr7nz6mnp8xx8801prw9sd12ejteac5hb6fbr4608znhmbxz3mkdpndyf9smcm4ct4mdsqctn5g9z38gg87g5y3b20py8f95g5dqs5hxp351gqy86c1mz420avg816cz7ngzenwpk2z5mj46fm8gjjhxsrvcd65056tf07fey2srpdk60e10vj22kg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEpqiVQJCZIyOB8Tb3wOtpLz4BpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTc0MDMzMjcyNTQ4MDc3MTbIAQmpArhJv7UzZ7I-qAMBqgTCAU_QztWZlpEw3VzpNQvXrMAuCu3Y5wPF1ytdzSCvvQEoCVgQL75Z5AnunPfvD1ZbF471twWRKjGwMVU6RU2OHWIO-Op0Gl5mJRmCks97COCaNH7JEeGgIKFF-twIzgUZPQOJWYblg0_ZWrgHYPrHcWpCKO6qeFGbL0P26VwcRODP_asdSJVnANk1Yd_AMsrjcjezw6DMGL1FOImTCyNVuMlJgJEFy1OjQdZix9scsh0aRtzzH5yiqFQM9oiaciscS2kwgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_26L8L72G14jB7OIbXKoEYl3WpQWQ%26client%3Dca-pub-7403327254807716%26adurl%3D Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate, proxy-revalidate cf-cache-status DYNAMIC cf-ray 7bb28640cff49bfa-FRA content-encoding br content-security-policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none' content-type text/html; charset=utf-8 cross-origin-embedder-policy unsafe-none cross-origin-opener-policy unsafe-none cross-origin-resource-policy cross-origin date Fri, 21 Apr 2023 03:26:15 GMT expires 0 feature-policy geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self' nel {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true} pragma no-cache referrer-policy same-origin report-to {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400} server cloudflare strict-transport-security max-age=86400; includeSubDomains; preload surrogate-control no-store vary accept-encoding via 1.1 google x-content-type-options nosniff x-download-options noopen x-xss-protection 1; mode=block
GET H3	200	default.css as.ad4m.at/ad/style/0.1.39/one-ad/ Frame AF1E	94 KB 12 KB	18ms 18ms	Stylesheet text/css	2606:4700:20::681a:ad1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://as.ad4m.at/ad/style/0.1.39/one-ad/default.css Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=117569%2C195016%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=300&d=250&e=&g=6c8e5ae69726dc7a6a9e6f3a90952c52%2F10327562314184052399&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1682047575141&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kcbd5ysgtxgt7zc2ze55qjj51ndsaebjakv8snz6383xzcfbfs0dtxffg1ra8v30249rkmgckrt9129rjvq3w80e2vf8yk4mges0rmgwj34vqyss9vfbfsrgfc09jmmepfd2wdkkg52v9c2118pny3063aghcvp3ngmyc4p6rx50yy0xr0nvnw4w06xd4bt6zpf0mecp9x2qxg3p1p4jej0ap146nqb47rjcc18xj5xzth6ccbz0re7fcma9b5b1bbq2kap7bys59p9abw8xkzc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCEpqiVQJCZIyOB8Tb3wOtpLz4BpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTc0MDMzMjcyNTQ4MDc3MTbIAQmpArhJv7UzZ7I-qAMBqgTCAU_QztWZlpEw3VzpNQvXrMAuCu3Y5wPF1ytdzSCvvQEoCVgQL75Z5AnunPfvD1ZbF471twWRKjGwMVU6RU2OHWIO-Op0Gl5mJRmCks97COCaNH7JEeGgIKFF-twIzgUZPQOJWYblg0_ZWrgHYPrHcWpCKO6qeFGbL0P26VwcRODP_asdSJVnANk1Yd_AMsrjcjezw6DMGL1FOImTCyNVuMlJgJEFy1OjQdZix9scsh0aRtzzH5yiqFQM9oiaciscS2kwgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_26L8L72G14jB7OIbXKoEYl3WpQWQ%2526client%253Dca-pub-7403327254807716%2526adurl%253D&y=1&s=&z=0 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 926a4ca073c39c40cabffbf1b0371803f245f084cdb9177fc7b3f9d81c0e394d Request headers accept-language de-DE,de;q=0.9 Referer https://as.ad4m.at/ad/rar?a=117569%2C195016%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=300&d=250&e=&g=6c8e5ae69726dc7a6a9e6f3a90952c52%2F10327562314184052399&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1682047575141&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kcbd5ysgtxgt7zc2ze55qjj51ndsaebjakv8snz6383xzcfbfs0dtxffg1ra8v30249rkmgckrt9129rjvq3w80e2vf8yk4mges0rmgwj34vqyss9vfbfsrgfc09jmmepfd2wdkkg52v9c2118pny3063aghcvp3ngmyc4p6rx50yy0xr0nvnw4w06xd4bt6zpf0mecp9x2qxg3p1p4jej0ap146nqb47rjcc18xj5xzth6ccbz0re7fcma9b5b1bbq2kap7bys59p9abw8xkzc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCEpqiVQJCZIyOB8Tb3wOtpLz4BpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTc0MDMzMjcyNTQ4MDc3MTbIAQmpArhJv7UzZ7I-qAMBqgTCAU_QztWZlpEw3VzpNQvXrMAuCu3Y5wPF1ytdzSCvvQEoCVgQL75Z5AnunPfvD1ZbF471twWRKjGwMVU6RU2OHWIO-Op0Gl5mJRmCks97COCaNH7JEeGgIKFF-twIzgUZPQOJWYblg0_ZWrgHYPrHcWpCKO6qeFGbL0P26VwcRODP_asdSJVnANk1Yd_AMsrjcjezw6DMGL1FOImTCyNVuMlJgJEFy1OjQdZix9scsh0aRtzzH5yiqFQM9oiaciscS2kwgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_26L8L72G14jB7OIbXKoEYl3WpQWQ%2526client%253Dca-pub-7403327254807716%2526adurl%253D&y=1&s=&z=0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 03:26:15 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-goog-meta-goog-reserved-file-mtime 1681210094 age 836494 cf-polished origSize=96968 x-guploader-uploadid ADPycdvBbBiAc2P41l3MPJ5-hXFPGXaQa8w7XhcYj92Xp8MLJ9mGx2Nxcd1NoISwl-CtOMwuiwBdZgqbw_DNCnSmQ168J3QFTvKy x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-bgj minify last-modified Tue, 11 Apr 2023 10:48:50 GMT server cloudflare etag W/"6110dc3a24c902508647a582294bcc25" vary Accept-Encoding x-goog-generation 1681210130860508 content-type text/css x-goog-hash crc32c=6qzuyQ==, md5=YRDcOiTJAlCGR6WCKUvMJQ== cache-control public, max-age=3600 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gJMzSwOALA2KAKICERB9ARq5ar%2BsKFjSl0GxTHVKsGXmogu7Ni3Ic00cCZFuYS4XkQ42Zk8G6R%2BFONu9zwt2T4q77OVCUE7jQFEeHeOfK7hlUgXZJ%2FMtOJS5eu1N4ZZzddx9i%2FZrgtY%3D"}],"group":"cf-nel","max_age":604800} x-goog-stored-content-length 96968 cf-ray 7bb28641181f9bfa-FRA expires Fri, 21 Apr 2023 04:26:15 GMT
GET H2	200	A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266 assets.ad4m.at/logo/ Frame AF1E	2 KB 3 KB	46ms 26ms	Image image/webp	2606:4700:20::681a:ad1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=117569%2C195016%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=300&d=250&e=&g=6c8e5ae69726dc7a6a9e6f3a90952c52%2F10327562314184052399&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1682047575141&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kcbd5ysgtxgt7zc2ze55qjj51ndsaebjakv8snz6383xzcfbfs0dtxffg1ra8v30249rkmgckrt9129rjvq3w80e2vf8yk4mges0rmgwj34vqyss9vfbfsrgfc09jmmepfd2wdkkg52v9c2118pny3063aghcvp3ngmyc4p6rx50yy0xr0nvnw4w06xd4bt6zpf0mecp9x2qxg3p1p4jej0ap146nqb47rjcc18xj5xzth6ccbz0re7fcma9b5b1bbq2kap7bys59p9abw8xkzc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCEpqiVQJCZIyOB8Tb3wOtpLz4BpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTc0MDMzMjcyNTQ4MDc3MTbIAQmpArhJv7UzZ7I-qAMBqgTCAU_QztWZlpEw3VzpNQvXrMAuCu3Y5wPF1ytdzSCvvQEoCVgQL75Z5AnunPfvD1ZbF471twWRKjGwMVU6RU2OHWIO-Op0Gl5mJRmCks97COCaNH7JEeGgIKFF-twIzgUZPQOJWYblg0_ZWrgHYPrHcWpCKO6qeFGbL0P26VwcRODP_asdSJVnANk1Yd_AMsrjcjezw6DMGL1FOImTCyNVuMlJgJEFy1OjQdZix9scsh0aRtzzH5yiqFQM9oiaciscS2kwgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_26L8L72G14jB7OIbXKoEYl3WpQWQ%2526client%253Dca-pub-7403327254807716%2526adurl%253D&y=1&s=&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 03:26:15 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 694664 cf-polished origFmt=png, origSize=9357 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2330 cf-bgj imgq:85,h2pri last-modified Thu, 08 Apr 2021 14:26:03 GMT server cloudflare etag "8cc161b392f5744da5319a4da549b763" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1h0IISHMzYftN%2F1IqzCl0z0k6clopexHv%2BnmTrARtmFBnf1RSU7G4DXtC%2FGwKPeRMnIJQzpLi6CgJ2yAp7aBJY%2FCnDxChfOJMriDnjuLPHk3wGNeZFz9%2BptoUVTAgrJLTA5DpSYDXNYg0hrP"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control public, max-age=86400 accept-ranges bytes cf-ray 7bb286413f489bd0-FRA expires Sat, 22 Apr 2023 03:26:15 GMT
GET H2	200	B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C assets.ad4m.at/product_image/ Frame AF1E	339 KB 340 KB	42ms 26ms	Image image/webp	2606:4700:20::681a:ad1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/product_image/B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=117569%2C195016%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=300&d=250&e=&g=6c8e5ae69726dc7a6a9e6f3a90952c52%2F10327562314184052399&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1682047575141&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kcbd5ysgtxgt7zc2ze55qjj51ndsaebjakv8snz6383xzcfbfs0dtxffg1ra8v30249rkmgckrt9129rjvq3w80e2vf8yk4mges0rmgwj34vqyss9vfbfsrgfc09jmmepfd2wdkkg52v9c2118pny3063aghcvp3ngmyc4p6rx50yy0xr0nvnw4w06xd4bt6zpf0mecp9x2qxg3p1p4jej0ap146nqb47rjcc18xj5xzth6ccbz0re7fcma9b5b1bbq2kap7bys59p9abw8xkzc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCEpqiVQJCZIyOB8Tb3wOtpLz4BpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTc0MDMzMjcyNTQ4MDc3MTbIAQmpArhJv7UzZ7I-qAMBqgTCAU_QztWZlpEw3VzpNQvXrMAuCu3Y5wPF1ytdzSCvvQEoCVgQL75Z5AnunPfvD1ZbF471twWRKjGwMVU6RU2OHWIO-Op0Gl5mJRmCks97COCaNH7JEeGgIKFF-twIzgUZPQOJWYblg0_ZWrgHYPrHcWpCKO6qeFGbL0P26VwcRODP_asdSJVnANk1Yd_AMsrjcjezw6DMGL1FOImTCyNVuMlJgJEFy1OjQdZix9scsh0aRtzzH5yiqFQM9oiaciscS2kwgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_26L8L72G14jB7OIbXKoEYl3WpQWQ%2526client%253Dca-pub-7403327254807716%2526adurl%253D&y=1&s=&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 42e8de9192dee3b3ee8a7529c5883dac20b868000168362d9f287125c95e18a8 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 03:26:15 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2006675 cf-polished origFmt=png, origSize=563367 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 347098 cf-bgj imgq:85,h2pri last-modified Fri, 09 Apr 2021 07:22:09 GMT server cloudflare etag "ff5ac113643d20bec15acfffe32cb75e" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9KXGPi6PIj9EItdCb4ycH1Ng6EoH75GWxn%2BOYINMmOY1BdOXGNUw7Tf%2Fvt%2BRAlaXcQFP%2BCnfYviWdLita8eIlWS9pseFMvJm4RZk5hswkUSXzbKIeXrENsm9M2SGD%2F3c53yeSeSdxF3W6BKb"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control public, max-age=86400 accept-ranges bytes cf-ray 7bb286413f449bd0-FRA expires Sat, 22 Apr 2023 03:26:15 GMT
GET H/1.1	200 OK	cshow.php www.awin1.com/ Frame AF1E	43 B 702 B	76ms 48ms	Image image/gif	23.56.205.163 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.awin1.com/cshow.php?s=2904924&v=20044&q=415363&r=412871&pv=1&pref3=oneidJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=117569%2C195016%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=300&d=250&e=&g=6c8e5ae69726dc7a6a9e6f3a90952c52%2F10327562314184052399&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1682047575141&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kcbd5ysgtxgt7zc2ze55qjj51ndsaebjakv8snz6383xzcfbfs0dtxffg1ra8v30249rkmgckrt9129rjvq3w80e2vf8yk4mges0rmgwj34vqyss9vfbfsrgfc09jmmepfd2wdkkg52v9c2118pny3063aghcvp3ngmyc4p6rx50yy0xr0nvnw4w06xd4bt6zpf0mecp9x2qxg3p1p4jej0ap146nqb47rjcc18xj5xzth6ccbz0re7fcma9b5b1bbq2kap7bys59p9abw8xkzc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCEpqiVQJCZIyOB8Tb3wOtpLz4BpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTc0MDMzMjcyNTQ4MDc3MTbIAQmpArhJv7UzZ7I-qAMBqgTCAU_QztWZlpEw3VzpNQvXrMAuCu3Y5wPF1ytdzSCvvQEoCVgQL75Z5AnunPfvD1ZbF471twWRKjGwMVU6RU2OHWIO-Op0Gl5mJRmCks97COCaNH7JEeGgIKFF-twIzgUZPQOJWYblg0_ZWrgHYPrHcWpCKO6qeFGbL0P26VwcRODP_asdSJVnANk1Yd_AMsrjcjezw6DMGL1FOImTCyNVuMlJgJEFy1OjQdZix9scsh0aRtzzH5yiqFQM9oiaciscS2kwgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_26L8L72G14jB7OIbXKoEYl3WpQWQ%2526client%253Dca-pub-7403327254807716%2526adurl%253D&y=1&s=&z=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.56.205.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-56-205-163.deploy.static.akamaitechnologies.com Software / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Pragma no-cache Date Fri, 21 Apr 2023 03:26:15 GMT Strict-Transport-Security max-age=86400 Node Helix Content-Type image/gif P3P policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV" Cache-Control no-store, no-cache, max-age=0, must-revalidate Awin-Akamai-Rule-Set default Connection keep-alive Content-Length 43 Expires 0
GET H2	200	D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155 assets.ad4m.at/logo/ Frame AF1E	53 KB 54 KB	32ms 16ms	Image image/webp	2606:4700:20::681a:ad1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=117569%2C195016%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=300&d=250&e=&g=6c8e5ae69726dc7a6a9e6f3a90952c52%2F10327562314184052399&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1682047575141&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kcbd5ysgtxgt7zc2ze55qjj51ndsaebjakv8snz6383xzcfbfs0dtxffg1ra8v30249rkmgckrt9129rjvq3w80e2vf8yk4mges0rmgwj34vqyss9vfbfsrgfc09jmmepfd2wdkkg52v9c2118pny3063aghcvp3ngmyc4p6rx50yy0xr0nvnw4w06xd4bt6zpf0mecp9x2qxg3p1p4jej0ap146nqb47rjcc18xj5xzth6ccbz0re7fcma9b5b1bbq2kap7bys59p9abw8xkzc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCEpqiVQJCZIyOB8Tb3wOtpLz4BpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTc0MDMzMjcyNTQ4MDc3MTbIAQmpArhJv7UzZ7I-qAMBqgTCAU_QztWZlpEw3VzpNQvXrMAuCu3Y5wPF1ytdzSCvvQEoCVgQL75Z5AnunPfvD1ZbF471twWRKjGwMVU6RU2OHWIO-Op0Gl5mJRmCks97COCaNH7JEeGgIKFF-twIzgUZPQOJWYblg0_ZWrgHYPrHcWpCKO6qeFGbL0P26VwcRODP_asdSJVnANk1Yd_AMsrjcjezw6DMGL1FOImTCyNVuMlJgJEFy1OjQdZix9scsh0aRtzzH5yiqFQM9oiaciscS2kwgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_26L8L72G14jB7OIbXKoEYl3WpQWQ%2526client%253Dca-pub-7403327254807716%2526adurl%253D&y=1&s=&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 03:26:15 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 296136 cf-polished origFmt=png, origSize=115129 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 54564 cf-bgj imgq:85,h2pri last-modified Tue, 09 Feb 2021 15:11:24 GMT server cloudflare etag "0a277d59efca0369a6983645e273659e" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pBZCQQ19zpQOL81SFh5hHNenzT2OaqT%2BsZrplVBvuefEGMywKI5jdhREGddKaqJALCCq7XXzDzaBhNe0vAklRFpu%2FAQiu6Qv2OTidofdFgtt6RiYJDxbc8DAX9k0ISCtnvT0BgfRCeLHR6Hc"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control public, max-age=86400 accept-ranges bytes cf-ray 7bb286413f499bd0-FRA expires Sat, 22 Apr 2023 03:26:15 GMT
GET H2	200	0F1A9149B0506C8C1F1D1F27788DFE572ED80D70826E34AA54862ECE67BA7FF050878AC4EAD3B3BA71723C609CC8F5A5EB4EC344BC89C06A1A29A395A2C8C69D assets.ad4m.at/ Frame AF1E	22 KB 23 KB	41ms 26ms	Image image/webp	2606:4700:20::681a:ad1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/0F1A9149B0506C8C1F1D1F27788DFE572ED80D70826E34AA54862ECE67BA7FF050878AC4EAD3B3BA71723C609CC8F5A5EB4EC344BC89C06A1A29A395A2C8C69D Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=117569%2C195016%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=300&d=250&e=&g=6c8e5ae69726dc7a6a9e6f3a90952c52%2F10327562314184052399&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1682047575141&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kcbd5ysgtxgt7zc2ze55qjj51ndsaebjakv8snz6383xzcfbfs0dtxffg1ra8v30249rkmgckrt9129rjvq3w80e2vf8yk4mges0rmgwj34vqyss9vfbfsrgfc09jmmepfd2wdkkg52v9c2118pny3063aghcvp3ngmyc4p6rx50yy0xr0nvnw4w06xd4bt6zpf0mecp9x2qxg3p1p4jej0ap146nqb47rjcc18xj5xzth6ccbz0re7fcma9b5b1bbq2kap7bys59p9abw8xkzc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCEpqiVQJCZIyOB8Tb3wOtpLz4BpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTc0MDMzMjcyNTQ4MDc3MTbIAQmpArhJv7UzZ7I-qAMBqgTCAU_QztWZlpEw3VzpNQvXrMAuCu3Y5wPF1ytdzSCvvQEoCVgQL75Z5AnunPfvD1ZbF471twWRKjGwMVU6RU2OHWIO-Op0Gl5mJRmCks97COCaNH7JEeGgIKFF-twIzgUZPQOJWYblg0_ZWrgHYPrHcWpCKO6qeFGbL0P26VwcRODP_asdSJVnANk1Yd_AMsrjcjezw6DMGL1FOImTCyNVuMlJgJEFy1OjQdZix9scsh0aRtzzH5yiqFQM9oiaciscS2kwgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_26L8L72G14jB7OIbXKoEYl3WpQWQ%2526client%253Dca-pub-7403327254807716%2526adurl%253D&y=1&s=&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5f73dbf0c52edb570d0ad16efccefa6a5f8d053719c2cc827cd69148fede6aa4 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 03:26:15 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2522073 cf-polished qual=85, origFmt=jpeg, origSize=60344 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 22974 cf-bgj imgq:85,h2pri last-modified Wed, 22 Mar 2023 22:20:34 GMT server cloudflare etag "06609266defcd14ec685b2464aeced2e" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N0zsyncRWFjdx4a0N%2BoFs%2FR4xYPJFyy7WtOQx61b0kigkx6gIlmnAjTUx9HXNmW2BqKLlfle%2BRrlcv%2Fy7VUbJPe%2BiFvr3Lz40kzy2XfCI17uAFjcNozORGlB8JwRuLZAyOTFkk2owHsvmrPP"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control public, max-age=86400 accept-ranges bytes cf-ray 7bb286413f469bd0-FRA expires Sat, 22 Apr 2023 03:26:15 GMT
GET H/1.1	200 OK	/ partner.o2online.de/a/ Frame AF1E Redirect Chain https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t... https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CNH148GDuv4CFQ2FgwcdiQIECA;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=... https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=mm_SUBIDTEST_view https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=mm_SUBIDTEST_view https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023042105261584133024565X117703V1226132702MSmm_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=202304...	49 B 1 KB	80ms 33ms	Image image/gif	167.233.13.224 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023042105261584133024565X117703V1226132702MSmm_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=2023042105261584133024565X117703V1226132702MSmm_SUBIDTEST_view&wfid=117703&partnerid=12218 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=117569%2C195016%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=300&d=250&e=&g=6c8e5ae69726dc7a6a9e6f3a90952c52%2F10327562314184052399&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1682047575141&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kcbd5ysgtxgt7zc2ze55qjj51ndsaebjakv8snz6383xzcfbfs0dtxffg1ra8v30249rkmgckrt9129rjvq3w80e2vf8yk4mges0rmgwj34vqyss9vfbfsrgfc09jmmepfd2wdkkg52v9c2118pny3063aghcvp3ngmyc4p6rx50yy0xr0nvnw4w06xd4bt6zpf0mecp9x2qxg3p1p4jej0ap146nqb47rjcc18xj5xzth6ccbz0re7fcma9b5b1bbq2kap7bys59p9abw8xkzc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCEpqiVQJCZIyOB8Tb3wOtpLz4BpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTc0MDMzMjcyNTQ4MDc3MTbIAQmpArhJv7UzZ7I-qAMBqgTCAU_QztWZlpEw3VzpNQvXrMAuCu3Y5wPF1ytdzSCvvQEoCVgQL75Z5AnunPfvD1ZbF471twWRKjGwMVU6RU2OHWIO-Op0Gl5mJRmCks97COCaNH7JEeGgIKFF-twIzgUZPQOJWYblg0_ZWrgHYPrHcWpCKO6qeFGbL0P26VwcRODP_asdSJVnANk1Yd_AMsrjcjezw6DMGL1FOImTCyNVuMlJgJEFy1OjQdZix9scsh0aRtzzH5yiqFQM9oiaciscS2kwgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_26L8L72G14jB7OIbXKoEYl3WpQWQ%2526client%253Dca-pub-7403327254807716%2526adurl%253D&y=1&s=&z=0 Protocol HTTP/1.1 Server 167.233.13.224 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.224.13.233.167.clients.your-server.de Software nginx/1.14.0 (Ubuntu) / Resource Hash 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Date Fri, 21 Apr 2023 03:26:15 GMT X-NODEIP 46.4.41.145 Server nginx/1.14.0 (Ubuntu) RM-PrivacyPolicy https://www.nonstoppartner.net/ Content-Type image/gif P3P policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP" Connection keep-alive Keep-Alive timeout=10 Content-Length 49 Redirect headers location https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023042105261584133024565X117703V1226132702MSmm_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=2023042105261584133024565X117703V1226132702MSmm_SUBIDTEST_view&wfid=117703&partnerid=12218 date Fri, 21 Apr 2023 03:26:15 GMT x-content-type-options nosniff server nginx x-xss-protection 1; mode=block content-type text/html; charset=UTF-8
GET H2	200	C3FCB3AB04505A8F1D79D1D5953F5207FE6F49EF4C517E920A79B423A52F9E2DCCD658FDD21E3D8209A640CEE47D02AAD52D272924710EAE6BAB80FD9B483022 assets.ad4m.at/logo/ Frame AF1E	5 KB 5 KB	30ms 14ms	Image image/webp	2606:4700:20::681a:ad1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/logo/C3FCB3AB04505A8F1D79D1D5953F5207FE6F49EF4C517E920A79B423A52F9E2DCCD658FDD21E3D8209A640CEE47D02AAD52D272924710EAE6BAB80FD9B483022 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=117569%2C195016%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=300&d=250&e=&g=6c8e5ae69726dc7a6a9e6f3a90952c52%2F10327562314184052399&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1682047575141&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kcbd5ysgtxgt7zc2ze55qjj51ndsaebjakv8snz6383xzcfbfs0dtxffg1ra8v30249rkmgckrt9129rjvq3w80e2vf8yk4mges0rmgwj34vqyss9vfbfsrgfc09jmmepfd2wdkkg52v9c2118pny3063aghcvp3ngmyc4p6rx50yy0xr0nvnw4w06xd4bt6zpf0mecp9x2qxg3p1p4jej0ap146nqb47rjcc18xj5xzth6ccbz0re7fcma9b5b1bbq2kap7bys59p9abw8xkzc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCEpqiVQJCZIyOB8Tb3wOtpLz4BpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTc0MDMzMjcyNTQ4MDc3MTbIAQmpArhJv7UzZ7I-qAMBqgTCAU_QztWZlpEw3VzpNQvXrMAuCu3Y5wPF1ytdzSCvvQEoCVgQL75Z5AnunPfvD1ZbF471twWRKjGwMVU6RU2OHWIO-Op0Gl5mJRmCks97COCaNH7JEeGgIKFF-twIzgUZPQOJWYblg0_ZWrgHYPrHcWpCKO6qeFGbL0P26VwcRODP_asdSJVnANk1Yd_AMsrjcjezw6DMGL1FOImTCyNVuMlJgJEFy1OjQdZix9scsh0aRtzzH5yiqFQM9oiaciscS2kwgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_26L8L72G14jB7OIbXKoEYl3WpQWQ%2526client%253Dca-pub-7403327254807716%2526adurl%253D&y=1&s=&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9c63890b7f3f2e513fa085cd7b198f9ab91721a9e8aa7180806ff4aa7b4089a4 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 03:26:15 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 35520 cf-polished origFmt=png, origSize=10283 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 4736 cf-bgj imgq:85,h2pri last-modified Thu, 06 Apr 2023 12:21:02 GMT server cloudflare etag "b90d04a587c2a1ab6749e51d8bb195d1" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e8g8VSkt8RcrmhJPQ%2ButLMkiLBCsiLkdbiiLZqF5f7pMGChEKXBPDHH18C%2BToZTcYfr%2BBpBzU3%2BE8yk2TbMDpLWBlUzUH2AqXMsS4M6CMhmOpi3RcBzsExZNPPtu03khWWhh1TG6iiGYU8RR"}],"group":"cf-nel","max_age":604800} content-type image/webp cache-control public, max-age=86400 accept-ranges bytes cf-ray 7bb286413f429bd0-FRA expires Sat, 22 Apr 2023 03:26:15 GMT
GET H2	200	A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75 assets.ad4m.at/product_image/ Frame AF1E	91 KB 91 KB	36ms 21ms	Image image/png	2606:4700:20::681a:ad1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/product_image/A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=117569%2C195016%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=300&d=250&e=&g=6c8e5ae69726dc7a6a9e6f3a90952c52%2F10327562314184052399&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1682047575141&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kcbd5ysgtxgt7zc2ze55qjj51ndsaebjakv8snz6383xzcfbfs0dtxffg1ra8v30249rkmgckrt9129rjvq3w80e2vf8yk4mges0rmgwj34vqyss9vfbfsrgfc09jmmepfd2wdkkg52v9c2118pny3063aghcvp3ngmyc4p6rx50yy0xr0nvnw4w06xd4bt6zpf0mecp9x2qxg3p1p4jej0ap146nqb47rjcc18xj5xzth6ccbz0re7fcma9b5b1bbq2kap7bys59p9abw8xkzc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCEpqiVQJCZIyOB8Tb3wOtpLz4BpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTc0MDMzMjcyNTQ4MDc3MTbIAQmpArhJv7UzZ7I-qAMBqgTCAU_QztWZlpEw3VzpNQvXrMAuCu3Y5wPF1ytdzSCvvQEoCVgQL75Z5AnunPfvD1ZbF471twWRKjGwMVU6RU2OHWIO-Op0Gl5mJRmCks97COCaNH7JEeGgIKFF-twIzgUZPQOJWYblg0_ZWrgHYPrHcWpCKO6qeFGbL0P26VwcRODP_asdSJVnANk1Yd_AMsrjcjezw6DMGL1FOImTCyNVuMlJgJEFy1OjQdZix9scsh0aRtzzH5yiqFQM9oiaciscS2kwgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_26L8L72G14jB7OIbXKoEYl3WpQWQ%2526client%253Dca-pub-7403327254807716%2526adurl%253D&y=1&s=&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c3222903b284496abdef15963fa04202511e222f17463bcd9d756e26e1effa08 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 03:26:15 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 61747 cf-polished origSize=105738, status=vary_header_present alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 92686 cf-bgj imgq:85,h2pri last-modified Mon, 04 Jul 2022 08:55:40 GMT server cloudflare etag "147be38db57f89c69c9e65b05983ff0e" vary X-Goog-Allowed-Resources, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=caD1n%2BLjfj%2BMkTq4JxEE0kv2%2BbP47mqe0krN9ddNPDEnQKTQeBUxLWeTC8KhZVxAVXofi1SnrlEvKwhakm2fTUlpy0wTgoT%2FznuyFq3vWm7QBjwDPrIcjgI5kOc6NMVp3UFLV6t%2BK%2FzymINy"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=86400 accept-ranges bytes cf-ray 7bb286413f3f9bd0-FRA expires Sat, 22 Apr 2023 03:26:15 GMT
GET H2	429	link.html track.webgains.com/ Frame AF1E	0 0	113ms 38ms	Script text/html	18.132.51.149 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1k56fe03sjhbxg96n827f3my532zexm1j1vzam880ymw5fea1ky1wcpc1p9k5cc7336vkqn1rntn1386ye3eeanqptq6q8psqwtw30bvjxd9fvtdzv5ds8y7cwx894na8jrpg941sqm76phhmy1e39j255xks0c02nmsy81mat1d28teynr86z4fhh1zkg1hdnywd50hcaa5mbbja9vjsd75v22rhe6y1rjfsd09grae4r9vc4hp0e2g9tvrhq42t48g4%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kcbd5ysgtxgt7zc2ze55qjj51ndsaebjakv8snz6383xzcfbfs0dtxffg1ra8v30249rkmgckrt9129rjvq3w80e2vf8yk4mges0rmgwj34vqyss9vfbfsrgfc09jmmepfd2wdkkg52v9c2118pny3063aghcvp3ngmyc4p6rx50yy0xr0nvnw4w06xd4bt6zpf0mecp9x2qxg3p1p4jej0ap146nqb47rjcc18xj5xzth6ccbz0re7fcma9b5b1bbq2kap7bys59p9abw8xkzc%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCEpqiVQJCZIyOB8Tb3wOtpLz4BpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTc0MDMzMjcyNTQ4MDc3MTbIAQmpArhJv7UzZ7I-qAMBqgTCAU_QztWZlpEw3VzpNQvXrMAuCu3Y5wPF1ytdzSCvvQEoCVgQL75Z5AnunPfvD1ZbF471twWRKjGwMVU6RU2OHWIO-Op0Gl5mJRmCks97COCaNH7JEeGgIKFF-twIzgUZPQOJWYblg0_ZWrgHYPrHcWpCKO6qeFGbL0P26VwcRODP_asdSJVnANk1Yd_AMsrjcjezw6DMGL1FOImTCyNVuMlJgJEFy1OjQdZix9scsh0aRtzzH5yiqFQM9oiaciscS2kwgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_26L8L72G14jB7OIbXKoEYl3WpQWQ%252526client%25253Dca-pub-7403327254807716%252526adurl%25253D&clickref=oneidWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8Woneid__suite_Netmix_Reach121_BESTPERFORMER&viewref=oneid3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=117569%2C195016%2C197862&b=JMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY%2C51gtXfEfW2GVFpH7HMt3tEE1cYSVTppjSx5gA%2C3qjcpf4fXWQdC7HrHAtEtrQ4XsPSWTKKMsg2Y3&f=G1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M%2CpkDa1fgf9zmRtkH4HmtJCQQBF9SRT88RcwqG4%2CWPefrfdfZbxRaYH5HjtDC8qQ7u3SETVVmU9Q8W&c=300&d=250&e=&g=6c8e5ae69726dc7a6a9e6f3a90952c52%2F10327562314184052399&i=29981%2C20774%2C71725&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1682047575141&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kcbd5ysgtxgt7zc2ze55qjj51ndsaebjakv8snz6383xzcfbfs0dtxffg1ra8v30249rkmgckrt9129rjvq3w80e2vf8yk4mges0rmgwj34vqyss9vfbfsrgfc09jmmepfd2wdkkg52v9c2118pny3063aghcvp3ngmyc4p6rx50yy0xr0nvnw4w06xd4bt6zpf0mecp9x2qxg3p1p4jej0ap146nqb47rjcc18xj5xzth6ccbz0re7fcma9b5b1bbq2kap7bys59p9abw8xkzc%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCEpqiVQJCZIyOB8Tb3wOtpLz4BpDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTc0MDMzMjcyNTQ4MDc3MTbIAQmpArhJv7UzZ7I-qAMBqgTCAU_QztWZlpEw3VzpNQvXrMAuCu3Y5wPF1ytdzSCvvQEoCVgQL75Z5AnunPfvD1ZbF471twWRKjGwMVU6RU2OHWIO-Op0Gl5mJRmCks97COCaNH7JEeGgIKFF-twIzgUZPQOJWYblg0_ZWrgHYPrHcWpCKO6qeFGbL0P26VwcRODP_asdSJVnANk1Yd_AMsrjcjezw6DMGL1FOImTCyNVuMlJgJEFy1OjQdZix9scsh0aRtzzH5yiqFQM9oiaciscS2kwgAa1_JHwlYSy7-IBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_26L8L72G14jB7OIbXKoEYl3WpQWQ%2526client%253Dca-pub-7403327254807716%2526adurl%253D&y=1&s=&z=0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.132.51.149 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-132-51-149.eu-west-2.compute.amazonaws.com Software awselb/2.0 / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 03:26:15 GMT server awselb/2.0 content-length 45 content-type text/html
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 8B93	42 B 64 B	74ms 72ms	Fetch image/gif	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuUSQ6PIBmVIAjFzd9i-mcShZpNoKayNJwN0Lu8PeMGCSzxfqcL6MVOZr5e24DWPUxXRzhz0EUspaPwmJKyjPAic_ZZ7XZ-yNmRnQJXEk6wWikzePxRqZNqoBBI06BzZA3TgpDlfw&sai=AMfl-YQ_8qkf2fDoYz3wK3MonJrIZYxDU6nxnRqm-K5bhVdJYfofp1UE9hRznksbwCj2fSGjdU0tW9UWBC__&sig=Cg0ArKJSzEXdHl1apZilEAE&cid=CAQSGwBygQiDFxhFFxUaC4Vy4OosMs16L7bBKYDQtRgB&id=lidar2&mcvt=1001&p=0,0,124,1005&mtos=573,1001,1001,1001,1001&tos=573,428,0,0,0&v=20230419&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1682047573266&rpt=998&met=mue&wmsd=0&pbe=0&vae=0&spb=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Fri, 21 Apr 2023 03:26:15 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	CJVz-q1y4QcI86kHGme05ne9YeJsi3pnNRBXtIEru_s.js Show response pagead2.googlesyndication.com/bg/ Frame 6029	36 KB 14 KB	38ms 36ms	Script text/javascript	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/CJVz-q1y4QcI86kHGme05ne9YeJsi3pnNRBXtIEru_s.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 089573faad72e10708f3a9071a67b4e677bd61e26c8b7a67351057b4812bbbfb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 18 Apr 2023 06:46:42 GMT content-encoding br x-content-type-options nosniff age 247173 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14219 x-xss-protection 0 last-modified Mon, 17 Apr 2023 14:08:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 17 Apr 2024 06:46:42 GMT
GET H2	200	c.gif c.clarity.ms/ Redirect Chain https://c.clarity.ms/c.gif https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=498AC3FD68064DC99807D93859A97EDF&RedC=c.clarity.ms&MXFR=3BF39F6A1EB269FD3AAB8D901AB26719 https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=498AC3FD68064DC99807D93859A97EDF&MUID=24FE074FBFA96ADE033315B5BEC26B4B	42 B 444 B	29ms 28ms	Image image/gif	68.219.88.97 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=498AC3FD68064DC99807D93859A97EDF&MUID=24FE074FBFA96ADE033315B5BEC26B4B Protocol H2 Server 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12 Request headers accept-language de-DE,de;q=0.9 Referer https://www.firmasec.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Fri, 21 Apr 2023 03:26:15 GMT last-modified Wed, 19 Apr 2023 15:34:17 GMT server Microsoft-IIS/10.0 etag "f5c05c67d472d91:0" x-powered-by ASP.NET content-type image/gif p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" cache-control private, no-cache, proxy-revalidate, no-store accept-ranges bytes content-length 42 Redirect headers pragma no-cache date Fri, 21 Apr 2023 03:26:15 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: EE5EC1167EEC4480A2C37376CA19056C Ref B: FRAEDGE1522 Ref C: 2023-04-21T03:26:15Z x-powered-by ASP.NET x-cache CONFIG_NOCACHE p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" location https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=498AC3FD68064DC99807D93859A97EDF&MUID=24FE074FBFA96ADE033315B5BEC26B4B cache-control private, no-cache, proxy-revalidate, no-store content-length 0
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/	15 KB 11 KB	86ms 86ms	XHR application/json	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230418&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304110102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7403327254807716&plah=www.firmasec.com&bust=31074010 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7229dee0df1347c94de2fe4e6d270f31d3c65dfb21f1cb1d4223f558b02d3d52 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.firmasec.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 03:26:15 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11369 x-xss-protection 0
GET H3	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 6 KB	306ms 306ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304110102/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7403327254807716&plah=www.firmasec.com&bust=31074010 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.firmasec.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 03:26:15 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Fri, 21 Apr 2023 03:26:15 GMT
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3360	13 KB 5 KB	38ms 37ms	Document text/html	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.firmasec.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 17657 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Thu, 20 Apr 2023 22:31:59 GMT expires Fri, 19 Apr 2024 22:31:59 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	aframe Show response www.google.com/recaptcha/api2/ Frame F849	783 B 535 B	54ms 45ms	Document text/html	2a00:1450:4001:828::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash d97894bdd499893b2bb44476991368d4e3edf1b1d788bcbe096d9ba4eaa73794 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-IIVmCKnPv_hgJOjhNYXUAg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.firmasec.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-length 513 content-security-policy script-src 'report-sample' 'nonce-IIVmCKnPv_hgJOjhNYXUAg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Fri, 21 Apr 2023 03:26:16 GMT expires Fri, 21 Apr 2023 03:26:16 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	CJVz-q1y4QcI86kHGme05ne9YeJsi3pnNRBXtIEru_s.js Show response pagead2.googlesyndication.com/bg/ Frame 3360	36 KB 14 KB	36ms 35ms	Script text/javascript	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/CJVz-q1y4QcI86kHGme05ne9YeJsi3pnNRBXtIEru_s.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 089573faad72e10708f3a9071a67b4e677bd61e26c8b7a67351057b4812bbbfb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Tue, 18 Apr 2023 06:46:42 GMT content-encoding br x-content-type-options nosniff age 247174 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14219 x-xss-protection 0 last-modified Mon, 17 Apr 2023 14:08:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 17 Apr 2024 06:46:42 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame F849	0 0	70ms 69ms	Image text/html	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230418&jk=2192333139131729&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame 3360	0 11 B	39ms 38ms	Image text/plain	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?m9Spyw Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Fri, 21 Apr 2023 03:26:16 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
POST H2	204	csi csi.gstatic.com/ Frame C453	0 54 B	26ms 25ms	Ping image/gif	2001:4860:4802:32::3 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lgpzp2ud&c=4951625908278&slotId=2475812954139&qqid=CJThpMCDuv4CFRfQdwodNHcJQw&umsem=0&ple=1&ape=1 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/mysidia/1ba75d3cdd2ac554b0602e2cb4c3eedf.js?tag=gpa/dynamic_fig_web_banner_v2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Fri, 21 Apr 2023 03:26:16 GMT last-modified Wed, 21 Jan 2004 19:51:30 GMT server Golfe2 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/	0 0	72ms 71ms	Image text/html	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230418&jk=2192333139131729&bg=!1tWl1YHNAAYfNdXmPzU7ADkAdvg8WqW3JvowGeO-G6zHpZiii7LeuhHoJadMGv8KJ1xpR3uFqiN-lWEmhV_JyVz8ogEEKfPcpdgCAAAAi1IAAAAEaAEHCgCSsU--DEoKv8g51yDPrJRdSdLUFhqg7p6QLA54YXaNdfI1LSK4iMAt6zcJOPBzxppXtoy6w6zVMHP2-S5nPY9BzY25YDHV8uKYcKVGmgiRjhZr4Bq00zO_rhPkAirTIlYw5PkcrNaciMshSaIyYwwSjYI-UeeYEKVD6pVRqwtDXhW9jsLyjmcWYHdWPBetFh0TLJGZAudK2-CAtkSBKka5YTgh36KwdUWhCMt5y2CH9EykNckQwdq_Rlw9792gS8PKZV11AaIH9QubTcvd_VpP6sAejExCH0u5-dqIP4vtbcheufP3JFz9x0VzXuCLNT0_bhwq9bVLgjoF8HJN-2xzeRN4WKF18Abrr54XLOwe6QFqdRacqmYH7MoIxP0hFXo5uo6QpTno4Gku9Q_eobiX1eTHBlmyrA5ZY0NZ5MLVDFKJa5kyFquz19U5NIiZ8aGK64woyS9GkQeJhvU-6zWjgeiC2UN6vBwgvF20MGwhgVmEyiKgPqKcO5ET0Op8MEzligxn4b6AQ5Tg1q2-vK6XIeVYTTLlDLgL9AlVl1NfPTJaKajwHNnhMfhEgBGaFk0kzDrQh5PCW7ZCe1jQDQSR8ss5RtviFiqMokeOlP_B1uI7lNTMV2_fSifitoI1xEk6jJals0zPwZSmNYLGDVVC_DAOgquPbT0KjlOsx6WNZON67tFS7l_JIWYIBKtKQp2VQW7kyRbxweKy_2RltgOvhIR4wSljFB_yvMPkwGseS8vNjBPz5IBVVeTn1_CrtHFgRrU2BxmMTTOYFsvncH-L19XzjrqKhWjBCn0bI3JgbvB1NWvzcRIgQtDGjCOSe2FxiVtZW-ECw1YWqbkFAmLFLh_wRasZ-BUUkaqK9Ndod_RnMW1qhNRCNqZuxwun-4vgwA8sMAk87s3d09Lz8rPS84Gexf7EvV57LkXyq97SuRFU8h_c6VZ-iLavQ2WExb-w3YQdgpRc4hy5Ee4UqjsZgtYDGbShxq9tdwzCe9QPPe0SQ2s04EbtHczV5S-wGkJFzIjg4DSXnL7lv924I9iji-1Rd8axweHmOIeKkJS3iC7AlEfDOERdsmDUwPta9waLXJ9OazP5MKOnOHo2eWipWJnfEpOeIK_1Hd5khQB3WyHoRAxfZxk-ayDZptodiwo82j-vX3_I3Zm2Lw4XTmgITcCfu3nuCkVH4_nEaA Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.firmasec.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers
POST H/1.1	204 No Content	collect Show response y.clarity.ms/	0 296 B	91ms 91ms	XHR text/plain	104.211.35.148 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://y.clarity.ms/collect Requested by Host: www.clarity.ms URL: https://www.clarity.ms/s/0.7.6/clarity.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.211.35.148 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/x-clarity-gzip Referer https://www.firmasec.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Access-Control-Allow-Origin https://www.firmasec.com Date Fri, 21 Apr 2023 03:26:18 GMT Access-Control-Allow-Credentials true Server nginx/1.18.0 (Ubuntu) Connection keep-alive Vary Origin Request-Context appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0