urlscan.io logo urlscan.io
SecurityTrails logo

192-168-1-1ip.biz Open in urlscan Pro
104.21.2.152  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.routerlogin.cloud/
Effective URL: https://192-168-1-1ip.biz/
Submission: On September 11 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 4 countries across 15 domains to perform 112 HTTP transactions. The main IP is 104.21.2.152, located in and belongs to CLOUDFLARENET, US. The main domain is 192-168-1-1ip.biz.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 11th 2021. Valid for: a year.
This is the only time 192-168-1-1ip.biz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 172.67.178.250 13335 (CLOUDFLAR...)
1 1 104.21.19.118 13335 (CLOUDFLAR...)
1 1 172.67.167.86 13335 (CLOUDFLAR...)
5 104.21.2.152 13335 (CLOUDFLAR...)
15 142.250.176.194 15169 (GOOGLE)
1 64.233.167.95 15169 (GOOGLE)
1 104.21.34.18 13335 (CLOUDFLAR...)
1 151.101.13.229 54113 (FASTLY)
3 9 93.158.134.119 208722 (YNDX)
1 2 154.47.36.144 174 (COGENT-174)
20 74.125.140.155 15169 (GOOGLE)
1 74.125.206.154 15169 (GOOGLE)
2 74.125.140.154 15169 (GOOGLE)
6 108.177.15.156 15169 (GOOGLE)
8 64.233.184.94 15169 (GOOGLE)
3 142.250.13.95 15169 (GOOGLE)
39 74.125.206.132 15169 (GOOGLE)
5 6 142.251.32.100 15169 (GOOGLE)
2 142.250.80.99 15169 (GOOGLE)
112 17
1    172.67.178.250 (United States)

ASN13335 (CLOUDFLARENET, US)
www.routerlogin.cloud
1    104.21.19.118 (None, )

ASN13335 (CLOUDFLARENET, US)
routerlogin.life
1    172.67.167.86 (United States)

ASN13335 (CLOUDFLARENET, US)
19216811.site
5    104.21.2.152 (None, )

ASN13335 (CLOUDFLARENET, US)
192-168-1-1ip.biz
15    142.250.176.194 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f2.1e100.net
pagead2.googlesyndication.com
1    64.233.167.95 (United States)

ASN15169 (GOOGLE, US)
PTR: wl-in-f95.1e100.net
ajax.googleapis.com
1    104.21.34.18 (None, )

ASN13335 (CLOUDFLARENET, US)
cookieinfoscript.com
1    151.101.13.229 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
9    93.158.134.119 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
PTR: mc.yandex.ru
mc.yandex.ru
2    154.47.36.144 (United States)

ASN174 (COGENT-174, US)
mc.webvisor.org
20    74.125.140.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wq-in-f155.1e100.net
googleads.g.doubleclick.net
1    74.125.206.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wk-in-f154.1e100.net
partner.googleadservices.com
2    74.125.140.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wq-in-f154.1e100.net
adservice.google.com
6    108.177.15.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wr-in-f156.1e100.net
www.googletagservices.com
8    64.233.184.94 (United States)

ASN15169 (GOOGLE, US)
PTR: wa-in-f94.1e100.net
www.gstatic.com
fonts.gstatic.com
3    142.250.13.95 (United States)

ASN15169 (GOOGLE, US)
PTR: we-in-f95.1e100.net
fonts.googleapis.com
39    74.125.206.132 (United States)

ASN15169 (GOOGLE, US)
PTR: wk-in-f132.1e100.net
tpc.googlesyndication.com
6    142.251.32.100 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f4.1e100.net
www.google.com
2    142.250.80.99 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f3.1e100.net
p4-anaqvzjzmcnc4-6rbfrtxopvlsb25r-if-v6exp3-v4.metric.gstatic.com
Domain Requested by
39 tpc.googlesyndication.com googleads.g.doubleclick.net
192-168-1-1ip.biz
tpc.googlesyndication.com
pagead2.googlesyndication.com
20 googleads.g.doubleclick.net pagead2.googlesyndication.com
192-168-1-1ip.biz
googleads.g.doubleclick.net
15 pagead2.googlesyndication.com 192-168-1-1ip.biz
pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
9 mc.yandex.ru 3 redirects 192-168-1-1ip.biz
cdn.jsdelivr.net
6 www.google.com 5 redirects tpc.googlesyndication.com
6 www.gstatic.com googleads.g.doubleclick.net
6 www.googletagservices.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
5 192-168-1-1ip.biz 192-168-1-1ip.biz
3 fonts.googleapis.com googleads.g.doubleclick.net
2 p4-anaqvzjzmcnc4-6rbfrtxopvlsb25r-if-v6exp3-v4.metric.gstatic.com googleads.g.doubleclick.net
p4-anaqvzjzmcnc4-6rbfrtxopvlsb25r-if-v6exp3-v4.metric.gstatic.com
2 fonts.gstatic.com fonts.googleapis.com
2 adservice.google.com pagead2.googlesyndication.com
2 mc.webvisor.org 1 redirects 192-168-1-1ip.biz
1 partner.googleadservices.com pagead2.googlesyndication.com
1 cdn.jsdelivr.net 192-168-1-1ip.biz
1 cookieinfoscript.com 192-168-1-1ip.biz
1 ajax.googleapis.com 192-168-1-1ip.biz
1 19216811.site 1 redirects
1 routerlogin.life 1 redirects
1 www.routerlogin.cloud 1 redirects
112 20

This site contains links to these domains. Also see Links.

Domain
192.168.1.1
192.168.0.1
wikipedia.org
cookieinfoscript.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-11 -
2022-06-10		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-08-23 -
2021-11-15		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-30 -
2022-06-01		 a year crt.sh
mc.yandex.ru
Yandex CA		 2021-07-28 -
2022-01-07		 5 months crt.sh
mc.webvisor.com
Yandex CA		 2021-08-20 -
2022-02-11		 6 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh

This page contains 22 frames:

Primary Page: https://192-168-1-1ip.biz/
Frame ID: 8FCE019C9C46399DAC4DAB71CD2FD18F
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20190131/zrt_lookup.html
Frame ID: 6092BDC9D00DAF370D9436F18A5051E7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8702107765465423&output=html&h=280&slotname=3950498584&adk=457981418&adf=721852255&pi=t.ma~as.3950498584&w=998&fwrn=1&fwrnh=100&lmt=1629061041&rafmt=1&psa=0&format=998x280&url=https%3A%2F%2F192-168-1-1ip.biz%2F&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631399512933&bpp=3&bdt=541&idt=392&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&correlator=5088536934191&frm=20&pv=2&ga_vid=1229086205.1631399513&ga_sid=1631399513&ga_hid=94265985&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=301&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422%2C31062297&oid=3&pvsid=1434251097192998&pem=606&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=7PotcJhml4&p=https%3A//192-168-1-1ip.biz&dtd=406
Frame ID: EE653EA0566E094B5C7589739E6D6206
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8702107765465423&output=html&h=280&slotname=3950498584&adk=3319425727&adf=1347063062&pi=t.ma~as.3950498584&w=686&fwrn=1&fwrnh=100&lmt=1629061041&rafmt=1&psa=0&format=686x280&url=https%3A%2F%2F192-168-1-1ip.biz%2F&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631399512936&bpp=1&bdt=544&idt=409&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280&correlator=5088536934191&frm=20&pv=1&ga_vid=1229086205.1631399513&ga_sid=1631399513&ga_hid=94265985&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=301&ady=812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422%2C31062297&oid=3&pvsid=1434251097192998&pem=606&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3JwqZnime6&p=https%3A//192-168-1-1ip.biz&dtd=411
Frame ID: 923568A4B76364347B58ED8FF0B96B60
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8702107765465423&output=html&h=600&slotname=8089993801&adk=99382339&adf=3234323087&pi=t.ma~as.8089993801&w=240&fwrn=1&fwrnh=100&lmt=1629061041&rafmt=1&psa=0&format=240x600&url=https%3A%2F%2F192-168-1-1ip.biz%2F&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631399512937&bpp=1&bdt=545&idt=413&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280%2C686x280&correlator=5088536934191&frm=20&pv=1&ga_vid=1229086205.1631399513&ga_sid=1631399513&ga_hid=94265985&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1059&ady=443&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422%2C31062297&oid=3&pvsid=1434251097192998&pem=606&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=GOvEWkCT8m&p=https%3A//192-168-1-1ip.biz&dtd=416
Frame ID: 19E98821822E41253B42B08D2FF43329
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8702107765465423&output=html&adk=1812271804&adf=3025194257&lmt=1629061041&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2F192-168-1-1ip.biz%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631399512947&bpp=1&bdt=556&idt=409&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280%2C686x280%2C240x600&nras=1&correlator=5088536934191&frm=20&pv=1&ga_vid=1229086205.1631399513&ga_sid=1631399513&ga_hid=94265985&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422%2C31062297&oid=3&pvsid=1434251097192998&pem=606&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=414
Frame ID: CCE91BC7379E1B343CD3751B30C7CEB4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18205080945073067104/index.html
Frame ID: 3BDACE91C7F53E46BF5E701A2563D8F9
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CDcR8WS49Yej2F4__zAb85bGIBIWXr59k79_t87cOpOfy7ZUCEAEgopm0SmDJBqABtIuBpAPIAQmpAlE8mMf9b6o-qAMByANIqgTVAU_Q249zsh-gvl-tRAMcB6SqwJgu07-fblvFCSylg3cvuFT1h3W2COQgIf_XGXeAXbbAbCO2duh3s54jJlvfdbGkRkLEUs6l_BS2U80xOXrBYGlYIP3g4xhgr_RLZL2lO-MDSiVgBI5nqDngILrNzB2E1iHO-PL8gZoOsa6AiOGg1NZO0D6kyezEpoxeveaew1pIvD_gZ0ZbBBWUwbWgvxg3ZdEHXaJkmxhcPiwW50HhEo-OYGCegYJUDbFnkHR1e69R-8EovEb7BpZyLTrvFuNDk-bfTcAE9oHvqsoDkgUECAQYAZIFBAgFGASgBi6AB7T0_luoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4b2AcA8gcFEMfBoQLSCAcIgGEQARgfgAoByAsB2BMNiBQB0BUBgBcBshccChoIABIUcHViLTg3MDIxMDc3NjU0NjU0MjMYAA&sigh=OCQXyw0omKQ&template_id=419
Frame ID: CB0C755F93818519911C8A3835F0FD0A
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: C36CD8B60F0D9C364EED177B20BDAA54
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: A6D4250166D0FA15C60C23033D8E4E73
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 09BEE9A0E44D10850378DA665C340A6F
Requests: 2 HTTP requests in this frame

Frame: https://p4-anaqvzjzmcnc4-6rbfrtxopvlsb25r-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: 7234ED49FB3247B0DB8033BB1E73786C
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
Frame ID: D46FB9FF92E88E0BCB68D4708288386C
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
Frame ID: A84769BADF43E5FADD0D1F2CC3D32169
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5097979748761042539/index.html
Frame ID: 3204FD94A64F1DC4E20C98DAA58B44F5
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/N5eGun79KMNogHl3JXLjLo7C-VgSu6qtVH-zZQh4z98.js
Frame ID: 4068A3DB9B9D1176093179DE81F6AD52
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 6AF81C3DE47D6D994305CB69978B2E58
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 01B01244665A0087E248661F5455209A
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: BE47738E1E275A066324EB46AFFD2521
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/N5eGun79KMNogHl3JXLjLo7C-VgSu6qtVH-zZQh4z98.js
Frame ID: 0372D422AA48FD234B9D66ADD3F0E4C2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: C9A01B46A3A870D2A0CD372E9872FB2E
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B35B26B02AB0BB1521E3B48C3BB9C26D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

192.168.1.1 - 192.168.1.1 Login Admin

Page URL History Show full URLs

  1. https://www.routerlogin.cloud/ HTTP 301
    https://routerlogin.life/ HTTP 301
    https://19216811.site/ HTTP 301
    https://192-168-1-1ip.biz/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

112
Requests

100 %
HTTPS

0 %
IPv6

15
Domains

20
Subdomains

17
IPs

4
Countries

1244 kB
Transfer

3230 kB
Size

19
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.routerlogin.cloud/ HTTP 301
    https://routerlogin.life/ HTTP 301
    https://19216811.site/ HTTP 301
    https://192-168-1-1ip.biz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2F192-168-1-1ip.biz%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xw53ficqveir9%3Afp%3A687%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A631%3Acn%3A2%3Adp%3A0%3Als%3A1431539224280%3Ahid%3A100544482%3Az%3A0%3Ai%3A20210911223152%3Aet%3A1631399513%3Ac%3A1%3Arn%3A172006340%3Arqn%3A1%3Au%3A16313995131072933408%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1631399511761%3Ads%3A39%2C17%2C31%2C1%2C540%2C0%2C%2C129%2C2%2C%2C%2C%2C760%3Adsn%3A39%2C17%2C32%2C0%2C540%2C0%2C%2C132%2C2%2C%2C%2C%2C760%3Awv%3A2%3Ati%3A2%3Ast%3A1631399513 HTTP 302
  • https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2F192-168-1-1ip.biz%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xw53ficqveir9%3Afp%3A687%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A631%3Acn%3A2%3Adp%3A0%3Als%3A1431539224280%3Ahid%3A100544482%3Az%3A0%3Ai%3A20210911223152%3Aet%3A1631399513%3Ac%3A1%3Arn%3A172006340%3Arqn%3A1%3Au%3A16313995131072933408%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1631399511761%3Ads%3A39%2C17%2C31%2C1%2C540%2C0%2C%2C129%2C2%2C%2C%2C%2C760%3Adsn%3A39%2C17%2C32%2C0%2C540%2C0%2C%2C132%2C2%2C%2C%2C%2C760%3Awv%3A2%3Ati%3A2%3Ast%3A1631399513
Request Chain 10
  • https://mc.yandex.ru/watch/52385854?wmode=7&page-url=https%3A%2F%2F192-168-1-1ip.biz%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xw53ficqveir9%3Afp%3A687%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A631%3Acn%3A1%3Adp%3A0%3Als%3A1576000202758%3Ahid%3A100544482%3Az%3A0%3Ai%3A20210911223152%3Aet%3A1631399513%3Ac%3A1%3Arn%3A708482596%3Arqn%3A1%3Au%3A16313995131072933408%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1631399511761%3Ads%3A39%2C17%2C31%2C1%2C540%2C0%2C%2C129%2C2%2C%2C%2C%2C760%3Adsn%3A39%2C17%2C32%2C0%2C540%2C0%2C%2C132%2C2%2C%2C%2C%2C760%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1631399513%3At%3A192.168.1.1%20-%20192.168.1.1%20Login%20Admin HTTP 302
  • https://mc.yandex.ru/watch/52385854/1?wmode=7&page-url=https%3A%2F%2F192-168-1-1ip.biz%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xw53ficqveir9%3Afp%3A687%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A631%3Acn%3A1%3Adp%3A0%3Als%3A1576000202758%3Ahid%3A100544482%3Az%3A0%3Ai%3A20210911223152%3Aet%3A1631399513%3Ac%3A1%3Arn%3A708482596%3Arqn%3A1%3Au%3A16313995131072933408%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1631399511761%3Ads%3A39%2C17%2C31%2C1%2C540%2C0%2C%2C129%2C2%2C%2C%2C%2C760%3Adsn%3A39%2C17%2C32%2C0%2C540%2C0%2C%2C132%2C2%2C%2C%2C%2C760%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1631399513%3At%3A192.168.1.1%20-%20192.168.1.1%20Login%20Admin
Request Chain 12
  • https://mc.webvisor.org/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9393.WrT84U3oPwaCjnCmnzJ-curpVuxUl26eJH2INXKmw3WEE0iJQHKOdNlTSk4JCPsi.RXVZm1T4dRxyAlv4C-kWs46CeJw%2C HTTP 302
  • https://mc.webvisor.org/sync_cookie_image_decide?token=9393.nAGCVNLlcr9eX3RMnR7goArRXoRgLJhp2EGR75OKX6DHJ4OXQ3dXgR96yM1MbWQWg0oh4HfHZJjVVQNU1fHQKkQExzBcsJSCKvEjV5M8GiY%2C.0gfbCnGsw8QJrtvPZyflITNEWtQ%2C
Request Chain 55
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 59
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 65
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 93
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 99
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si

112 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
192-168-1-1ip.biz/
Redirect Chain
  • https://www.routerlogin.cloud/
  • https://routerlogin.life/
  • https://19216811.site/
  • https://192-168-1-1ip.biz/
27 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://192-168-1-1ip.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.2.152 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4af6c5be83e60f66720912d58ce0d120048de1fa2e0635865dcbd3b520ea42a4

Request headers

:method
GET
:authority
192-168-1-1ip.biz
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sat, 11 Sep 2021 22:31:52 GMT
content-type
text/html
last-modified
Sun, 15 Aug 2021 20:57:21 GMT
cache-control
max-age=604800
expires
Sat, 18 Sep 2021 22:31:52 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d7GkKS%2Bs8IxF3jmhZc4RbNdJ2MjISZTn7G6gAqbVh0DKqDE6Okk7ZMzVJXg%2F2tDYE3987abE7plb7%2Bg41sySWPzZpZI0KssvWmSpdduoDhXeqxSTK2MO%2Fzd4UGTLpheBS5sonw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
68d459483e9c05b3-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Sat, 11 Sep 2021 22:31:52 GMT
content-type
text/html; charset=UTF-8
location
https://192-168-1-1ip.biz/
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E9RByrDvAtpWkGbWCjdX96bRDZBnJJa8s2w8U2b9LfHEb9WjmsGjxbHxiRnZHeRlCh1RutKyKgNWXdlC%2FGz%2FF1qL38lII2lHheLfy5dtQgVoy29izer1h%2BZ%2BfJAus7eG"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
68d459470dbdf9de-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
style.css
192-168-1-1ip.biz/css/ 		68 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://192-168-1-1ip.biz/css/style.css
Requested by
Host: 192-168-1-1ip.biz
URL: https://192-168-1-1ip.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.2.152 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db75d162abd392db5a46dbe77d85ecc104286c6792766ae9c0327fb95a481033

Request headers

:path
/css/style.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
192-168-1-1ip.biz
referer
https://192-168-1-1ip.biz/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://192-168-1-1ip.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 22:31:52 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2103024
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Wed, 18 Aug 2021 13:05:51 GMT
server
cloudflare
etag
W/"1113d-5c9d517f989c0-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gfv0A4eJG1j4uaLf2MN686BiUa5JmDRxCdoNjkxcgQdFTku0EWxtoPt1CSpM8KpoiyJ5pIRdoBRKZO5NRZLX%2F85szMszdxArxaZnoLGoLTe8PkvToDtvncTYacX7dEyu3lGQcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2678400
cf-ray
68d459489f2a05b3-FRA
expires
Fri, 17 Sep 2021 14:21:28 GMT
logo.png
192-168-1-1ip.biz/img/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://192-168-1-1ip.biz/img/logo.png
Requested by
Host: 192-168-1-1ip.biz
URL: https://192-168-1-1ip.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.2.152 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
853241b51a6732b0f482495bf748e64bbcf1468c98c9858f2416d266a0ff02d9

Request headers

:path
/img/logo.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
192-168-1-1ip.biz
referer
https://192-168-1-1ip.biz/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://192-168-1-1ip.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 22:31:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2103024
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
19405
last-modified
Fri, 15 May 2020 02:50:21 GMT
server
cloudflare
etag
"4bcd-5a5a6dfc5f540"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sSD7Aue7nGQWFnPXijc62PspUmjZJpga84qzNgbV2gdVn%2FJmZrOG8vP7WJRsAFxEQWmfgiL5H2%2BXCY%2FYhJc%2F08fwEsQ1kkA8OtlDfnnUbo3q1FM6bkWHun9n3rAYAYI0%2BpkWSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
68d459489f2c05b3-FRA
expires
Thu, 18 Aug 2022 14:21:28 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		138 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: 192-168-1-1ip.biz
URL: https://192-168-1-1ip.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
32696a4bec08646be0a0fdb473c2995153c47b4a9ac46b1398d3a6a1ca91bcc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://192-168-1-1ip.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 22:31:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49459
x-xss-protection
0
server
cafe
etag
10586888015977016472
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 11 Sep 2021 22:31:52 GMT
icon.png
192-168-1-1ip.biz/img/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://192-168-1-1ip.biz/img/icon.png
Requested by
Host: 192-168-1-1ip.biz
URL: https://192-168-1-1ip.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.2.152 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3f90ac82323da5d89e35ce6c87d828faddd812998d3b8a80a1a0575c5f66c0d

Request headers

:path
/img/icon.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
192-168-1-1ip.biz
referer
https://192-168-1-1ip.biz/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://192-168-1-1ip.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 22:31:52 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2103024
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
20329
last-modified
Fri, 15 May 2020 02:50:21 GMT
server
cloudflare
etag
"4f69-5a5a6dfc5f540"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eL3sV6t%2Bn0z361iHW6ZS9VTcdeNaZvPIqd5ertS%2Fy%2F57LpEJGtVFt3JVv2qyJoA80bzyk0CEIWWIBJUc7ALmZzhJuAzUjRV1kmwMfXg1Ch%2B0Z4DR3%2BbT0FqaBBYCOIc0DM%2BFjg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
68d459489f2e05b3-FRA
expires
Thu, 18 Aug 2022 14:21:28 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: 192-168-1-1ip.biz
URL: https://192-168-1-1ip.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.167.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wl-in-f95.1e100.net
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://192-168-1-1ip.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 06 Sep 2021 19:54:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
441451
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33951
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 06 Sep 2022 19:54:21 GMT
script.js
192-168-1-1ip.biz/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://192-168-1-1ip.biz/js/script.js
Requested by
Host: 192-168-1-1ip.biz
URL: https://192-168-1-1ip.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.2.152 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d54a5a814659b7cbb39a54a2e91f41a1f2d47029b8a673b9e0eae702df4e78f3

Request headers

:path
/js/script.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
192-168-1-1ip.biz
referer
https://192-168-1-1ip.biz/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://192-168-1-1ip.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 22:31:52 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
283816
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Fri, 15 May 2020 02:50:22 GMT
server
cloudflare
etag
W/"1fce-5a5a6dfd53780-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hd8Ns0OhfTJTbj0RyIwlyIeU%2FvGuIkhd3vOtnPBxHszSYFMjWH08GmIe7n%2FgRS9UW%2BmLevCt1r6UVCzg%2BUMlp5Cj0AHPOYhsURsvxyHddW8D4rOqJozqdFSK17DnS22o5BOSag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
68d459489f2d05b3-FRA
expires
Wed, 15 Sep 2021 15:41:36 GMT
cookieinfo.min.js
cookieinfoscript.com/js/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cookieinfoscript.com/js/cookieinfo.min.js
Requested by
Host: 192-168-1-1ip.biz
URL: https://192-168-1-1ip.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.34.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ab31a97c236988bb6e415187b2197cdbf689664173015dffd6da8eb96b1626f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://192-168-1-1ip.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 22:31:52 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
155
x-amz-meta-cb-modifiedtime
Wed, 07 Apr 2021 11:38:58 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
XBK4YX4SE7S88AWX
x-amz-id-2
QVJfafCMmqCcujpjdumyZX9qLXsIl8wLlOdJYY3Nnxac0A7nmjT3W9bqAIMOtUVDIE53eJaRujI=
last-modified
Wed, 07 Apr 2021 11:39:17 GMT
server
cloudflare
etag
W/"d15d93068c1121f63008407d339bd819"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qXqMI%2FHUQZm1lQr7PryjjLTUjgRXK4DTg%2B2CT1t9a8wF%2Fh%2FAtFqzrrgqqOnTScPaCFCCPNFgongqBjAzssr16%2ByqCDDyr7VFUDKNRMm%2FttJTqs13Xf9bEO9qaP08y%2Fchb4CLTBd6qw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=2678400
cf-ray
68d459490c11410d-PRG
tag.js
cdn.jsdelivr.net/npm/yandex-metrica-watch/ 		225 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js
Requested by
Host: 192-168-1-1ip.biz
URL: https://192-168-1-1ip.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.229 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
002a64158974851604a71c0ac7f1a06c2f0eb3a51606253d2453470b96913e90
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://192-168-1-1ip.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
25493
x-jsd-version
1.202.0
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
84891
etag
W/"38267-GoUqGcV31N0wgqs4xWqW/uok+bU"
x-served-by
cache-fra19160-FRA
x-jsd-version-type
version
date
Sat, 11 Sep 2021 22:31:52 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/gif
1
mc.yandex.ru/watch/3/
Redirect Chain
  • https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2F192-168-1-1ip.biz%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xw53ficqveir9%3Afp%3A687%3Afu%3A0%3Aen%3Autf-8%3...
  • https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2F192-168-1-1ip.biz%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xw53ficqveir9%3Afp%3A687%3Afu%3A0%3Aen%3Autf-8%...
167 B
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2F192-168-1-1ip.biz%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xw53ficqveir9%3Afp%3A687%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A631%3Acn%3A2%3Adp%3A0%3Als%3A1431539224280%3Ahid%3A100544482%3Az%3A0%3Ai%3A20210911223152%3Aet%3A1631399513%3Ac%3A1%3Arn%3A172006340%3Arqn%3A1%3Au%3A16313995131072933408%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1631399511761%3Ads%3A39%2C17%2C31%2C1%2C540%2C0%2C%2C129%2C2%2C%2C%2C%2C760%3Adsn%3A39%2C17%2C32%2C0%2C540%2C0%2C%2C132%2C2%2C%2C%2C%2C760%3Awv%3A2%3Ati%3A2%3Ast%3A1631399513
Requested by
Host: 192-168-1-1ip.biz
URL: https://192-168-1-1ip.biz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
bd25135344b43c888495e9484ed845f8fc6bd0e14ea5fa4abbc0012e7a3051c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://192-168-1-1ip.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 11 Sep 2021 22:31:52 GMT
x-content-type-options
nosniff
last-modified
Sat, 11-Sep-2021 22:31:52 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://192-168-1-1ip.biz
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
167
x-xss-protection
1; mode=block
expires
Sat, 11-Sep-2021 22:31:52 GMT

Redirect headers

pragma
no-cache
date
Sat, 11 Sep 2021 22:31:52 GMT
last-modified
Sat, 11-Sep-2021 22:31:52 GMT
location
/watch/3/1?wmode=7&page-url=https%3A%2F%2F192-168-1-1ip.biz%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xw53ficqveir9%3Afp%3A687%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A631%3Acn%3A2%3Adp%3A0%3Als%3A1431539224280%3Ahid%3A100544482%3Az%3A0%3Ai%3A20210911223152%3Aet%3A1631399513%3Ac%3A1%3Arn%3A172006340%3Arqn%3A1%3Au%3A16313995131072933408%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1631399511761%3Ads%3A39%2C17%2C31%2C1%2C540%2C0%2C%2C129%2C2%2C%2C%2C%2C760%3Adsn%3A39%2C17%2C32%2C0%2C540%2C0%2C%2C132%2C2%2C%2C%2C%2C760%3Awv%3A2%3Ati%3A2%3Ast%3A1631399513
strict-transport-security
max-age=31536000
access-control-allow-origin
https://192-168-1-1ip.biz
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Sat, 11-Sep-2021 22:31:52 GMT
1
mc.yandex.ru/watch/52385854/
Redirect Chain
  • https://mc.yandex.ru/watch/52385854?wmode=7&page-url=https%3A%2F%2F192-168-1-1ip.biz%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xw53ficqveir9%3Afp%3A687%3Afu%3A0%3Aen%3Autf-8%3Ala...
  • https://mc.yandex.ru/watch/52385854/1?wmode=7&page-url=https%3A%2F%2F192-168-1-1ip.biz%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xw53ficqveir9%3Afp%3A687%3Afu%3A0%3Aen%3Autf-8%3A...
350 B
385 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/52385854/1?wmode=7&page-url=https%3A%2F%2F192-168-1-1ip.biz%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xw53ficqveir9%3Afp%3A687%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A631%3Acn%3A1%3Adp%3A0%3Als%3A1576000202758%3Ahid%3A100544482%3Az%3A0%3Ai%3A20210911223152%3Aet%3A1631399513%3Ac%3A1%3Arn%3A708482596%3Arqn%3A1%3Au%3A16313995131072933408%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1631399511761%3Ads%3A39%2C17%2C31%2C1%2C540%2C0%2C%2C129%2C2%2C%2C%2C%2C760%3Adsn%3A39%2C17%2C32%2C0%2C540%2C0%2C%2C132%2C2%2C%2C%2C%2C760%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1631399513%3At%3A192.168.1.1%20-%20192.168.1.1%20Login%20Admin
Requested by
Host: 192-168-1-1ip.biz
URL: https://192-168-1-1ip.biz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
894da9bd50da01ad11614e60a0daea1690f0b3a915b26457e497f1d752faee0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://192-168-1-1ip.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 11 Sep 2021 22:31:52 GMT
x-content-type-options
nosniff
last-modified
Sat, 11-Sep-2021 22:31:52 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://192-168-1-1ip.biz
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
350
x-xss-protection
1; mode=block
expires
Sat, 11-Sep-2021 22:31:52 GMT

Redirect headers

pragma
no-cache
date
Sat, 11 Sep 2021 22:31:52 GMT
last-modified
Sat, 11-Sep-2021 22:31:52 GMT
location
/watch/52385854/1?wmode=7&page-url=https%3A%2F%2F192-168-1-1ip.biz%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xw53ficqveir9%3Afp%3A687%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A631%3Acn%3A1%3Adp%3A0%3Als%3A1576000202758%3Ahid%3A100544482%3Az%3A0%3Ai%3A20210911223152%3Aet%3A1631399513%3Ac%3A1%3Arn%3A708482596%3Arqn%3A1%3Au%3A16313995131072933408%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1631399511761%3Ads%3A39%2C17%2C31%2C1%2C540%2C0%2C%2C129%2C2%2C%2C%2C%2C760%3Adsn%3A39%2C17%2C32%2C0%2C540%2C0%2C%2C132%2C2%2C%2C%2C%2C760%3Awv%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1631399513%3At%3A192.168.1.1%20-%20192.168.1.1%20Login%20Admin
strict-transport-security
max-age=31536000
access-control-allow-origin
https://192-168-1-1ip.biz
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Sat, 11-Sep-2021 22:31:52 GMT
advert.gif
mc.yandex.ru/metrika/ 		43 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: 192-168-1-1ip.biz
URL: https://192-168-1-1ip.biz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://192-168-1-1ip.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 22:31:52 GMT
last-modified
Fri, 10 Sep 2021 15:33:58 GMT
etag
"61372b26-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Sat, 11 Sep 2021 23:31:52 GMT
sync_cookie_image_decide
mc.webvisor.org/
Redirect Chain
  • https://mc.webvisor.org/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9393.WrT84U3oPwaCjnCmnzJ-curpVuxUl26eJH2INXKmw3WEE0iJQHKOdNlTSk4JCPsi.RXVZm1T4dRxyAlv4C-kWs46CeJw%2C
  • https://mc.webvisor.org/sync_cookie_image_decide?token=9393.nAGCVNLlcr9eX3RMnR7goArRXoRgLJhp2EGR75OKX6DHJ4OXQ3dXgR96yM1MbWQWg0oh4HfHZJjVVQNU1fHQKkQExzBcsJSCKvEjV5M8GiY%2C.0gfbCnGsw8QJrtvPZyflITNEWt...
43 B
382 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.webvisor.org/sync_cookie_image_decide?token=9393.nAGCVNLlcr9eX3RMnR7goArRXoRgLJhp2EGR75OKX6DHJ4OXQ3dXgR96yM1MbWQWg0oh4HfHZJjVVQNU1fHQKkQExzBcsJSCKvEjV5M8GiY%2C.0gfbCnGsw8QJrtvPZyflITNEWtQ%2C
Requested by
Host: 192-168-1-1ip.biz
URL: https://192-168-1-1ip.biz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
154.47.36.144 , United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://192-168-1-1ip.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 22:31:53 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.webvisor.org/sync_cookie_image_decide?token=9393.nAGCVNLlcr9eX3RMnR7goArRXoRgLJhp2EGR75OKX6DHJ4OXQ3dXgR96yM1MbWQWg0oh4HfHZJjVVQNU1fHQKkQExzBcsJSCKvEjV5M8GiY%2C.0gfbCnGsw8QJrtvPZyflITNEWtQ%2C
date
Sat, 11 Sep 2021 22:31:53 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/ 		251 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
cadedca735c6ec45885014e69884b741d9ef44349cd95c9271ae066216d49f6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://192-168-1-1ip.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 22:31:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95406
x-xss-protection
0
server
cafe
etag
12270461373536854434
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 11 Sep 2021 22:31:53 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210908/r20190131/ Frame 6092 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210908/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.140.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wq-in-f155.1e100.net
Software
cafe /
Resource Hash
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210908/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://192-168-1-1ip.biz/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://192-168-1-1ip.biz/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sat, 11 Sep 2021 18:45:40 GMT
expires
Sat, 25 Sep 2021 18:45:40 GMT
content-type
text/html; charset=UTF-8
etag
13836150016441684253
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4591
x-xss-protection
0
age
13573
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie.js
partner.googleadservices.com/gampad/ 		207 B
631 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=192-168-1-1ip.biz&callback=_gfp_s_&client=ca-pub-8702107765465423
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.206.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wk-in-f154.1e100.net
Software
cafe /
Resource Hash
ac036d65d682d66691ce8f519135d8825159594b0b5e1c2da763d9277a59b718
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://192-168-1-1ip.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 22:31:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
194
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=192-168-1-1ip.biz
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.140.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wq-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://192-168-1-1ip.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 11 Sep 2021 22:31:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame EE65 		87 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8702107765465423&output=html&h=280&slotname=3950498584&adk=457981418&adf=721852255&pi=t.ma~as.3950498584&w=998&fwrn=1&fwrnh=100&lmt=1629061041&rafmt=1&psa=0&format=998x280&url=https%3A%2F%2F192-168-1-1ip.biz%2F&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631399512933&bpp=3&bdt=541&idt=392&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&correlator=5088536934191&frm=20&pv=2&ga_vid=1229086205.1631399513&ga_sid=1631399513&ga_hid=94265985&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=301&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422%2C31062297&oid=3&pvsid=1434251097192998&pem=606&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=7PotcJhml4&p=https%3A//192-168-1-1ip.biz&dtd=406
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.140.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wq-in-f155.1e100.net
Software
cafe /
Resource Hash
1dcc865eab5cc303b57d50e1cc4573a86bb86737edbf892c735b5230e50fafa8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8702107765465423&output=html&h=280&slotname=3950498584&adk=457981418&adf=721852255&pi=t.ma~as.3950498584&w=998&fwrn=1&fwrnh=100&lmt=1629061041&rafmt=1&psa=0&format=998x280&url=https%3A%2F%2F192-168-1-1ip.biz%2F&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631399512933&bpp=3&bdt=541&idt=392&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&correlator=5088536934191&frm=20&pv=2&ga_vid=1229086205.1631399513&ga_sid=1631399513&ga_hid=94265985&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=301&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422%2C31062297&oid=3&pvsid=1434251097192998&pem=606&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=7PotcJhml4&p=https%3A//192-168-1-1ip.biz&dtd=406
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://192-168-1-1ip.biz/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://192-168-1-1ip.biz/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 11 Sep 2021 22:31:53 GMT
server
cafe
content-length
28804
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sat, 11-Sep-2021 22:46:53 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 11 Sep 2021 22:31:53 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.177.15.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wr-in-f156.1e100.net
Software
sffe /
Resource Hash
74696de7db3cfc983f841facfdca75dbf4c114af467b05e23fe6d95694cab0fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://192-168-1-1ip.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 22:31:53 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1631273431406706"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27627
x-xss-protection
0
expires
Sat, 11 Sep 2021 22:31:53 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 9235 		65 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8702107765465423&output=html&h=280&slotname=3950498584&adk=3319425727&adf=1347063062&pi=t.ma~as.3950498584&w=686&fwrn=1&fwrnh=100&lmt=1629061041&rafmt=1&psa=0&format=686x280&url=https%3A%2F%2F192-168-1-1ip.biz%2F&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631399512936&bpp=1&bdt=544&idt=409&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280&correlator=5088536934191&frm=20&pv=1&ga_vid=1229086205.1631399513&ga_sid=1631399513&ga_hid=94265985&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=301&ady=812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422%2C31062297&oid=3&pvsid=1434251097192998&pem=606&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3JwqZnime6&p=https%3A//192-168-1-1ip.biz&dtd=411
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.140.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wq-in-f155.1e100.net
Software
cafe /
Resource Hash
417d946bcb15f61d2d93d18ace64cc42ecbeabfb35a40951d79ae770e2cd9bde
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8702107765465423&output=html&h=280&slotname=3950498584&adk=3319425727&adf=1347063062&pi=t.ma~as.3950498584&w=686&fwrn=1&fwrnh=100&lmt=1629061041&rafmt=1&psa=0&format=686x280&url=https%3A%2F%2F192-168-1-1ip.biz%2F&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631399512936&bpp=1&bdt=544&idt=409&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280&correlator=5088536934191&frm=20&pv=1&ga_vid=1229086205.1631399513&ga_sid=1631399513&ga_hid=94265985&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=301&ady=812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422%2C31062297&oid=3&pvsid=1434251097192998&pem=606&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3JwqZnime6&p=https%3A//192-168-1-1ip.biz&dtd=411
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://192-168-1-1ip.biz/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://192-168-1-1ip.biz/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 11 Sep 2021 22:31:54 GMT
server
cafe
content-length
25118
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sat, 11-Sep-2021 22:46:53 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 11 Sep 2021 22:31:54 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 19E9 		119 KB
36 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8702107765465423&output=html&h=600&slotname=8089993801&adk=99382339&adf=3234323087&pi=t.ma~as.8089993801&w=240&fwrn=1&fwrnh=100&lmt=1629061041&rafmt=1&psa=0&format=240x600&url=https%3A%2F%2F192-168-1-1ip.biz%2F&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631399512937&bpp=1&bdt=545&idt=413&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280%2C686x280&correlator=5088536934191&frm=20&pv=1&ga_vid=1229086205.1631399513&ga_sid=1631399513&ga_hid=94265985&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1059&ady=443&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422%2C31062297&oid=3&pvsid=1434251097192998&pem=606&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=GOvEWkCT8m&p=https%3A//192-168-1-1ip.biz&dtd=416
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.140.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wq-in-f155.1e100.net
Software
cafe /
Resource Hash
46d6fb0011b8ae073f37d0f3147686dc63859e88d07c26b742bc62313d47d224
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18205080945073067104/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18205080945073067104/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKiH7uP89_ICFY8_0wod_HIMQQ&gqi=WS49YcS9F8zensEPuvG08Ag&layout=/sadbundle/%24csp%253Der3%24/18205080945073067104/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8702107765465423&output=html&h=600&slotname=8089993801&adk=99382339&adf=3234323087&pi=t.ma~as.8089993801&w=240&fwrn=1&fwrnh=100&lmt=1629061041&rafmt=1&psa=0&format=240x600&url=https%3A%2F%2F192-168-1-1ip.biz%2F&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631399512937&bpp=1&bdt=545&idt=413&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280%2C686x280&correlator=5088536934191&frm=20&pv=1&ga_vid=1229086205.1631399513&ga_sid=1631399513&ga_hid=94265985&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1059&ady=443&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422%2C31062297&oid=3&pvsid=1434251097192998&pem=606&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=GOvEWkCT8m&p=https%3A//192-168-1-1ip.biz&dtd=416
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://192-168-1-1ip.biz/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://192-168-1-1ip.biz/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18205080945073067104/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18205080945073067104/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKiH7uP89_ICFY8_0wod_HIMQQ&gqi=WS49YcS9F8zensEPuvG08Ag&layout=/sadbundle/%24csp%253Der3%24/18205080945073067104/index.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 11 Sep 2021 22:31:53 GMT
server
cafe
content-length
37152
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sat, 11-Sep-2021 22:46:53 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 11 Sep 2021 22:31:53 GMT
cache-control
private
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2F192-168-1-1ip.biz%2F&tn=DIV&cls=cookieinfo&ign=false&pw=1600&ph=1200&x=1575&y=1175
Requested by
Host: 192-168-1-1ip.biz
URL: https://192-168-1-1ip.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://192-168-1-1ip.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 11 Sep 2021 22:31:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame CCE9 		260 KB
61 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8702107765465423&output=html&adk=1812271804&adf=3025194257&lmt=1629061041&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2F192-168-1-1ip.biz%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631399512947&bpp=1&bdt=556&idt=409&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280%2C686x280%2C240x600&nras=1&correlator=5088536934191&frm=20&pv=1&ga_vid=1229086205.1631399513&ga_sid=1631399513&ga_hid=94265985&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422%2C31062297&oid=3&pvsid=1434251097192998&pem=606&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=414
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.140.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wq-in-f155.1e100.net
Software
cafe /
Resource Hash
e372800b661bebfc55343342b76f385e800ebcaf8db0fb91e13145ca2d90192a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8702107765465423&output=html&adk=1812271804&adf=3025194257&lmt=1629061041&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2F192-168-1-1ip.biz%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631399512947&bpp=1&bdt=556&idt=409&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280%2C686x280%2C240x600&nras=1&correlator=5088536934191&frm=20&pv=1&ga_vid=1229086205.1631399513&ga_sid=1631399513&ga_hid=94265985&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422%2C31062297&oid=3&pvsid=1434251097192998&pem=606&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=414
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://192-168-1-1ip.biz/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://192-168-1-1ip.biz/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 11 Sep 2021 22:31:54 GMT
server
cafe
content-length
62041
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sat, 11-Sep-2021 22:46:53 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 11 Sep 2021 22:31:54 GMT
cache-control
private
e97fc1f500c2ba07d7ae78e11e245b27.js
www.gstatic.com/mysidia/ Frame EE65 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/e97fc1f500c2ba07d7ae78e11e245b27.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8702107765465423&output=html&h=280&slotname=3950498584&adk=457981418&adf=721852255&pi=t.ma~as.3950498584&w=998&fwrn=1&fwrnh=100&lmt=1629061041&rafmt=1&psa=0&format=998x280&url=https%3A%2F%2F192-168-1-1ip.biz%2F&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631399512933&bpp=3&bdt=541&idt=392&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&correlator=5088536934191&frm=20&pv=2&ga_vid=1229086205.1631399513&ga_sid=1631399513&ga_hid=94265985&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=301&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422%2C31062297&oid=3&pvsid=1434251097192998&pem=606&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=7PotcJhml4&p=https%3A//192-168-1-1ip.biz&dtd=406
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.184.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wa-in-f94.1e100.net
Software
sffe /
Resource Hash
d8f8cdb5aeedf4b9737a05e36cdff6236915390471280befa4ead41179bdd408
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 08 Sep 2021 23:58:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
254027
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3150
x-xss-protection
0
last-modified
Wed, 08 Sep 2021 00:31:01 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 07 Dec 2021 23:58:07 GMT
657081d252e7e20d644f411c068fca8c.js
www.gstatic.com/mysidia/ Frame EE65 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/657081d252e7e20d644f411c068fca8c.js?tag=text/vanilla_cta_animation_title_highlight
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8702107765465423&output=html&h=280&slotname=3950498584&adk=457981418&adf=721852255&pi=t.ma~as.3950498584&w=998&fwrn=1&fwrnh=100&lmt=1629061041&rafmt=1&psa=0&format=998x280&url=https%3A%2F%2F192-168-1-1ip.biz%2F&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631399512933&bpp=3&bdt=541&idt=392&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&correlator=5088536934191&frm=20&pv=2&ga_vid=1229086205.1631399513&ga_sid=1631399513&ga_hid=94265985&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=301&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422%2C31062297&oid=3&pvsid=1434251097192998&pem=606&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=7PotcJhml4&p=https%3A//192-168-1-1ip.biz&dtd=406
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.184.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wa-in-f94.1e100.net
Software
sffe /
Resource Hash
c430f644efb55920d9c3d0534971f41cba4f896ab5e58b91e588decf05972731
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 06:17:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
231261
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3417
x-xss-protection
0
last-modified
Fri, 03 Sep 2021 07:30:40 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 08 Dec 2021 06:17:33 GMT
css
fonts.googleapis.com/ Frame EE65 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8702107765465423&output=html&h=280&slotname=3950498584&adk=457981418&adf=721852255&pi=t.ma~as.3950498584&w=998&fwrn=1&fwrnh=100&lmt=1629061041&rafmt=1&psa=0&format=998x280&url=https%3A%2F%2F192-168-1-1ip.biz%2F&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631399512933&bpp=3&bdt=541&idt=392&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&correlator=5088536934191&frm=20&pv=2&ga_vid=1229086205.1631399513&ga_sid=1631399513&ga_hid=94265985&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=301&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422%2C31062297&oid=3&pvsid=1434251097192998&pem=606&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=7PotcJhml4&p=https%3A//192-168-1-1ip.biz&dtd=406
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.13.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
we-in-f95.1e100.net
Software
ESF /
Resource Hash
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 11 Sep 2021 21:36:55 GMT
server
ESF
date
Sat, 11 Sep 2021 22:31:54 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 11 Sep 2021 22:31:54 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210908/r20110914/client/ Frame EE65 		1 KB
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210908/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8702107765465423&output=html&h=280&slotname=3950498584&adk=457981418&adf=721852255&pi=t.ma~as.3950498584&w=998&fwrn=1&fwrnh=100&lmt=1629061041&rafmt=1&psa=0&format=998x280&url=https%3A%2F%2F192-168-1-1ip.biz%2F&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631399512933&bpp=3&bdt=541&idt=392&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&correlator=5088536934191&frm=20&pv=2&ga_vid=1229086205.1631399513&ga_sid=1631399513&ga_hid=94265985&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=301&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422%2C31062297&oid=3&pvsid=1434251097192998&pem=606&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=7PotcJhml4&p=https%3A//192-168-1-1ip.biz&dtd=406
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.206.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wk-in-f132.1e100.net
Software
cafe /
Resource Hash
5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 16:32:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21590
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
830
x-xss-protection
0
server
cafe
etag
3558876194914413708
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Sep 2021 16:32:04 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210908/r20110914/ Frame EE65 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210908/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8702107765465423&output=html&h=280&slotname=3950498584&adk=457981418&adf=721852255&pi=t.ma~as.3950498584&w=998&fwrn=1&fwrnh=100&lmt=1629061041&rafmt=1&psa=0&format=998x280&url=https%3A%2F%2F192-168-1-1ip.biz%2F&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631399512933&bpp=3&bdt=541&idt=392&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&correlator=5088536934191&frm=20&pv=2&ga_vid=1229086205.1631399513&ga_sid=1631399513&ga_hid=94265985&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=301&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422%2C31062297&oid=3&pvsid=1434251097192998&pem=606&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=7PotcJhml4&p=https%3A//192-168-1-1ip.biz&dtd=406
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.206.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wk-in-f132.1e100.net
Software
cafe /
Resource Hash
cc4cb1016499eb5d88379d9cdf358b0083b7c1b80f00889ce86649a88c746e10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 16:32:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21593
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7641
x-xss-protection
0
server
cafe
etag
14368791910870210898
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Sep 2021 16:32:01 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210908/r20110914/client/ Frame EE65 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210908/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8702107765465423&output=html&h=280&slotname=3950498584&adk=457981418&adf=721852255&pi=t.ma~as.3950498584&w=998&fwrn=1&fwrnh=100&lmt=1629061041&rafmt=1&psa=0&format=998x280&url=https%3A%2F%2F192-168-1-1ip.biz%2F&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631399512933&bpp=3&bdt=541&idt=392&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&correlator=5088536934191&frm=20&pv=2&ga_vid=1229086205.1631399513&ga_sid=1631399513&ga_hid=94265985&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=301&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422%2C31062297&oid=3&pvsid=1434251097192998&pem=606&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=7PotcJhml4&p=https%3A//192-168-1-1ip.biz&dtd=406
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.206.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wk-in-f132.1e100.net
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 10:52:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41974
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Sep 2021 10:52:20 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EE65 		125 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8702107765465423&output=html&h=280&slotname=3950498584&adk=457981418&adf=721852255&pi=t.ma~as.3950498584&w=998&fwrn=1&fwrnh=100&lmt=1629061041&rafmt=1&psa=0&format=998x280&url=https%3A%2F%2F192-168-1-1ip.biz%2F&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631399512933&bpp=3&bdt=541&idt=392&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&correlator=5088536934191&frm=20&pv=2&ga_vid=1229086205.1631399513&ga_sid=1631399513&ga_hid=94265985&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=301&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422%2C31062297&oid=3&pvsid=1434251097192998&pem=606&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=7PotcJhml4&p=https%3A//192-168-1-1ip.biz&dtd=406
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.177.15.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wr-in-f156.1e100.net
Software
sffe /
Resource Hash
1b6abcd01d2337e70b8fdde5a150175d2d4a3231d464e25b9cbdb5bac2bfcd2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 22:31:54 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1631273423644667"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38649
x-xss-protection
0
expires
Sat, 11 Sep 2021 22:31:54 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210908/r20110914/client/ Frame EE65 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210908/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8702107765465423&output=html&h=280&slotname=3950498584&adk=457981418&adf=721852255&pi=t.ma~as.3950498584&w=998&fwrn=1&fwrnh=100&lmt=1629061041&rafmt=1&psa=0&format=998x280&url=https%3A%2F%2F192-168-1-1ip.biz%2F&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631399512933&bpp=3&bdt=541&idt=392&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&correlator=5088536934191&frm=20&pv=2&ga_vid=1229086205.1631399513&ga_sid=1631399513&ga_hid=94265985&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=301&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422%2C31062297&oid=3&pvsid=1434251097192998&pem=606&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=7PotcJhml4&p=https%3A//192-168-1-1ip.biz&dtd=406
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.206.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wk-in-f132.1e100.net
Software
cafe /
Resource Hash
114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 16:32:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21588
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6183
x-xss-protection
0
server
cafe
etag
901432759052127119
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Sep 2021 16:32:06 GMT
8b8c639f95e935c054a6465040a495ee.js
www.gstatic.com/mysidia/ Frame EE65 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/8b8c639f95e935c054a6465040a495ee.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8702107765465423&output=html&h=280&slotname=3950498584&adk=457981418&adf=721852255&pi=t.ma~as.3950498584&w=998&fwrn=1&fwrnh=100&lmt=1629061041&rafmt=1&psa=0&format=998x280&url=https%3A%2F%2F192-168-1-1ip.biz%2F&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631399512933&bpp=3&bdt=541&idt=392&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&correlator=5088536934191&frm=20&pv=2&ga_vid=1229086205.1631399513&ga_sid=1631399513&ga_hid=94265985&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=301&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422%2C31062297&oid=3&pvsid=1434251097192998&pem=606&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=7PotcJhml4&p=https%3A//192-168-1-1ip.biz&dtd=406
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.184.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wa-in-f94.1e100.net
Software
sffe /
Resource Hash
42dc9aece188c290c3303813e9f91c1d596f1267899f3b3357280be43c16ab53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 03:06:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
156315
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10883
x-xss-protection
0
last-modified
Wed, 08 Sep 2021 00:31:01 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 09 Dec 2021 03:06:39 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18205080945073067104/ Frame 3BDA 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18205080945073067104/index.html
Requested by
Host: 192-168-1-1ip.biz
URL: https://192-168-1-1ip.biz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.206.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wk-in-f132.1e100.net
Software
sffe /
Resource Hash
0462a2b7bc22844a2df7ae67fc834fc4757baf6210ec181481428e59de3aff28
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/18205080945073067104/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3374
date
Sun, 05 Sep 2021 01:58:02 GMT
expires
Mon, 05 Sep 2022 01:58:02 GMT
last-modified
Tue, 10 Aug 2021 19:23:08 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
592432
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
adview
googleads.g.doubleclick.net/pagead/ Frame CB0C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CDcR8WS49Yej2F4__zAb85bGIBIWXr59k79_t87cOpOfy7ZUCEAEgopm0SmDJBqABtIuBpAPIAQmpAlE8mMf9b6o-qAMByANIqgTVAU_Q249zsh-gvl-tRAMcB6SqwJgu07-fblvFCSylg3cvuFT1h3W2COQgIf_XGXeAXbbAbCO2duh3s54jJlvfdbGkRkLEUs6l_BS2U80xOXrBYGlYIP3g4xhgr_RLZL2lO-MDSiVgBI5nqDngILrNzB2E1iHO-PL8gZoOsa6AiOGg1NZO0D6kyezEpoxeveaew1pIvD_gZ0ZbBBWUwbWgvxg3ZdEHXaJkmxhcPiwW50HhEo-OYGCegYJUDbFnkHR1e69R-8EovEb7BpZyLTrvFuNDk-bfTcAE9oHvqsoDkgUECAQYAZIFBAgFGASgBi6AB7T0_luoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4b2AcA8gcFEMfBoQLSCAcIgGEQARgfgAoByAsB2BMNiBQB0BUBgBcBshccChoIABIUcHViLTg3MDIxMDc3NjU0NjU0MjMYAA&sigh=OCQXyw0omKQ&template_id=419
Requested by
Host: 192-168-1-1ip.biz
URL: https://192-168-1-1ip.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.140.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wq-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8702107765465423&output=html&h=600&slotname=8089993801&adk=99382339&adf=3234323087&pi=t.ma~as.8089993801&w=240&fwrn=1&fwrnh=100&lmt=1629061041&rafmt=1&psa=0&format=240x600&url=https%3A%2F%2F192-168-1-1ip.biz%2F&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631399512937&bpp=1&bdt=545&idt=413&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280%2C686x280&correlator=5088536934191&frm=20&pv=1&ga_vid=1229086205.1631399513&ga_sid=1631399513&ga_hid=94265985&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1059&ady=443&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422%2C31062297&oid=3&pvsid=1434251097192998&pem=606&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=GOvEWkCT8m&p=https%3A//192-168-1-1ip.biz&dtd=416
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sat, 11 Sep 2021 22:31:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 11 Sep 2021 22:31:54 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210908/r20110914/ Frame CB0C 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210908/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8702107765465423&output=html&h=600&slotname=8089993801&adk=99382339&adf=3234323087&pi=t.ma~as.8089993801&w=240&fwrn=1&fwrnh=100&lmt=1629061041&rafmt=1&psa=0&format=240x600&url=https%3A%2F%2F192-168-1-1ip.biz%2F&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631399512937&bpp=1&bdt=545&idt=413&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280%2C686x280&correlator=5088536934191&frm=20&pv=1&ga_vid=1229086205.1631399513&ga_sid=1631399513&ga_hid=94265985&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1059&ady=443&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422%2C31062297&oid=3&pvsid=1434251097192998&pem=606&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=GOvEWkCT8m&p=https%3A//192-168-1-1ip.biz&dtd=416
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.206.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wk-in-f132.1e100.net
Software
cafe /
Resource Hash
cc4cb1016499eb5d88379d9cdf358b0083b7c1b80f00889ce86649a88c746e10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 16:32:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21593
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7641
x-xss-protection
0
server
cafe
etag
14368791910870210898
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Sep 2021 16:32:01 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210908/r20110914/client/ Frame CB0C 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210908/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8702107765465423&output=html&h=600&slotname=8089993801&adk=99382339&adf=3234323087&pi=t.ma~as.8089993801&w=240&fwrn=1&fwrnh=100&lmt=1629061041&rafmt=1&psa=0&format=240x600&url=https%3A%2F%2F192-168-1-1ip.biz%2F&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631399512937&bpp=1&bdt=545&idt=413&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280%2C686x280&correlator=5088536934191&frm=20&pv=1&ga_vid=1229086205.1631399513&ga_sid=1631399513&ga_hid=94265985&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1059&ady=443&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422%2C31062297&oid=3&pvsid=1434251097192998&pem=606&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=GOvEWkCT8m&p=https%3A//192-168-1-1ip.biz&dtd=416
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.206.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wk-in-f132.1e100.net
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 10:52:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41974
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Sep 2021 10:52:20 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CB0C 		125 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8702107765465423&output=html&h=600&slotname=8089993801&adk=99382339&adf=3234323087&pi=t.ma~as.8089993801&w=240&fwrn=1&fwrnh=100&lmt=1629061041&rafmt=1&psa=0&format=240x600&url=https%3A%2F%2F192-168-1-1ip.biz%2F&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631399512937&bpp=1&bdt=545&idt=413&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280%2C686x280&correlator=5088536934191&frm=20&pv=1&ga_vid=1229086205.1631399513&ga_sid=1631399513&ga_hid=94265985&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1059&ady=443&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422%2C31062297&oid=3&pvsid=1434251097192998&pem=606&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=GOvEWkCT8m&p=https%3A//192-168-1-1ip.biz&dtd=416
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.177.15.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wr-in-f156.1e100.net
Software
sffe /
Resource Hash
1b6abcd01d2337e70b8fdde5a150175d2d4a3231d464e25b9cbdb5bac2bfcd2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 22:31:54 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1631273423644667"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38649
x-xss-protection
0
expires
Sat, 11 Sep 2021 22:31:54 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210908/r20110914/client/ Frame CB0C 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210908/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8702107765465423&output=html&h=600&slotname=8089993801&adk=99382339&adf=3234323087&pi=t.ma~as.8089993801&w=240&fwrn=1&fwrnh=100&lmt=1629061041&rafmt=1&psa=0&format=240x600&url=https%3A%2F%2F192-168-1-1ip.biz%2F&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631399512937&bpp=1&bdt=545&idt=413&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280%2C686x280&correlator=5088536934191&frm=20&pv=1&ga_vid=1229086205.1631399513&ga_sid=1631399513&ga_hid=94265985&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1059&ady=443&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422%2C31062297&oid=3&pvsid=1434251097192998&pem=606&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=GOvEWkCT8m&p=https%3A//192-168-1-1ip.biz&dtd=416
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.206.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wk-in-f132.1e100.net
Software
cafe /
Resource Hash
114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 16:32:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21588
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6183
x-xss-protection
0
server
cafe
etag
901432759052127119
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Sep 2021 16:32:06 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame EE65 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CFrtLWS49YZL0F42j-waWi5_4Bfqx2v5ijrfQtaILw-Tz_QgQASCimbRKYMkGoAH9kor9A8gBAagDAcgDwwSqBLgBT9DmsR_n9BHrmJm6KxFTJZM_t4y2JAKN0zWFTgDOcszE3kjPIh-ii0cF0lorbeQA4aKJiIXLQ_oJns2DCdz3l3pnxwDKiEGxBXYePl9XZi-sjqzl-TcLOkWtsL3fpQkpG_gIcDnvNebDwkFuLr1WSTl6yLuH0ODybc6put7A-ClDVTpCTwTPt10SEOMrFNlmodQmqr9U3R5160Q_dRiourIqQ9usmNGWeIKlZL1c0pN4BsiMFRZu2MAEz4_H140CkgUECAQYAZIFBAgFGASgBlGAB6a2nDKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4b2AcB8gcFEOHOlgHSCAcIgGEQARgfgAoByAsB2BML0BUBgBcBshccChoIABIUcHViLTg3MDIxMDc3NjU0NjU0MjMYAA&sigh=63FGmpkNpHM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8702107765465423&output=html&h=280&slotname=3950498584&adk=457981418&adf=721852255&pi=t.ma~as.3950498584&w=998&fwrn=1&fwrnh=100&lmt=1629061041&rafmt=1&psa=0&format=998x280&url=https%3A%2F%2F192-168-1-1ip.biz%2F&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631399512933&bpp=3&bdt=541&idt=392&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&correlator=5088536934191&frm=20&pv=2&ga_vid=1229086205.1631399513&ga_sid=1631399513&ga_hid=94265985&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=301&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422%2C31062297&oid=3&pvsid=1434251097192998&pem=606&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=7PotcJhml4&p=https%3A//192-168-1-1ip.biz&dtd=406
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.140.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wq-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8702107765465423&output=html&h=280&slotname=3950498584&adk=457981418&adf=721852255&pi=t.ma~as.3950498584&w=998&fwrn=1&fwrnh=100&lmt=1629061041&rafmt=1&psa=0&format=998x280&url=https%3A%2F%2F192-168-1-1ip.biz%2F&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631399512933&bpp=3&bdt=541&idt=392&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&correlator=5088536934191&frm=20&pv=2&ga_vid=1229086205.1631399513&ga_sid=1631399513&ga_hid=94265985&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=301&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422%2C31062297&oid=3&pvsid=1434251097192998&pem=606&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=7PotcJhml4&p=https%3A//192-168-1-1ip.biz&dtd=406
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sat, 11 Sep 2021 22:31:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame C36C 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8702107765465423&output=html&h=280&slotname=3950498584&adk=457981418&adf=721852255&pi=t.ma~as.3950498584&w=998&fwrn=1&fwrnh=100&lmt=1629061041&rafmt=1&psa=0&format=998x280&url=https%3A%2F%2F192-168-1-1ip.biz%2F&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631399512933&bpp=3&bdt=541&idt=392&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&correlator=5088536934191&frm=20&pv=2&ga_vid=1229086205.1631399513&ga_sid=1631399513&ga_hid=94265985&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=301&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422%2C31062297&oid=3&pvsid=1434251097192998&pem=606&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=7PotcJhml4&p=https%3A//192-168-1-1ip.biz&dtd=406
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.140.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wq-in-f155.1e100.net
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8702107765465423&output=html&h=280&slotname=3950498584&adk=457981418&adf=721852255&pi=t.ma~as.3950498584&w=998&fwrn=1&fwrnh=100&lmt=1629061041&rafmt=1&psa=0&format=998x280&url=https%3A%2F%2F192-168-1-1ip.biz%2F&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631399512933&bpp=3&bdt=541&idt=392&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&correlator=5088536934191&frm=20&pv=2&ga_vid=1229086205.1631399513&ga_sid=1631399513&ga_hid=94265985&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=301&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422%2C31062297&oid=3&pvsid=1434251097192998&pem=606&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=7PotcJhml4&p=https%3A//192-168-1-1ip.biz&dtd=406
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUn7hWYd1sAheWWdDuEK1jprqYUgg2EaO21eMrNX9727miWoc7R5t8ewX4soHEw; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8702107765465423&output=html&h=280&slotname=3950498584&adk=457981418&adf=721852255&pi=t.ma~as.3950498584&w=998&fwrn=1&fwrnh=100&lmt=1629061041&rafmt=1&psa=0&format=998x280&url=https%3A%2F%2F192-168-1-1ip.biz%2F&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631399512933&bpp=3&bdt=541&idt=392&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&correlator=5088536934191&frm=20&pv=2&ga_vid=1229086205.1631399513&ga_sid=1631399513&ga_hid=94265985&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=301&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422%2C31062297&oid=3&pvsid=1434251097192998&pem=606&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=7PotcJhml4&p=https%3A//192-168-1-1ip.biz&dtd=406

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sat, 11 Sep 2021 21:46:22 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2732
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame EE65 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
19c707edaec21333f19708afacdabb2fa626eb38b8ef5464cfec9a63bc3564a9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
s
googleads.g.doubleclick.net/pagead/drt/ Frame A6D4 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8702107765465423&output=html&h=600&slotname=8089993801&adk=99382339&adf=3234323087&pi=t.ma~as.8089993801&w=240&fwrn=1&fwrnh=100&lmt=1629061041&rafmt=1&psa=0&format=240x600&url=https%3A%2F%2F192-168-1-1ip.biz%2F&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631399512937&bpp=1&bdt=545&idt=413&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280%2C686x280&correlator=5088536934191&frm=20&pv=1&ga_vid=1229086205.1631399513&ga_sid=1631399513&ga_hid=94265985&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1059&ady=443&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422%2C31062297&oid=3&pvsid=1434251097192998&pem=606&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=GOvEWkCT8m&p=https%3A//192-168-1-1ip.biz&dtd=416
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.140.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wq-in-f155.1e100.net
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8702107765465423&output=html&h=600&slotname=8089993801&adk=99382339&adf=3234323087&pi=t.ma~as.8089993801&w=240&fwrn=1&fwrnh=100&lmt=1629061041&rafmt=1&psa=0&format=240x600&url=https%3A%2F%2F192-168-1-1ip.biz%2F&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631399512937&bpp=1&bdt=545&idt=413&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280%2C686x280&correlator=5088536934191&frm=20&pv=1&ga_vid=1229086205.1631399513&ga_sid=1631399513&ga_hid=94265985&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1059&ady=443&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422%2C31062297&oid=3&pvsid=1434251097192998&pem=606&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=GOvEWkCT8m&p=https%3A//192-168-1-1ip.biz&dtd=416
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUn7hWYd1sAheWWdDuEK1jprqYUgg2EaO21eMrNX9727miWoc7R5t8ewX4soHEw; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8702107765465423&output=html&h=600&slotname=8089993801&adk=99382339&adf=3234323087&pi=t.ma~as.8089993801&w=240&fwrn=1&fwrnh=100&lmt=1629061041&rafmt=1&psa=0&format=240x600&url=https%3A%2F%2F192-168-1-1ip.biz%2F&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631399512937&bpp=1&bdt=545&idt=413&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280%2C686x280&correlator=5088536934191&frm=20&pv=1&ga_vid=1229086205.1631399513&ga_sid=1631399513&ga_hid=94265985&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1059&ady=443&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422%2C31062297&oid=3&pvsid=1434251097192998&pem=606&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=GOvEWkCT8m&p=https%3A//192-168-1-1ip.biz&dtd=416

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sat, 11 Sep 2021 21:46:22 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2732
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame CB0C 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d4c1781a4bb7ca391b69ce5d70d072f5b6a7931905b7372cfd14c279089b3c10

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 3BDA 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18205080945073067104/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.206.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wk-in-f132.1e100.net
Software
cafe /
Resource Hash
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 16:20:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22268
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
3271
x-xss-protection
0
server
cafe
etag
7483759447172721109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sun, 12 Sep 2021 16:20:46 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 3BDA 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18205080945073067104/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.206.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wk-in-f132.1e100.net
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 10:54:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41841
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sun, 12 Sep 2021 10:54:33 GMT
3d3f008e41275bdda2159039319ccfee.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18205080945073067104/ Frame 3BDA 		71 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18205080945073067104/3d3f008e41275bdda2159039319ccfee.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18205080945073067104/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.206.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wk-in-f132.1e100.net
Software
sffe /
Resource Hash
e5445bdde0b088b6a6ab9fbe5bf698eed797aa793c675a01de2da251f5bcb230
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 19:23:08 GMT
server
sffe
date
Sat, 11 Sep 2021 22:31:54 GMT
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 Sep 2022 22:31:54 GMT
6849342191148363862
tpc.googlesyndication.com/simgad/ Frame 9235 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/6849342191148363862?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmuZgpqXGFmFOs12EWQ_juIj9eYLQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8702107765465423&output=html&h=280&slotname=3950498584&adk=3319425727&adf=1347063062&pi=t.ma~as.3950498584&w=686&fwrn=1&fwrnh=100&lmt=1629061041&rafmt=1&psa=0&format=686x280&url=https%3A%2F%2F192-168-1-1ip.biz%2F&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631399512936&bpp=1&bdt=544&idt=409&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280&correlator=5088536934191&frm=20&pv=1&ga_vid=1229086205.1631399513&ga_sid=1631399513&ga_hid=94265985&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=301&ady=812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422%2C31062297&oid=3&pvsid=1434251097192998&pem=606&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3JwqZnime6&p=https%3A//192-168-1-1ip.biz&dtd=411
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.206.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wk-in-f132.1e100.net
Software
sffe /
Resource Hash
9059ca78a9084462db7c7e763eb2a205cb5fc0587481909152d72ceced17f9b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 22:31:54 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Aug 2021 15:16:57 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
15247
x-xss-protection
0
expires
Sun, 11 Sep 2022 22:31:54 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210908/r20110914/ Frame 9235 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210908/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8702107765465423&output=html&h=280&slotname=3950498584&adk=3319425727&adf=1347063062&pi=t.ma~as.3950498584&w=686&fwrn=1&fwrnh=100&lmt=1629061041&rafmt=1&psa=0&format=686x280&url=https%3A%2F%2F192-168-1-1ip.biz%2F&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631399512936&bpp=1&bdt=544&idt=409&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280&correlator=5088536934191&frm=20&pv=1&ga_vid=1229086205.1631399513&ga_sid=1631399513&ga_hid=94265985&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=301&ady=812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422%2C31062297&oid=3&pvsid=1434251097192998&pem=606&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3JwqZnime6&p=https%3A//192-168-1-1ip.biz&dtd=411
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.206.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wk-in-f132.1e100.net
Software
cafe /
Resource Hash
cc4cb1016499eb5d88379d9cdf358b0083b7c1b80f00889ce86649a88c746e10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 16:32:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21593
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7641
x-xss-protection
0
server
cafe
etag
14368791910870210898
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Sep 2021 16:32:01 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210908/r20110914/client/ Frame 9235 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210908/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8702107765465423&output=html&h=280&slotname=3950498584&adk=3319425727&adf=1347063062&pi=t.ma~as.3950498584&w=686&fwrn=1&fwrnh=100&lmt=1629061041&rafmt=1&psa=0&format=686x280&url=https%3A%2F%2F192-168-1-1ip.biz%2F&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631399512936&bpp=1&bdt=544&idt=409&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280&correlator=5088536934191&frm=20&pv=1&ga_vid=1229086205.1631399513&ga_sid=1631399513&ga_hid=94265985&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=301&ady=812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422%2C31062297&oid=3&pvsid=1434251097192998&pem=606&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3JwqZnime6&p=https%3A//192-168-1-1ip.biz&dtd=411
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.206.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wk-in-f132.1e100.net
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 10:52:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41974
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Sep 2021 10:52:20 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9235 		125 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8702107765465423&output=html&h=280&slotname=3950498584&adk=3319425727&adf=1347063062&pi=t.ma~as.3950498584&w=686&fwrn=1&fwrnh=100&lmt=1629061041&rafmt=1&psa=0&format=686x280&url=https%3A%2F%2F192-168-1-1ip.biz%2F&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631399512936&bpp=1&bdt=544&idt=409&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280&correlator=5088536934191&frm=20&pv=1&ga_vid=1229086205.1631399513&ga_sid=1631399513&ga_hid=94265985&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=301&ady=812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422%2C31062297&oid=3&pvsid=1434251097192998&pem=606&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3JwqZnime6&p=https%3A//192-168-1-1ip.biz&dtd=411
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.177.15.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wr-in-f156.1e100.net
Software
sffe /
Resource Hash
1b6abcd01d2337e70b8fdde5a150175d2d4a3231d464e25b9cbdb5bac2bfcd2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 22:31:54 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1631273423644667"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38649
x-xss-protection
0
expires
Sat, 11 Sep 2021 22:31:54 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210908/r20110914/client/ Frame 9235 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210908/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8702107765465423&output=html&h=280&slotname=3950498584&adk=3319425727&adf=1347063062&pi=t.ma~as.3950498584&w=686&fwrn=1&fwrnh=100&lmt=1629061041&rafmt=1&psa=0&format=686x280&url=https%3A%2F%2F192-168-1-1ip.biz%2F&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631399512936&bpp=1&bdt=544&idt=409&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280&correlator=5088536934191&frm=20&pv=1&ga_vid=1229086205.1631399513&ga_sid=1631399513&ga_hid=94265985&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=301&ady=812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422%2C31062297&oid=3&pvsid=1434251097192998&pem=606&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3JwqZnime6&p=https%3A//192-168-1-1ip.biz&dtd=411
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.206.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wk-in-f132.1e100.net
Software
cafe /
Resource Hash
114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 16:32:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21587
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6183
x-xss-protection
0
server
cafe
etag
901432759052127119
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Sep 2021 16:32:07 GMT
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210908/r20110914/client/ Frame 9235 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210908/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8702107765465423&output=html&h=280&slotname=3950498584&adk=3319425727&adf=1347063062&pi=t.ma~as.3950498584&w=686&fwrn=1&fwrnh=100&lmt=1629061041&rafmt=1&psa=0&format=686x280&url=https%3A%2F%2F192-168-1-1ip.biz%2F&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631399512936&bpp=1&bdt=544&idt=409&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280&correlator=5088536934191&frm=20&pv=1&ga_vid=1229086205.1631399513&ga_sid=1631399513&ga_hid=94265985&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=301&ady=812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422%2C31062297&oid=3&pvsid=1434251097192998&pem=606&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3JwqZnime6&p=https%3A//192-168-1-1ip.biz&dtd=411
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.206.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wk-in-f132.1e100.net
Software
cafe /
Resource Hash
331c8dbc087f677d4eca8035d19626c0662a712b95d0d78bbeba05b7c3bbe7dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 05:31:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61196
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
10845
x-xss-protection
0
server
cafe
etag
14737611871312058204
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Sep 2021 05:31:58 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 9235 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CwSQGWS49YZOBGNDizAbsh77YBd70hKNk7_DCs7sOrPrkiPclEAEgopm0SmDJBqAB79HcjgPIAQKoAwHIA8kEqgTaAU_QMf1sMlSBI5pwfelsvSWDpzNNaE1KDFW8cnK7kiaL86XfI2gkww7oqqDzM0NAS54GGceZZgOafzMsEHUh7feFZUv6QqRAB_FCg1rr7szE9sSxzp_SwD05yexcel5mz458RfxImBYKPh2iy-UPCFy2ISjkIUYbiHgziZfzKc7TT8pAjkU5GyvFFJevBKyy3mHJA_gLsX_4wMP3WPbEGqsbjDSQH1G2Q4d5TdDa4laKbxki37vjK4urS29hBM9W90rFBOeh2HoiZ2JmxRCQznzkHBVhL7pTb_OgwASh9rC32wOSBQQIBBgBkgUECAUYBKAGAoAH-a2jcagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhvYBwHyBwUQy56dA9IIBwiAYRABGB-ACgHICwHYEwzQFQGAFwGyFxwKGggAEhRwdWItODcwMjEwNzc2NTQ2NTQyMxgA&sigh=I3ZdaAkoYyc
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8702107765465423&output=html&h=280&slotname=3950498584&adk=3319425727&adf=1347063062&pi=t.ma~as.3950498584&w=686&fwrn=1&fwrnh=100&lmt=1629061041&rafmt=1&psa=0&format=686x280&url=https%3A%2F%2F192-168-1-1ip.biz%2F&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631399512936&bpp=1&bdt=544&idt=409&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280&correlator=5088536934191&frm=20&pv=1&ga_vid=1229086205.1631399513&ga_sid=1631399513&ga_hid=94265985&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=301&ady=812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422%2C31062297&oid=3&pvsid=1434251097192998&pem=606&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3JwqZnime6&p=https%3A//192-168-1-1ip.biz&dtd=411
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.140.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wq-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8702107765465423&output=html&h=280&slotname=3950498584&adk=3319425727&adf=1347063062&pi=t.ma~as.3950498584&w=686&fwrn=1&fwrnh=100&lmt=1629061041&rafmt=1&psa=0&format=686x280&url=https%3A%2F%2F192-168-1-1ip.biz%2F&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631399512936&bpp=1&bdt=544&idt=409&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280&correlator=5088536934191&frm=20&pv=1&ga_vid=1229086205.1631399513&ga_sid=1631399513&ga_hid=94265985&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=301&ady=812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422%2C31062297&oid=3&pvsid=1434251097192998&pem=606&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3JwqZnime6&p=https%3A//192-168-1-1ip.biz&dtd=411
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sat, 11 Sep 2021 22:31:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame EE65 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.184.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wa-in-f94.1e100.net
Software
sffe /
Resource Hash
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 08 Sep 2021 20:17:53 GMT
x-content-type-options
nosniff
age
267241
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21660
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:07:18 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 08 Sep 2022 20:17:53 GMT
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame EE65 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.184.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wa-in-f94.1e100.net
Software
sffe /
Resource Hash
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 08 Sep 2021 20:15:06 GMT
x-content-type-options
nosniff
age
267408
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21424
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:08:24 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 08 Sep 2022 20:15:06 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame C36C
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8702107765465423&output=html&h=280&slotname=3950498584&adk=457981418&adf=721852255&pi=t.ma~as.3950498584&w=998&fwrn=1&fwrnh=100&lmt=1629061041&rafmt=1&psa=0&format=998x280&url=https%3A%2F%2F192-168-1-1ip.biz%2F&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631399512933&bpp=3&bdt=541&idt=392&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&correlator=5088536934191&frm=20&pv=2&ga_vid=1229086205.1631399513&ga_sid=1631399513&ga_hid=94265985&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=301&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422%2C31062297&oid=3&pvsid=1434251097192998&pem=606&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=7PotcJhml4&p=https%3A//192-168-1-1ip.biz&dtd=406
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.140.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wq-in-f155.1e100.net
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUn7hWYd1sAheWWdDuEK1jprqYUgg2EaO21eMrNX9727miWoc7R5t8ewX4soHEw; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sat, 11 Sep 2021 22:31:54 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Sat, 11-Sep-2021 23:31:54 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 11 Sep 2021 22:31:54 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sat, 11 Sep 2021 22:31:54 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
s
googleads.g.doubleclick.net/pagead/drt/ Frame 09BE 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8702107765465423&output=html&h=280&slotname=3950498584&adk=3319425727&adf=1347063062&pi=t.ma~as.3950498584&w=686&fwrn=1&fwrnh=100&lmt=1629061041&rafmt=1&psa=0&format=686x280&url=https%3A%2F%2F192-168-1-1ip.biz%2F&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631399512936&bpp=1&bdt=544&idt=409&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280&correlator=5088536934191&frm=20&pv=1&ga_vid=1229086205.1631399513&ga_sid=1631399513&ga_hid=94265985&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=301&ady=812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422%2C31062297&oid=3&pvsid=1434251097192998&pem=606&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3JwqZnime6&p=https%3A//192-168-1-1ip.biz&dtd=411
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.140.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wq-in-f155.1e100.net
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8702107765465423&output=html&h=280&slotname=3950498584&adk=3319425727&adf=1347063062&pi=t.ma~as.3950498584&w=686&fwrn=1&fwrnh=100&lmt=1629061041&rafmt=1&psa=0&format=686x280&url=https%3A%2F%2F192-168-1-1ip.biz%2F&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631399512936&bpp=1&bdt=544&idt=409&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280&correlator=5088536934191&frm=20&pv=1&ga_vid=1229086205.1631399513&ga_sid=1631399513&ga_hid=94265985&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=301&ady=812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422%2C31062297&oid=3&pvsid=1434251097192998&pem=606&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3JwqZnime6&p=https%3A//192-168-1-1ip.biz&dtd=411
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUn7hWYd1sAheWWdDuEK1jprqYUgg2EaO21eMrNX9727miWoc7R5t8ewX4soHEw; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8702107765465423&output=html&h=280&slotname=3950498584&adk=3319425727&adf=1347063062&pi=t.ma~as.3950498584&w=686&fwrn=1&fwrnh=100&lmt=1629061041&rafmt=1&psa=0&format=686x280&url=https%3A%2F%2F192-168-1-1ip.biz%2F&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631399512936&bpp=1&bdt=544&idt=409&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280&correlator=5088536934191&frm=20&pv=1&ga_vid=1229086205.1631399513&ga_sid=1631399513&ga_hid=94265985&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=301&ady=812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422%2C31062297&oid=3&pvsid=1434251097192998&pem=606&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3JwqZnime6&p=https%3A//192-168-1-1ip.biz&dtd=411

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sat, 11 Sep 2021 21:46:22 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2732
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
redir.html
p4-anaqvzjzmcnc4-6rbfrtxopvlsb25r-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 7234 		247 B
807 B 		Document
General
Check archive.org
Download Go to
Full URL
https://p4-anaqvzjzmcnc4-6rbfrtxopvlsb25r-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8702107765465423&output=html&h=280&slotname=3950498584&adk=3319425727&adf=1347063062&pi=t.ma~as.3950498584&w=686&fwrn=1&fwrnh=100&lmt=1629061041&rafmt=1&psa=0&format=686x280&url=https%3A%2F%2F192-168-1-1ip.biz%2F&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631399512936&bpp=1&bdt=544&idt=409&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280&correlator=5088536934191&frm=20&pv=1&ga_vid=1229086205.1631399513&ga_sid=1631399513&ga_hid=94265985&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=301&ady=812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422%2C31062297&oid=3&pvsid=1434251097192998&pem=606&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3JwqZnime6&p=https%3A//192-168-1-1ip.biz&dtd=411
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f3.1e100.net
Software
sffe /
Resource Hash
f508d68d0b98b63486bc0935e602d4af6b3677890ed4987f479eda7b2464a58a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
p4-anaqvzjzmcnc4-6rbfrtxopvlsb25r-if-v6exp3-v4.metric.gstatic.com
:scheme
https
:path
/v6exp3/redir.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
content-security-policy-report-only
script-src 'nonce-b815i_QeB1SvRZZuTrDVyQ' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy
cross-origin
content-length
205
date
Sat, 11 Sep 2021 22:31:54 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
last-modified
Mon, 02 Dec 2019 20:15:00 GMT
x-content-type-options
nosniff
content-encoding
gzip
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
reactive_library_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/ 		145 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/reactive_library_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
bb668f5b914a3a51619e1d07d4ed7b0562992306736c78834478292740ddbd68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://192-168-1-1ip.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 22:31:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53094
x-xss-protection
0
server
cafe
etag
3023641859606465074
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 11 Sep 2021 22:31:54 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame A6D4
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8702107765465423&output=html&h=600&slotname=8089993801&adk=99382339&adf=3234323087&pi=t.ma~as.8089993801&w=240&fwrn=1&fwrnh=100&lmt=1629061041&rafmt=1&psa=0&format=240x600&url=https%3A%2F%2F192-168-1-1ip.biz%2F&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631399512937&bpp=1&bdt=545&idt=413&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280%2C686x280&correlator=5088536934191&frm=20&pv=1&ga_vid=1229086205.1631399513&ga_sid=1631399513&ga_hid=94265985&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=1059&ady=443&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422%2C31062297&oid=3&pvsid=1434251097192998&pem=606&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=GOvEWkCT8m&p=https%3A//192-168-1-1ip.biz&dtd=416
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.140.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wq-in-f155.1e100.net
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUn7hWYd1sAheWWdDuEK1jprqYUgg2EaO21eMrNX9727miWoc7R5t8ewX4soHEw; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sat, 11 Sep 2021 22:31:54 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Sat, 11-Sep-2021 23:31:54 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 11 Sep 2021 22:31:54 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sat, 11 Sep 2021 22:31:54 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 9235 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cb5255d35b067e3142c6b272ecaa7f80872271bb8936516ec01431ef25534167

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
b0e26f43421b65d1301404ac646ac07d.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18205080945073067104/media/ Frame 3BDA 		115 KB
115 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18205080945073067104/media/b0e26f43421b65d1301404ac646ac07d.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18205080945073067104/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.206.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wk-in-f132.1e100.net
Software
sffe /
Resource Hash
064b936569913db389294c24f4c72d8acf8c44a0e4d5899e0bc4c66053555ef9
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
117503
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 19:23:08 GMT
server
sffe
date
Sat, 11 Sep 2021 22:31:54 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 Sep 2022 22:31:54 GMT
e7737858b0846e286f2971edca237579.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18205080945073067104/media/ Frame 3BDA 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18205080945073067104/media/e7737858b0846e286f2971edca237579.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18205080945073067104/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.206.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wk-in-f132.1e100.net
Software
sffe /
Resource Hash
7d0aa442c307772807f4156422f225c3b8514262e7152364469e947d40a004d3
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2639
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 19:23:08 GMT
server
sffe
date
Sat, 11 Sep 2021 22:31:54 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 Sep 2022 22:31:54 GMT
96082891811e40ef2ecfbf7e88be8249.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18205080945073067104/media/ Frame 3BDA 		8 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18205080945073067104/media/96082891811e40ef2ecfbf7e88be8249.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18205080945073067104/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.206.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wk-in-f132.1e100.net
Software
sffe /
Resource Hash
bfef9a71308b69912938e9ce831820983ecd2910eae46f92ed5411eb90082be9
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1853
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 19:23:08 GMT
server
sffe
date
Sat, 11 Sep 2021 22:31:54 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 Sep 2022 22:31:54 GMT
7e912f43266b4a131891344898632835.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18205080945073067104/media/ Frame 3BDA 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18205080945073067104/media/7e912f43266b4a131891344898632835.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18205080945073067104/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.206.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wk-in-f132.1e100.net
Software
sffe /
Resource Hash
847ddfebb93eb765c9d6a0f8c1086aa0d1668a23db42da4c3e41ea5ca820b006
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1405
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 19:23:08 GMT
server
sffe
date
Sat, 11 Sep 2021 22:31:54 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 Sep 2022 22:31:54 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 09BE
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8702107765465423&output=html&h=280&slotname=3950498584&adk=3319425727&adf=1347063062&pi=t.ma~as.3950498584&w=686&fwrn=1&fwrnh=100&lmt=1629061041&rafmt=1&psa=0&format=686x280&url=https%3A%2F%2F192-168-1-1ip.biz%2F&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631399512936&bpp=1&bdt=544&idt=409&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280&correlator=5088536934191&frm=20&pv=1&ga_vid=1229086205.1631399513&ga_sid=1631399513&ga_hid=94265985&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=301&ady=812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422%2C31062297&oid=3&pvsid=1434251097192998&pem=606&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3JwqZnime6&p=https%3A//192-168-1-1ip.biz&dtd=411
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.140.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wq-in-f155.1e100.net
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUn7hWYd1sAheWWdDuEK1jprqYUgg2EaO21eMrNX9727miWoc7R5t8ewX4soHEw; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sat, 11 Sep 2021 22:31:54 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Sat, 11-Sep-2021 23:31:54 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 11 Sep 2021 22:31:54 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sat, 11 Sep 2021 22:31:54 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
9d3e70add8533fedc655a5dc999042f7.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18205080945073067104/media/ Frame 3BDA 		2 KB
951 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18205080945073067104/media/9d3e70add8533fedc655a5dc999042f7.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18205080945073067104/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.206.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wk-in-f132.1e100.net
Software
sffe /
Resource Hash
f01d0b8537d0845e8219ada9969c31c837ad7b87485c424e135397780d5fb73e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
924
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 19:23:08 GMT
server
sffe
date
Sat, 11 Sep 2021 22:31:54 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 Sep 2022 22:31:54 GMT
N5eGun79KMNogHl3JXLjLo7C-VgSu6qtVH-zZQh4z98.js
pagead2.googlesyndication.com/bg/ Frame 3BDA 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/N5eGun79KMNogHl3JXLjLo7C-VgSu6qtVH-zZQh4z98.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
sffe /
Resource Hash
379786ba7efd28c3688079772572e32e8ec2f95812bbaaad547fb3650878cfdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 01:48:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
74632
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13196
x-xss-protection
0
last-modified
Mon, 06 Sep 2021 10:38:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 11 Sep 2022 01:48:02 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=192-168-1-1ip.biz
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.140.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wq-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://192-168-1-1ip.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 11 Sep 2021 22:31:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/ Frame D46F 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.140.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wq-in-f155.1e100.net
Software
cafe /
Resource Hash
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://192-168-1-1ip.biz/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUn7hWYd1sAheWWdDuEK1jprqYUgg2EaO21eMrNX9727miWoc7R5t8ewX4soHEw; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://192-168-1-1ip.biz/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sat, 11 Sep 2021 19:35:32 GMT
expires
Sat, 25 Sep 2021 19:35:32 GMT
content-type
text/html; charset=UTF-8
etag
13836150016441684253
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4591
x-xss-protection
0
age
10582
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/ Frame A847 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.140.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wq-in-f155.1e100.net
Software
cafe /
Resource Hash
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://192-168-1-1ip.biz/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUn7hWYd1sAheWWdDuEK1jprqYUgg2EaO21eMrNX9727miWoc7R5t8ewX4soHEw; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://192-168-1-1ip.biz/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sat, 11 Sep 2021 19:35:32 GMT
expires
Sat, 25 Sep 2021 19:35:32 GMT
content-type
text/html; charset=UTF-8
etag
13836150016441684253
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4591
x-xss-protection
0
age
10582
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
css2
fonts.googleapis.com/ Frame D46F 		4 KB
633 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.13.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
we-in-f95.1e100.net
Software
ESF /
Resource Hash
e2b5d4752ac81478ad36860fbe67b75bad20bbee7a93e835a25283d310c78999
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 11 Sep 2021 21:37:28 GMT
server
ESF
date
Sat, 11 Sep 2021 22:31:54 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 11 Sep 2021 22:31:54 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame D46F 		205 B
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.184.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wa-in-f94.1e100.net
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 02:32:36 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
244758
vary
Origin
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
expires
Fri, 09 Sep 2022 02:32:36 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame D46F 		604 B
626 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.184.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wa-in-f94.1e100.net
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 08 Sep 2021 11:32:58 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
298736
vary
Origin
content-type
image/png
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
expires
Thu, 08 Sep 2022 11:32:58 GMT
interstitial_ad_frame_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210908/r20110914/elements/html/ Frame D46F 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210908/r20110914/elements/html/interstitial_ad_frame_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.206.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wk-in-f132.1e100.net
Software
cafe /
Resource Hash
4a813e1cf51a9ae7ee86be634312b025bc9f6b1a825308c717dcc9b43c0ce25a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 18:17:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15256
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7693
x-xss-protection
0
server
cafe
etag
15492606927302909567
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Sep 2021 18:17:38 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5097979748761042539/ Frame 3204 		11 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5097979748761042539/index.html
Requested by
Host: 192-168-1-1ip.biz
URL: https://192-168-1-1ip.biz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.206.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wk-in-f132.1e100.net
Software
sffe /
Resource Hash
258a963aa03e3fe6791ab6e30307204b25bae78b703451a85cc1b78cefe0c4a1
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/5097979748761042539/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3338
date
Sat, 11 Sep 2021 22:31:54 GMT
expires
Sun, 11 Sep 2022 22:31:54 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 10 Aug 2021 19:16:37 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210908/r20110914/ Frame A847 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210908/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.206.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wk-in-f132.1e100.net
Software
cafe /
Resource Hash
cc4cb1016499eb5d88379d9cdf358b0083b7c1b80f00889ce86649a88c746e10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 16:32:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21593
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7641
x-xss-protection
0
server
cafe
etag
14368791910870210898
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Sep 2021 16:32:01 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210908/r20110914/client/ Frame A847 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210908/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.206.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wk-in-f132.1e100.net
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 10:52:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41974
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Sep 2021 10:52:20 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A847 		125 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.177.15.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wr-in-f156.1e100.net
Software
sffe /
Resource Hash
1b6abcd01d2337e70b8fdde5a150175d2d4a3231d464e25b9cbdb5bac2bfcd2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 22:31:54 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1631273423644667"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38649
x-xss-protection
0
expires
Sat, 11 Sep 2021 22:31:54 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210908/r20110914/client/ Frame A847 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210908/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.206.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wk-in-f132.1e100.net
Software
cafe /
Resource Hash
114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 16:32:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21587
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6183
x-xss-protection
0
server
cafe
etag
901432759052127119
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Sep 2021 16:32:07 GMT
iframe.html
p4-anaqvzjzmcnc4-6rbfrtxopvlsb25r-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 7234 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://p4-anaqvzjzmcnc4-6rbfrtxopvlsb25r-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Requested by
Host: p4-anaqvzjzmcnc4-6rbfrtxopvlsb25r-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-anaqvzjzmcnc4-6rbfrtxopvlsb25r-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f3.1e100.net
Software
sffe /
Resource Hash
1c5d41770b7094e1dc55ca448306168a85f9eb31f08facaf92a48aef71826999
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
p4-anaqvzjzmcnc4-6rbfrtxopvlsb25r-if-v6exp3-v4.metric.gstatic.com
:scheme
https
:path
/v6exp3/iframe.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://p4-anaqvzjzmcnc4-6rbfrtxopvlsb25r-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://p4-anaqvzjzmcnc4-6rbfrtxopvlsb25r-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
content-security-policy-report-only
script-src 'nonce-oIxoYWr8ZB3FAuopJbvmUg' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length
1859
date
Sat, 11 Sep 2021 22:31:54 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
last-modified
Thu, 29 Apr 2021 21:38:00 GMT
x-content-type-options
nosniff
content-encoding
gzip
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
N5eGun79KMNogHl3JXLjLo7C-VgSu6qtVH-zZQh4z98.js
pagead2.googlesyndication.com/bg/ Frame 4068 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/N5eGun79KMNogHl3JXLjLo7C-VgSu6qtVH-zZQh4z98.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8702107765465423&output=html&h=280&slotname=3950498584&adk=457981418&adf=721852255&pi=t.ma~as.3950498584&w=998&fwrn=1&fwrnh=100&lmt=1629061041&rafmt=1&psa=0&format=998x280&url=https%3A%2F%2F192-168-1-1ip.biz%2F&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631399512933&bpp=3&bdt=541&idt=392&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&correlator=5088536934191&frm=20&pv=2&ga_vid=1229086205.1631399513&ga_sid=1631399513&ga_hid=94265985&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=301&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422%2C31062297&oid=3&pvsid=1434251097192998&pem=606&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CloeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=7PotcJhml4&p=https%3A//192-168-1-1ip.biz&dtd=406
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
sffe /
Resource Hash
379786ba7efd28c3688079772572e32e8ec2f95812bbaaad547fb3650878cfdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 01:48:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
74632
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13196
x-xss-protection
0
last-modified
Mon, 06 Sep 2021 10:38:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 11 Sep 2022 01:48:02 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 6AF8 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.140.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wq-in-f155.1e100.net
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUn7hWYd1sAheWWdDuEK1jprqYUgg2EaO21eMrNX9727miWoc7R5t8ewX4soHEw; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sat, 11 Sep 2021 21:46:22 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2732
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
css
fonts.googleapis.com/ Frame 01B0 		3 KB
578 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.13.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
we-in-f95.1e100.net
Software
ESF /
Resource Hash
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 11 Sep 2021 21:08:00 GMT
server
ESF
date
Sat, 11 Sep 2021 22:31:54 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 11 Sep 2021 22:31:54 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210908/r20110914/client/ Frame 01B0 		1 KB
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210908/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.206.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wk-in-f132.1e100.net
Software
cafe /
Resource Hash
5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 16:32:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21590
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
830
x-xss-protection
0
server
cafe
etag
3558876194914413708
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Sep 2021 16:32:04 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210908/r20110914/ Frame 01B0 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210908/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.206.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wk-in-f132.1e100.net
Software
cafe /
Resource Hash
cc4cb1016499eb5d88379d9cdf358b0083b7c1b80f00889ce86649a88c746e10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 16:32:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21593
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
7641
x-xss-protection
0
server
cafe
etag
14368791910870210898
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Sep 2021 16:32:01 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210908/r20110914/client/ Frame 01B0 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210908/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.206.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wk-in-f132.1e100.net
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 10:52:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41974
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Sep 2021 10:52:20 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 01B0 		125 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.177.15.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wr-in-f156.1e100.net
Software
sffe /
Resource Hash
1b6abcd01d2337e70b8fdde5a150175d2d4a3231d464e25b9cbdb5bac2bfcd2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 22:31:54 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1631273423644667"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38649
x-xss-protection
0
expires
Sat, 11 Sep 2021 22:31:54 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210908/r20110914/client/ Frame 01B0 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210908/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.206.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wk-in-f132.1e100.net
Software
cafe /
Resource Hash
114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 16:32:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21587
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6183
x-xss-protection
0
server
cafe
etag
901432759052127119
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Sep 2021 16:32:07 GMT
8b8c639f95e935c054a6465040a495ee.js
www.gstatic.com/mysidia/ Frame 01B0 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/8b8c639f95e935c054a6465040a495ee.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.184.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wa-in-f94.1e100.net
Software
sffe /
Resource Hash
42dc9aece188c290c3303813e9f91c1d596f1267899f3b3357280be43c16ab53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 03:06:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
156315
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10883
x-xss-protection
0
last-modified
Wed, 08 Sep 2021 00:31:01 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 09 Dec 2021 03:06:39 GMT
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 3204 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5097979748761042539/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.206.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wk-in-f132.1e100.net
Software
cafe /
Resource Hash
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 16:20:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22268
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
3271
x-xss-protection
0
server
cafe
etag
7483759447172721109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sun, 12 Sep 2021 16:20:46 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 3204 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5097979748761042539/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.206.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wk-in-f132.1e100.net
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 10:54:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41841
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sun, 12 Sep 2021 10:54:33 GMT
3d3f008e41275bdda2159039319ccfee.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5097979748761042539/ Frame 3204 		71 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5097979748761042539/3d3f008e41275bdda2159039319ccfee.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5097979748761042539/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.206.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wk-in-f132.1e100.net
Software
sffe /
Resource Hash
e5445bdde0b088b6a6ab9fbe5bf698eed797aa793c675a01de2da251f5bcb230
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 19:16:37 GMT
server
sffe
date
Sat, 11 Sep 2021 22:31:54 GMT
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 Sep 2022 22:31:54 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 6AF8
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.140.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wq-in-f155.1e100.net
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUn7hWYd1sAheWWdDuEK1jprqYUgg2EaO21eMrNX9727miWoc7R5t8ewX4soHEw; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sat, 11 Sep 2021 22:31:54 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Sat, 11-Sep-2021 23:31:54 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 11 Sep 2021 22:31:54 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sat, 11 Sep 2021 22:31:54 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
s
googleads.g.doubleclick.net/pagead/drt/ Frame BE47 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.140.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wq-in-f155.1e100.net
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUn7hWYd1sAheWWdDuEK1jprqYUgg2EaO21eMrNX9727miWoc7R5t8ewX4soHEw; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sat, 11 Sep 2021 21:46:22 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2732
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
9d9bd09741c9c0eaeca8f959f5cbaa0e.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5097979748761042539/media/ Frame 3204 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5097979748761042539/media/9d9bd09741c9c0eaeca8f959f5cbaa0e.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5097979748761042539/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.206.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wk-in-f132.1e100.net
Software
sffe /
Resource Hash
947d519eda45a36e9fcd790f5746a68b2138ec722d54063eb7ace18ae10e9997
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
13358
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 19:16:37 GMT
server
sffe
date
Sat, 11 Sep 2021 22:31:54 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 Sep 2022 22:31:54 GMT
1118199b568822a9f33463c42575ce16.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5097979748761042539/media/ Frame 3204 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5097979748761042539/media/1118199b568822a9f33463c42575ce16.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5097979748761042539/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.206.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wk-in-f132.1e100.net
Software
sffe /
Resource Hash
3fcc53bf88d49f13266c95645c2361ad99f4c9eb7285a2f72e09dc049496e39e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2087
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 19:16:37 GMT
server
sffe
date
Sat, 11 Sep 2021 22:31:54 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 Sep 2022 22:31:54 GMT
8422e33adfc610f2a266026d9b19db9e.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5097979748761042539/media/ Frame 3204 		8 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5097979748761042539/media/8422e33adfc610f2a266026d9b19db9e.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5097979748761042539/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.206.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wk-in-f132.1e100.net
Software
sffe /
Resource Hash
07d2113171904e9896e25ac0c5b78dca1232b6b40a75d82f213569c6ee0cf835
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2149
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 19:16:37 GMT
server
sffe
date
Sat, 11 Sep 2021 22:31:54 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 Sep 2022 22:31:54 GMT
aa1ed266db40547598e8ad1b0b1d5c46.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5097979748761042539/media/ Frame 3204 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5097979748761042539/media/aa1ed266db40547598e8ad1b0b1d5c46.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5097979748761042539/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.206.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wk-in-f132.1e100.net
Software
sffe /
Resource Hash
7875c2d54d78148edce7b6b185b665b22e0a8ea655677e1a3e79613b6271d861
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1403
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 19:16:37 GMT
server
sffe
date
Sat, 11 Sep 2021 22:31:54 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 Sep 2022 22:31:54 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame BE47
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.140.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wq-in-f155.1e100.net
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUn7hWYd1sAheWWdDuEK1jprqYUgg2EaO21eMrNX9727miWoc7R5t8ewX4soHEw; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sat, 11 Sep 2021 22:31:54 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Sat, 11-Sep-2021 23:31:54 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 11 Sep 2021 22:31:54 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sat, 11 Sep 2021 22:31:54 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
N5eGun79KMNogHl3JXLjLo7C-VgSu6qtVH-zZQh4z98.js
pagead2.googlesyndication.com/bg/ Frame 3204 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/N5eGun79KMNogHl3JXLjLo7C-VgSu6qtVH-zZQh4z98.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
sffe /
Resource Hash
379786ba7efd28c3688079772572e32e8ec2f95812bbaaad547fb3650878cfdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 01:48:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
74632
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13196
x-xss-protection
0
last-modified
Mon, 06 Sep 2021 10:38:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 11 Sep 2022 01:48:02 GMT
N5eGun79KMNogHl3JXLjLo7C-VgSu6qtVH-zZQh4z98.js
pagead2.googlesyndication.com/bg/ Frame 0372 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/N5eGun79KMNogHl3JXLjLo7C-VgSu6qtVH-zZQh4z98.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8702107765465423&output=html&h=280&slotname=3950498584&adk=3319425727&adf=1347063062&pi=t.ma~as.3950498584&w=686&fwrn=1&fwrnh=100&lmt=1629061041&rafmt=1&psa=0&format=686x280&url=https%3A%2F%2F192-168-1-1ip.biz%2F&flash=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631399512936&bpp=1&bdt=544&idt=409&shv=r20210908&mjsv=m202109080101&ptt=9&saldr=aa&abxe=1&prev_fmts=998x280&correlator=5088536934191&frm=20&pv=1&ga_vid=1229086205.1631399513&ga_sid=1631399513&ga_hid=94265985&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=301&ady=812&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062422%2C31062297&oid=3&pvsid=1434251097192998&pem=606&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3JwqZnime6&p=https%3A//192-168-1-1ip.biz&dtd=411
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
sffe /
Resource Hash
379786ba7efd28c3688079772572e32e8ec2f95812bbaaad547fb3650878cfdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 01:48:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
74632
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13196
x-xss-protection
0
last-modified
Mon, 06 Sep 2021 10:38:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 11 Sep 2022 01:48:02 GMT
52385854
mc.yandex.ru/webvisor/ 		43 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/webvisor/52385854?wmode=0&wv-part=1&wv-hit=100544482&page-url=https%3A%2F%2F192-168-1-1ip.biz%2F&rn=210730670&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1631399515%3Aw%3A1600x1200%3Av%3A631%3Az%3A0%3Ai%3A20210911223154%3Au%3A16313995131072933408%3Avf%3A25rt5xw53ficqveir9%3Awe%3A1%3Ati%3A2%3Ast%3A1631399515
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://192-168-1-1ip.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 11 Sep 2021 22:31:55 GMT
last-modified
Sat, 11-Sep-2021 22:31:55 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://192-168-1-1ip.biz
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 11-Sep-2021 22:31:55 GMT
52385854
mc.yandex.ru/webvisor/ 		43 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/webvisor/52385854?wmode=0&wv-part=1&wv-hit=100544482&page-url=https%3A%2F%2F192-168-1-1ip.biz%2F&rn=185620430&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1631399515%3Aw%3A1600x1200%3Av%3A631%3Az%3A0%3Ai%3A20210911223154%3Au%3A16313995131072933408%3Avf%3A25rt5xw53ficqveir9%3Awe%3A1%3Ati%3A2%3Ast%3A1631399515
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://192-168-1-1ip.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 11 Sep 2021 22:31:55 GMT
last-modified
Sat, 11-Sep-2021 22:31:55 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://192-168-1-1ip.biz
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 11-Sep-2021 22:31:55 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210908&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
ca9ef81da02ed1950ccb602085e59eabf990be7fd43d7636b1ff749e98eeccc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://192-168-1-1ip.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 11 Sep 2021 22:31:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8646
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame CB0C 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv2sAowSEQpnCnR70pZsLKHCIqmvpRCGn4zFxi7kojTgWTKoxKTwmTFR3WUumVqu5t7yW1XcsX6qYDZPqgq2a3aw1E76Omz3sJ4YIhL2IDRRdxIybQQ0Ueibbw&sai=AMfl-YQ8JIsDufpR0WUfParvDcYl9Y1RiO8UZgjSnZ_zNK_e4d9tUWD6s-1nC6B2zHKIhA8SPs_jmPI6kBNc&sig=Cg0ArKJSzPU3PGiT4lcCEAE&id=lidar2&mcvt=1000&p=443,1059,923,1299&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210910&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=99382339&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&eosm=0&rst=1631399513993&rpt=134&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 11 Sep 2021 22:31:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109080101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.206.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wk-in-f132.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://192-168-1-1ip.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 22:31:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
6467
x-xss-protection
0
expires
Sat, 11 Sep 2021 22:31:55 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame C9A0 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.206.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wk-in-f132.1e100.net
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://192-168-1-1ip.biz/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://192-168-1-1ip.biz/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Sun, 05 Sep 2021 04:49:57 GMT
expires
Mon, 05 Sep 2022 04:49:57 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
582118
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
aframe
www.google.com/recaptcha/api2/ Frame B35B 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.32.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s77-in-f4.1e100.net
Software
GSE /
Resource Hash
8d3b8c31974582cdcd488f2f97c095c8a159c54623e1af5e92ea24b1fe5e35fc
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-nI+NNw34IKvLnM92XA1qYw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://192-168-1-1ip.biz/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://192-168-1-1ip.biz/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sat, 11 Sep 2021 22:31:55 GMT
date
Sat, 11 Sep 2021 22:31:55 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-nI+NNw34IKvLnM92XA1qYw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
activeview
pagead2.googlesyndication.com/pcs/ Frame 9235 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv9gENcdmjmh8TNY4gwqi4_ozHwO0KxDURvLAHMig0fuSRX_n2jpM1iDQ7186PjfLfgnhd3P5NUGsWm3q9450u9gplCSEojmjayjWIdAPW8H_cYWeFs3r0Pn9A&sai=AMfl-YTzOxQYdMdpsLX9fAFWhqMewMbHaDkZHDABaAqutX-7POIsoescUErgKfouD00eQHD3G4cH0QGFuc3a&sig=Cg0ArKJSzG41KRhopMC4EAE&id=lidar2&mcvt=1004&p=812,301,989,987&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20210910&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=3319425727&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&eosm=0&rst=1631399513348&rpt=971&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 11 Sep 2021 22:31:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
N5eGun79KMNogHl3JXLjLo7C-VgSu6qtVH-zZQh4z98.js
pagead2.googlesyndication.com/bg/ Frame C9A0 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/N5eGun79KMNogHl3JXLjLo7C-VgSu6qtVH-zZQh4z98.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
sffe /
Resource Hash
379786ba7efd28c3688079772572e32e8ec2f95812bbaaad547fb3650878cfdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 01:48:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
74633
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13196
x-xss-protection
0
last-modified
Mon, 06 Sep 2021 10:38:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 11 Sep 2022 01:48:02 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame B35B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20210908&jk=1434251097192998&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame EE65 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstVjOOf8wCbWYkfJXbGkA3FG4YvcYo9wg2nUstg8qCeMD-rXnsebF3K-oaeAG3glOGyMg1oi4_uF8eGVCSCKVioGiPIWmYJ9VxJ9HLcIBmtg4bHsGaksFYXDa8&sai=AMfl-YQEZAQxddLh3nz4x6W51VyBNs1hepCDuFBLFXNUIYRObRd-813RNP3u33NjNEnKRbZ1n7EuD2JGLNxt&sig=Cg0ArKJSzG60CLAchp_dEAE&id=lidar2&mcvt=1000&p=101,301,381,1299&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210910&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=457981418&rs=2&met=mue&la=1&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&eosm=0&rst=1631399513340&rpt=1212&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 11 Sep 2021 22:31:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210908&jk=1434251097192998&bg=!7u2l7anNAAYT0U73E9E7ACkAdvg8WkI2kaNdhNd12YypwWmjhoDeo76wt7g_CPe2aFrRsVz17jydUAIAAABfUgAAAAtoAQcKAA-XUAhKcxGV0hiyxzdLswuZAniII0k9SEv1gsB4lKq0RbNlsDoP8_NjyXDrNmeeMya9FCVKqCizPo19jc5vLJ_MKmZjcFQE0UDJdHKu1X7pAtfUYUGXz-ol1nalLDdKcgV8SmSuJwSz9aMvuTCshhoxSfSXkKHrHmGq4nrFdXsGBTaaPxEUFhzhPmlLB-Y3e3alqbWzsKhQJyv15C-kaEuo6PAnluG4WsvWPaBY1RNQofeqL5Z-kaGhVzIzvt8zLWeM5MRDB2LY2Y7D61O_HN5sO3SOZFT9ZAbYyR7sLC-xF3a408zf9T5NTaPpU78myRtAysmzXGqyRjAigyfS9sqUMk9R9znglpTcJfQDArJG6uesPggcKPAZIFI4HDM30xZLIU_GBDUykZ0dtFWVOYJUJ-SLVrAbMQptlnBj6fzj36nmDkdzP5VW1mMPsQMerLZEluJNIKmShx8iDuBNmLq1d3HR7l8shpEC0u3683-RRLm_6r90mLaPri69UvLjG-X1dd0McQSL5Lm-MAUo0AJkk3I-P_6TIFSyqXOelWOc7bjlYTtClz60TtjqkfiAPsQrac4NHs-01cDXYkUVuDy-WIyIscP4ZrC0uR_O2AX-UNoo6SwZJmvUrk75zNpnJYPo5aaxDVPQlBLdHaUen2eS4-fYLFVQYtm6E0iM9rfnYxGZDBKasY_hl9AaoUwzwPpy7FlvXEUys4pJoJQx2rRyGvbuqpqeV_hHLako-KGjNV5V1GesA77h8Ub9yC0THHxSCBNSLpVChosxWWmdGJEn4X5kWwDNQbN6G4qWcueaHU79PwGWZ25cRyYPuG0eXnfePtsesZsLBASJ3b5Pea3vkRzEERcIOTPa2Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://192-168-1-1ip.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 11 Sep 2021 22:31:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
52385854
mc.yandex.ru/webvisor/ 		43 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/webvisor/52385854?wmode=0&wv-part=2&wv-hit=100544482&page-url=https%3A%2F%2F192-168-1-1ip.biz%2F&rn=681728085&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1631399517%3Aw%3A1600x1200%3Av%3A631%3Az%3A0%3Ai%3A20210911223156%3Au%3A16313995131072933408%3Avf%3A25rt5xw53ficqveir9%3Awe%3A1%3Ati%3A2%3Ast%3A1631399517
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://192-168-1-1ip.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 11 Sep 2021 22:31:56 GMT
last-modified
Sat, 11-Sep-2021 22:31:56 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://192-168-1-1ip.biz
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 11-Sep-2021 22:31:56 GMT

Verdicts & Comments Add Verdict or Comment

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| onbeforexrselect boolean| originAgentCluster object| adsbygoogle function| $ function| jQuery function| cookieinfo object| cbinstance function| ym object| Ya object| yaCounter52385854 object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map string| google_user_agent_client_hint function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired object| google_image_requests function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| googletag object| google_llp object| GoogleGcLKhOms

19 Cookies

Domain/Path Name / Value
.cookieinfoscript.com/ Name: __cf_bm
Value: .BXXJygf8cbcIn8amEdlyAzVdU9VClnNRER_CyH5e.s-1631399512-0-AWE1c+9mtRNpLQ4u+qgkLU2ptqFzbjF5wRdy8tXyvR4Flrm4VF9MVfzWXee2sHV0/O1fYNwQj5Tt1zMiGPZeidg=
.192-168-1-1ip.biz/ Name: _ym_uid
Value: 16313995131072933408
.192-168-1-1ip.biz/ Name: _ym_d
Value: 1631399513
.yandex.ru/ Name: ymex
Value: 1662935512.yrts.1631399512#1662935512.yrtsi.1631399512
.yandex.ru/ Name: yandexuid
Value: 3920005941631399512
.yandex.ru/ Name: yuidss
Value: 3920005941631399512
mc.yandex.ru/ Name: yabs-sid
Value: 1646008411631399512
.yandex.ru/ Name: i
Value: miBep5CpuYoX4lGvwFu93zZ+0kYCWfQiHoHFM9a+WaUkuJ4lEFfhgQujyuCuAP3GwyaQEsz6J/7VGCN2ln92YbVfKuE=
.192-168-1-1ip.biz/ Name: _ym_isad
Value: 2
.192-168-1-1ip.biz/ Name: _ym_visorc
Value: w
.mc.webvisor.org/ Name: sync_cookie_csrf
Value: 217750774fake
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 4047519365fake
.webvisor.org/ Name: yandexuid
Value: 3920005941631399512
.webvisor.org/ Name: yuidss
Value: 3920005941631399512
.mc.webvisor.org/ Name: sync_cookie_ok
Value: synced
.192-168-1-1ip.biz/ Name: __gads
Value: ID=3337c3645e79f732-22686316edca00ac:T=1631399513:RT=1631399513:S=ALNI_Ma9vlISD0TTFCXeih8ZJE4fvQtASQ
.doubleclick.net/ Name: IDE
Value: AHWqTUn7hWYd1sAheWWdDuEK1jprqYUgg2EaO21eMrNX9727miWoc7R5t8ewX4soHEw
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.doubleclick.net/ Name: DSID
Value: NO_DATA

1 Console Messages

Source Level URL
Text
security error URL: https://googleads.g.doubleclick.net/pagead/html/r20210908/r20110914/zrt_lookup.html?fsb=1(Line 17)
Message:
The Content Security Policy 'child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5097979748761042539/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5097979748761042539/index.html' was delivered via a <meta> element outside the document's <head>, which is disallowed. The policy has been ignored.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

192-168-1-1ip.biz
19216811.site
adservice.google.com
ajax.googleapis.com
cdn.jsdelivr.net
cookieinfoscript.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
mc.webvisor.org
mc.yandex.ru
p4-anaqvzjzmcnc4-6rbfrtxopvlsb25r-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
routerlogin.life
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.routerlogin.cloud
104.21.19.118
104.21.2.152
104.21.34.18
108.177.15.156
142.250.13.95
142.250.176.194
142.250.80.99
142.251.32.100
151.101.13.229
154.47.36.144
172.67.167.86
172.67.178.250
64.233.167.95
64.233.184.94
74.125.140.154
74.125.140.155
74.125.206.132
74.125.206.154
93.158.134.119
002a64158974851604a71c0ac7f1a06c2f0eb3a51606253d2453470b96913e90
0462a2b7bc22844a2df7ae67fc834fc4757baf6210ec181481428e59de3aff28
064b936569913db389294c24f4c72d8acf8c44a0e4d5899e0bc4c66053555ef9
07d2113171904e9896e25ac0c5b78dca1232b6b40a75d82f213569c6ee0cf835
0ab31a97c236988bb6e415187b2197cdbf689664173015dffd6da8eb96b1626f
114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19c707edaec21333f19708afacdabb2fa626eb38b8ef5464cfec9a63bc3564a9
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
1b6abcd01d2337e70b8fdde5a150175d2d4a3231d464e25b9cbdb5bac2bfcd2c
1c5d41770b7094e1dc55ca448306168a85f9eb31f08facaf92a48aef71826999
1dcc865eab5cc303b57d50e1cc4573a86bb86737edbf892c735b5230e50fafa8
258a963aa03e3fe6791ab6e30307204b25bae78b703451a85cc1b78cefe0c4a1
32696a4bec08646be0a0fdb473c2995153c47b4a9ac46b1398d3a6a1ca91bcc2
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
331c8dbc087f677d4eca8035d19626c0662a712b95d0d78bbeba05b7c3bbe7dc
379786ba7efd28c3688079772572e32e8ec2f95812bbaaad547fb3650878cfdf
3fcc53bf88d49f13266c95645c2361ad99f4c9eb7285a2f72e09dc049496e39e
417d946bcb15f61d2d93d18ace64cc42ecbeabfb35a40951d79ae770e2cd9bde
42dc9aece188c290c3303813e9f91c1d596f1267899f3b3357280be43c16ab53
46d6fb0011b8ae073f37d0f3147686dc63859e88d07c26b742bc62313d47d224
4a813e1cf51a9ae7ee86be634312b025bc9f6b1a825308c717dcc9b43c0ce25a
4af6c5be83e60f66720912d58ce0d120048de1fa2e0635865dcbd3b520ea42a4
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
74696de7db3cfc983f841facfdca75dbf4c114af467b05e23fe6d95694cab0fa
7875c2d54d78148edce7b6b185b665b22e0a8ea655677e1a3e79613b6271d861
7d0aa442c307772807f4156422f225c3b8514262e7152364469e947d40a004d3
847ddfebb93eb765c9d6a0f8c1086aa0d1668a23db42da4c3e41ea5ca820b006
853241b51a6732b0f482495bf748e64bbcf1468c98c9858f2416d266a0ff02d9
894da9bd50da01ad11614e60a0daea1690f0b3a915b26457e497f1d752faee0e
8d3b8c31974582cdcd488f2f97c095c8a159c54623e1af5e92ea24b1fe5e35fc
9059ca78a9084462db7c7e763eb2a205cb5fc0587481909152d72ceced17f9b3
947d519eda45a36e9fcd790f5746a68b2138ec722d54063eb7ace18ae10e9997
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
ac036d65d682d66691ce8f519135d8825159594b0b5e1c2da763d9277a59b718
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb668f5b914a3a51619e1d07d4ed7b0562992306736c78834478292740ddbd68
bd25135344b43c888495e9484ed845f8fc6bd0e14ea5fa4abbc0012e7a3051c5
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
bfef9a71308b69912938e9ce831820983ecd2910eae46f92ed5411eb90082be9
c430f644efb55920d9c3d0534971f41cba4f896ab5e58b91e588decf05972731
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
ca9ef81da02ed1950ccb602085e59eabf990be7fd43d7636b1ff749e98eeccc2
cadedca735c6ec45885014e69884b741d9ef44349cd95c9271ae066216d49f6e
cb5255d35b067e3142c6b272ecaa7f80872271bb8936516ec01431ef25534167
cc4cb1016499eb5d88379d9cdf358b0083b7c1b80f00889ce86649a88c746e10
d3f90ac82323da5d89e35ce6c87d828faddd812998d3b8a80a1a0575c5f66c0d
d4c1781a4bb7ca391b69ce5d70d072f5b6a7931905b7372cfd14c279089b3c10
d54a5a814659b7cbb39a54a2e91f41a1f2d47029b8a673b9e0eae702df4e78f3
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d8f8cdb5aeedf4b9737a05e36cdff6236915390471280befa4ead41179bdd408
db75d162abd392db5a46dbe77d85ecc104286c6792766ae9c0327fb95a481033
e2b5d4752ac81478ad36860fbe67b75bad20bbee7a93e835a25283d310c78999
e372800b661bebfc55343342b76f385e800ebcaf8db0fb91e13145ca2d90192a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5445bdde0b088b6a6ab9fbe5bf698eed797aa793c675a01de2da251f5bcb230
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f01d0b8537d0845e8219ada9969c31c837ad7b87485c424e135397780d5fb73e
f508d68d0b98b63486bc0935e602d4af6b3677890ed4987f479eda7b2464a58a