urlscan.io logo urlscan.io
SecurityTrails logo

proxy.my-addr.com Open in urlscan Pro
91.197.129.74  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://proxy9747.my-addr.org/
Effective URL: http://proxy.my-addr.com/
Submission Tags: falconsandbox
Submission: On March 16 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 3 countries across 9 domains to perform 41 HTTP transactions. The main IP is 91.197.129.74, located in Ukraine and belongs to OVDC-AS, UA. The main domain is proxy.my-addr.com.
This is the only time proxy.my-addr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

11    91.197.129.74 (Ukraine)

ASN8870 (OVDC-AS, UA)
proxy9747.my-addr.org
proxy.my-addr.com
10    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
5    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:801::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
9    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
googleads4.g.doubleclick.net
1    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
19 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 90
tpc.googlesyndication.com — Cisco Umbrella Rank: 122
260 KB
10 my-addr.com
proxy.my-addr.com
44 KB
6 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 276
30 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 57
www.google.com — Cisco Umbrella Rank: 2
2 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 147
36 KB
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 246
13 KB
1 google.de
adservice.google.de — Cisco Umbrella Rank: 8832
792 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 716
645 B
1 my-addr.org
proxy9747.my-addr.org
227 B
41 9
Domain Requested by
10 pagead2.googlesyndication.com proxy.my-addr.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.googletagservices.com
10 proxy.my-addr.com proxy.my-addr.com
9 tpc.googlesyndication.com googleads.g.doubleclick.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
5 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 www.google.com tpc.googlesyndication.com
1 googleads4.g.doubleclick.net googleads.g.doubleclick.net
1 www.googletagservices.com googleads.g.doubleclick.net
1 s0.2mdn.net googleads.g.doubleclick.net
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 proxy9747.my-addr.org 1 redirects
41 12

This site contains links to these domains. Also see Links.

Domain
eproxy.my-addr.com
Subject Issuer Validity Valid
*.g.doubleclick.net
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh

This page contains 9 frames:

Primary Page: http://proxy.my-addr.com/
Frame ID: C1EBA744A2F0D4C764329E4EA853C084
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220314/r20190131/zrt_lookup.html
Frame ID: 24C9BFC8CF80ED0A8BC0DC027382AC65
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6773924891626056&output=html&h=15&slotname=1955924050&adk=138760809&adf=3237701139&pi=t.ma~as.1955924050&w=728&lmt=1647448490&psa=0&url=http%3A%2F%2Fproxy.my-addr.com%2F&wgl=1&dt=1647448490850&bpp=4&bdt=152&idt=96&shv=r20220314&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&correlator=6969974581276&frm=20&pv=2&ga_vid=1915947001.1647448491&ga_sid=1647448491&ga_hid=1609568396&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=438&ady=165&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C31065470%2C44760494%2C31065654&oid=2&pvsid=4127566475602876&pem=836&tmod=36349387&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=Ikw2ibWQ0h&p=http%3A//proxy.my-addr.com&dtd=113
Frame ID: 5ECF183D30689DB711876C4FDB4B8BA0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6773924891626056&output=html&h=90&slotname=1962536055&adk=2659712286&adf=94351142&pi=t.ma~as.1962536055&w=728&lmt=1647448490&psa=0&format=728x90&url=http%3A%2F%2Fproxy.my-addr.com%2F&wgl=1&dt=1647448490854&bpp=1&bdt=156&idt=113&shv=r20220314&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_slotnames=1955924050&correlator=6969974581276&frm=20&pv=1&ga_vid=1915947001.1647448491&ga_sid=1647448491&ga_hid=1609568396&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=439&ady=212&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C31065470%2C44760494%2C31065654&oid=2&pvsid=4127566475602876&pem=836&tmod=36349387&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Te1xQuQmOP&p=http%3A//proxy.my-addr.com&dtd=116
Frame ID: 65C4FE53F19950FEC554EF26701B2304
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6773924891626056&output=html&h=15&slotname=1955924050&adk=2779156746&adf=3495277003&pi=t.ma~as.1955924050&w=728&lmt=1647448490&psa=0&url=http%3A%2F%2Fproxy.my-addr.com%2F&wgl=1&dt=1647448490855&bpp=1&bdt=157&idt=117&shv=r20220314&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&prev_slotnames=1955924050&correlator=6969974581276&frm=20&pv=1&ga_vid=1915947001.1647448491&ga_sid=1647448491&ga_hid=1609568396&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=440&ady=558&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C31065470%2C44760494%2C31065654&oid=2&pvsid=4127566475602876&pem=836&tmod=36349387&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=JiPLw9pGu4&p=http%3A//proxy.my-addr.com&dtd=120
Frame ID: 958710584962236A8DC30620E32C0BA4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6773924891626056&output=html&adk=1812271804&adf=3025194257&lmt=1647448490&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fproxy.my-addr.com%2F&ea=0&pra=7&wgl=1&dt=1647448490864&bpp=1&bdt=166&idt=113&shv=r20220314&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&prev_slotnames=1955924050%2C1955924050&nras=1&correlator=6969974581276&frm=20&pv=1&ga_vid=1915947001.1647448491&ga_sid=1647448491&ga_hid=1609568396&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C31065470%2C44760494%2C31065654&oid=2&pvsid=4127566475602876&pem=836&tmod=36349387&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=4&uci=a!4&fsb=1&dtd=118
Frame ID: 1EDABBE51DD80BDF38D5C454A53C582E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: CE438E54B95EB057DE425A6EF3070E17
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B119E75128E43C902C5BC12B50898899
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8DD4F18A2EAE3540F2CA1E59A1EAA3CC
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Online web proxy,free anonymous web surfing,anonymizer,proxy

Page URL History Show full URLs

  1. http://proxy9747.my-addr.org/ HTTP 301
    http://proxy.my-addr.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Page Statistics

41
Requests

73 %
HTTPS

73 %
IPv6

9
Domains

12
Subdomains

12
IPs

3
Countries

386 kB
Transfer

929 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://proxy9747.my-addr.org/ HTTP 301
    http://proxy.my-addr.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

41 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
proxy.my-addr.com/
Redirect Chain
  • http://proxy9747.my-addr.org/
  • http://proxy.my-addr.com/
10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://proxy.my-addr.com/
Protocol
HTTP/1.1
Server
91.197.129.74 , Ukraine, ASN8870 (OVDC-AS, UA),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
978598976dd2c430c4c674e4c4ca150e0fefdbf3fadcec4c64ea1c70b8387911

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
nginx/1.2.1
Date
Wed, 16 Mar 2022 16:32:03 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache
Content-Encoding
gzip

Redirect headers

Server
nginx/1.2.1
Date
Wed, 16 Mar 2022 16:32:03 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Location
http://proxy.my-addr.com/
style.css
proxy.my-addr.com/myaddrproxy_img/ 		5 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://proxy.my-addr.com/myaddrproxy_img/style.css?r=14
Requested by
Host: proxy.my-addr.com
URL: http://proxy.my-addr.com/
Protocol
HTTP/1.1
Server
91.197.129.74 , Ukraine, ASN8870 (OVDC-AS, UA),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
bb8f1fd9eac6417a7798877763a40fa7d08107c0a426ab68c08d098c2d05b635

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://proxy.my-addr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 16:32:03 GMT
Last-Modified
Mon, 18 Nov 2013 02:13:36 GMT
Server
nginx/1.2.1
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5601
Content-Type
text/css
proxy_header.png
proxy.my-addr.com/myaddrproxy_img/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://proxy.my-addr.com/myaddrproxy_img/proxy_header.png
Requested by
Host: proxy.my-addr.com
URL: http://proxy.my-addr.com/
Protocol
HTTP/1.1
Server
91.197.129.74 , Ukraine, ASN8870 (OVDC-AS, UA),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
40a6db698693247573884faeb582a2f0b5bf69c9994267f2e3020b3f21718055

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://proxy.my-addr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 16:32:03 GMT
Last-Modified
Mon, 18 Nov 2013 02:13:36 GMT
Server
nginx/1.2.1
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15823
Content-Type
image/png
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		152 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: proxy.my-addr.com
URL: http://proxy.my-addr.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2fefcc7975ba3e28b750f0cf49e67c5ae8b7c36c01c19e022d31ce0f13d122d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://proxy.my-addr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Wed, 16 Mar 2022 16:34:50 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
5065175469722418849
Vary
Accept-Encoding, Origin
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
53667
X-XSS-Protection
0
Expires
Wed, 16 Mar 2022 16:34:50 GMT
start_proxy.png
proxy.my-addr.com/myaddrproxy_img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://proxy.my-addr.com/myaddrproxy_img/start_proxy.png
Requested by
Host: proxy.my-addr.com
URL: http://proxy.my-addr.com/
Protocol
HTTP/1.1
Server
91.197.129.74 , Ukraine, ASN8870 (OVDC-AS, UA),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
7fd96699e6395d34f2bf22d96512de7c00ec9a9703b152bd821a02bd8e8911b3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://proxy.my-addr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 16:32:03 GMT
Last-Modified
Mon, 18 Nov 2013 02:13:36 GMT
Server
nginx/1.2.1
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1538
Content-Type
image/png
green_arrow.png
proxy.my-addr.com/myaddrproxy_img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://proxy.my-addr.com/myaddrproxy_img/green_arrow.png
Requested by
Host: proxy.my-addr.com
URL: http://proxy.my-addr.com/
Protocol
HTTP/1.1
Server
91.197.129.74 , Ukraine, ASN8870 (OVDC-AS, UA),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
420dc750f6d3b6eb2098b252b2d92b5707402bcceeb8580f1dedd5a21b974145

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://proxy.my-addr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 16:32:04 GMT
Last-Modified
Mon, 18 Nov 2013 02:13:36 GMT
Server
nginx/1.2.1
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4386
Content-Type
image/png
whitebox_bg.png
proxy.my-addr.com/myaddrproxy_img/ 		158 B
373 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://proxy.my-addr.com/myaddrproxy_img/whitebox_bg.png
Requested by
Host: proxy.my-addr.com
URL: http://proxy.my-addr.com/
Protocol
HTTP/1.1
Server
91.197.129.74 , Ukraine, ASN8870 (OVDC-AS, UA),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
4d27e49e2b5b96a2951948fc1779ab3d8fc7100f38e6456bf11159b8144d10aa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://proxy.my-addr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 16:32:04 GMT
Last-Modified
Mon, 18 Nov 2013 02:13:36 GMT
Server
nginx/1.2.1
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
158
Content-Type
image/png
skybg.png
proxy.my-addr.com/myaddrproxy_img/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://proxy.my-addr.com/myaddrproxy_img/skybg.png
Requested by
Host: proxy.my-addr.com
URL: http://proxy.my-addr.com/myaddrproxy_img/style.css?r=14
Protocol
HTTP/1.1
Server
91.197.129.74 , Ukraine, ASN8870 (OVDC-AS, UA),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
29fa8bd22f9b6dc47e71c02de5dae69cad3ea00b60e712257dff52e63ae47ed8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://proxy.my-addr.com/myaddrproxy_img/style.css?r=14
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 16:32:04 GMT
Last-Modified
Mon, 18 Nov 2013 02:13:36 GMT
Server
nginx/1.2.1
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11175
Content-Type
image/png
whitebox_bg_table.png
proxy.my-addr.com/myaddrproxy_img/ 		119 B
334 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://proxy.my-addr.com/myaddrproxy_img/whitebox_bg_table.png
Requested by
Host: proxy.my-addr.com
URL: http://proxy.my-addr.com/myaddrproxy_img/style.css?r=14
Protocol
HTTP/1.1
Server
91.197.129.74 , Ukraine, ASN8870 (OVDC-AS, UA),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
e74f3f876d03d649ece3a59b21b0cf03c9e2b720f9daa98771deb34bc52b07d1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://proxy.my-addr.com/myaddrproxy_img/style.css?r=14
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 16:32:04 GMT
Last-Modified
Mon, 18 Nov 2013 02:13:36 GMT
Server
nginx/1.2.1
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
119
Content-Type
image/png
skybg_dark.png
proxy.my-addr.com/myaddrproxy_img/ 		292 B
507 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://proxy.my-addr.com/myaddrproxy_img/skybg_dark.png
Requested by
Host: proxy.my-addr.com
URL: http://proxy.my-addr.com/myaddrproxy_img/style.css?r=14
Protocol
HTTP/1.1
Server
91.197.129.74 , Ukraine, ASN8870 (OVDC-AS, UA),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
1d3e99b9e8a549e37f73b35938d7b2ff957b5bf367a04d607902f1f068216720

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://proxy.my-addr.com/myaddrproxy_img/style.css?r=14
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 16:32:04 GMT
Last-Modified
Mon, 18 Nov 2013 02:13:36 GMT
Server
nginx/1.2.1
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
292
Content-Type
image/png
bullet.gif
proxy.my-addr.com/myaddrproxy_img/ 		105 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://proxy.my-addr.com/myaddrproxy_img/bullet.gif
Requested by
Host: proxy.my-addr.com
URL: http://proxy.my-addr.com/myaddrproxy_img/style.css?r=14
Protocol
HTTP/1.1
Server
91.197.129.74 , Ukraine, ASN8870 (OVDC-AS, UA),
Reverse DNS
Software
nginx/1.2.1 /
Resource Hash
c28d184e92bc7a99b9555067b726abd39dd28fa511d9eb7f0f9233e73a5b3f93

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://proxy.my-addr.com/myaddrproxy_img/style.css?r=14
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 16 Mar 2022 16:32:04 GMT
Last-Modified
Mon, 18 Nov 2013 02:13:36 GMT
Server
nginx/1.2.1
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
105
Content-Type
image/gif
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/ 		292 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6773924891626056&plah=proxy.my-addr.com
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4700f6c00fb0b28cd1744c833e0ef9c209c30d53a29f1b8e2e6970d7caf4f94d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://proxy.my-addr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 16:34:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
107539
x-xss-protection
0
server
cafe
etag
17123004114612589687
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 16 Mar 2022 16:34:50 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220314/r20190131/ Frame 24C9 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220314/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://proxy.my-addr.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4502
x-xss-protection
0
date
Wed, 16 Mar 2022 00:33:15 GMT
expires
Wed, 30 Mar 2022 00:33:15 GMT
cache-control
public, max-age=1209600
age
57695
etag
4044455266028820542
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie.js
partner.googleadservices.com/gampad/ 		215 B
645 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=proxy.my-addr.com&callback=_gfp_s_&client=ca-pub-6773924891626056
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6773924891626056&plah=proxy.my-addr.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
7a944e60b3f282b4ce8e15e4169bc532234dad64fdd30a5be810e06d5bd87032
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://proxy.my-addr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 16:34:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
201
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=proxy.my-addr.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6773924891626056&plah=proxy.my-addr.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://proxy.my-addr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 16 Mar 2022 16:34:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=proxy.my-addr.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6773924891626056&plah=proxy.my-addr.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://proxy.my-addr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 16 Mar 2022 16:34:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 5ECF 		603 B
213 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6773924891626056&output=html&h=15&slotname=1955924050&adk=138760809&adf=3237701139&pi=t.ma~as.1955924050&w=728&lmt=1647448490&psa=0&url=http%3A%2F%2Fproxy.my-addr.com%2F&wgl=1&dt=1647448490850&bpp=4&bdt=152&idt=96&shv=r20220314&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&correlator=6969974581276&frm=20&pv=2&ga_vid=1915947001.1647448491&ga_sid=1647448491&ga_hid=1609568396&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=438&ady=165&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C31065470%2C44760494%2C31065654&oid=2&pvsid=4127566475602876&pem=836&tmod=36349387&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=Ikw2ibWQ0h&p=http%3A//proxy.my-addr.com&dtd=113
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6773924891626056&plah=proxy.my-addr.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://proxy.my-addr.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 16 Mar 2022 16:34:51 GMT
server
cafe
content-length
46
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 16 Mar 2022 16:34:51 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 65C4 		51 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6773924891626056&output=html&h=90&slotname=1962536055&adk=2659712286&adf=94351142&pi=t.ma~as.1962536055&w=728&lmt=1647448490&psa=0&format=728x90&url=http%3A%2F%2Fproxy.my-addr.com%2F&wgl=1&dt=1647448490854&bpp=1&bdt=156&idt=113&shv=r20220314&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_slotnames=1955924050&correlator=6969974581276&frm=20&pv=1&ga_vid=1915947001.1647448491&ga_sid=1647448491&ga_hid=1609568396&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=439&ady=212&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C31065470%2C44760494%2C31065654&oid=2&pvsid=4127566475602876&pem=836&tmod=36349387&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Te1xQuQmOP&p=http%3A//proxy.my-addr.com&dtd=116
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6773924891626056&plah=proxy.my-addr.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c798ebf5d75862f07c082788e18ae1d7ca0b6d7b10400f82d454bfce83829c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://proxy.my-addr.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 16 Mar 2022 16:34:51 GMT
server
cafe
content-length
25271
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 16 Mar 2022 16:34:51 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 9587 		603 B
248 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6773924891626056&output=html&h=15&slotname=1955924050&adk=2779156746&adf=3495277003&pi=t.ma~as.1955924050&w=728&lmt=1647448490&psa=0&url=http%3A%2F%2Fproxy.my-addr.com%2F&wgl=1&dt=1647448490855&bpp=1&bdt=157&idt=117&shv=r20220314&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&prev_slotnames=1955924050&correlator=6969974581276&frm=20&pv=1&ga_vid=1915947001.1647448491&ga_sid=1647448491&ga_hid=1609568396&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=440&ady=558&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C31065470%2C44760494%2C31065654&oid=2&pvsid=4127566475602876&pem=836&tmod=36349387&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&fsb=1&xpc=JiPLw9pGu4&p=http%3A//proxy.my-addr.com&dtd=120
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6773924891626056&plah=proxy.my-addr.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://proxy.my-addr.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 16 Mar 2022 16:34:51 GMT
server
cafe
content-length
46
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 16 Mar 2022 16:34:51 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 1EDA 		0
19 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6773924891626056&output=html&adk=1812271804&adf=3025194257&lmt=1647448490&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fproxy.my-addr.com%2F&ea=0&pra=7&wgl=1&dt=1647448490864&bpp=1&bdt=166&idt=113&shv=r20220314&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&prev_slotnames=1955924050%2C1955924050&nras=1&correlator=6969974581276&frm=20&pv=1&ga_vid=1915947001.1647448491&ga_sid=1647448491&ga_hid=1609568396&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C31065470%2C44760494%2C31065654&oid=2&pvsid=4127566475602876&pem=836&tmod=36349387&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=4&uci=a!4&fsb=1&dtd=118
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6773924891626056&plah=proxy.my-addr.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://proxy.my-addr.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 16 Mar 2022 16:34:50 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 16 Mar 2022 16:34:50 GMT
cache-control
private
6203344233233535073
s0.2mdn.net/simgad/ Frame 65C4 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/6203344233233535073
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6773924891626056&output=html&h=90&slotname=1962536055&adk=2659712286&adf=94351142&pi=t.ma~as.1962536055&w=728&lmt=1647448490&psa=0&format=728x90&url=http%3A%2F%2Fproxy.my-addr.com%2F&wgl=1&dt=1647448490854&bpp=1&bdt=156&idt=113&shv=r20220314&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_slotnames=1955924050&correlator=6969974581276&frm=20&pv=1&ga_vid=1915947001.1647448491&ga_sid=1647448491&ga_hid=1609568396&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=439&ady=212&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C31065470%2C44760494%2C31065654&oid=2&pvsid=4127566475602876&pem=836&tmod=36349387&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Te1xQuQmOP&p=http%3A//proxy.my-addr.com&dtd=116
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a4f2f49549fbb5721574523e7861740eac3ce89da67816caeac20aa96ff84ee9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 23:33:54 GMT
x-content-type-options
nosniff
age
61257
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12298
x-xss-protection
0
last-modified
Tue, 03 Aug 2021 22:12:28 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 15 Mar 2023 23:33:54 GMT
m_js_controller_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/ Frame 65C4 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/m_js_controller_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6773924891626056&output=html&h=90&slotname=1962536055&adk=2659712286&adf=94351142&pi=t.ma~as.1962536055&w=728&lmt=1647448490&psa=0&format=728x90&url=http%3A%2F%2Fproxy.my-addr.com%2F&wgl=1&dt=1647448490854&bpp=1&bdt=156&idt=113&shv=r20220314&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_slotnames=1955924050&correlator=6969974581276&frm=20&pv=1&ga_vid=1915947001.1647448491&ga_sid=1647448491&ga_hid=1609568396&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=439&ady=212&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C31065470%2C44760494%2C31065654&oid=2&pvsid=4127566475602876&pem=836&tmod=36349387&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Te1xQuQmOP&p=http%3A//proxy.my-addr.com&dtd=116
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c89c272c7d8ed523e0a0c8a042792c4dfca11e0c6439ecd254e0ccb482688f5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 16:27:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
451
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13101
x-xss-protection
0
server
cafe
etag
12109718283923547003
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 30 Mar 2022 16:27:20 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/ Frame 65C4 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6773924891626056&output=html&h=90&slotname=1962536055&adk=2659712286&adf=94351142&pi=t.ma~as.1962536055&w=728&lmt=1647448490&psa=0&format=728x90&url=http%3A%2F%2Fproxy.my-addr.com%2F&wgl=1&dt=1647448490854&bpp=1&bdt=156&idt=113&shv=r20220314&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_slotnames=1955924050&correlator=6969974581276&frm=20&pv=1&ga_vid=1915947001.1647448491&ga_sid=1647448491&ga_hid=1609568396&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=439&ady=212&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C31065470%2C44760494%2C31065654&oid=2&pvsid=4127566475602876&pem=836&tmod=36349387&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Te1xQuQmOP&p=http%3A//proxy.my-addr.com&dtd=116
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 16:28:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
388
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 30 Mar 2022 16:28:23 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 65C4 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6773924891626056&output=html&h=90&slotname=1962536055&adk=2659712286&adf=94351142&pi=t.ma~as.1962536055&w=728&lmt=1647448490&psa=0&format=728x90&url=http%3A%2F%2Fproxy.my-addr.com%2F&wgl=1&dt=1647448490854&bpp=1&bdt=156&idt=113&shv=r20220314&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_slotnames=1955924050&correlator=6969974581276&frm=20&pv=1&ga_vid=1915947001.1647448491&ga_sid=1647448491&ga_hid=1609568396&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=439&ady=212&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C31065470%2C44760494%2C31065654&oid=2&pvsid=4127566475602876&pem=836&tmod=36349387&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Te1xQuQmOP&p=http%3A//proxy.my-addr.com&dtd=116
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c39d994e33ee115b35d7872dbea911a99508c74e34629725343b269b5d5233e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 16:34:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36369
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1647258231097430"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 16 Mar 2022 16:34:51 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/ Frame 65C4 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6773924891626056&output=html&h=90&slotname=1962536055&adk=2659712286&adf=94351142&pi=t.ma~as.1962536055&w=728&lmt=1647448490&psa=0&format=728x90&url=http%3A%2F%2Fproxy.my-addr.com%2F&wgl=1&dt=1647448490854&bpp=1&bdt=156&idt=113&shv=r20220314&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_slotnames=1955924050&correlator=6969974581276&frm=20&pv=1&ga_vid=1915947001.1647448491&ga_sid=1647448491&ga_hid=1609568396&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=439&ady=212&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C31065470%2C44760494%2C31065654&oid=2&pvsid=4127566475602876&pem=836&tmod=36349387&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Te1xQuQmOP&p=http%3A//proxy.my-addr.com&dtd=116
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 16:27:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
423
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6407
x-xss-protection
0
server
cafe
etag
6055885685211612390
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 30 Mar 2022 16:27:48 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220314/r20110914/ Frame 65C4 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220314/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6773924891626056&output=html&h=90&slotname=1962536055&adk=2659712286&adf=94351142&pi=t.ma~as.1962536055&w=728&lmt=1647448490&psa=0&format=728x90&url=http%3A%2F%2Fproxy.my-addr.com%2F&wgl=1&dt=1647448490854&bpp=1&bdt=156&idt=113&shv=r20220314&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_slotnames=1955924050&correlator=6969974581276&frm=20&pv=1&ga_vid=1915947001.1647448491&ga_sid=1647448491&ga_hid=1609568396&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=439&ady=212&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C31065470%2C44760494%2C31065654&oid=2&pvsid=4127566475602876&pem=836&tmod=36349387&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Te1xQuQmOP&p=http%3A//proxy.my-addr.com&dtd=116
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 16:29:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
337
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7871
x-xss-protection
0
server
cafe
etag
7397949449432438406
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 30 Mar 2022 16:29:14 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 65C4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvvx5d0Tv_CGUHVtO1Gbt1uvPA_RmM6ehAeju-9poamUrz64NIlwMOm4ML_rNH5bVeTKKA7vZ6SPMDJtJWeZybTMX_KINZ1TK__O8n_GK6oA_Kmu6LpKZk3kW54RbdaUOAFu7C2HKsPQ_xh8fZ7fhztBgN5KkB4fPsYEnOabYxMUrl7HlbMpbBjrrzR5WkzF3UHL82xTEYeFt7KGqfU0Nzd4SLGDRX6NrcKdHYqAjk_78YcHn4lH55DCd4cYWL4QexfRZFjZGwAAHlf-aUJlcLh5c6fVNP1T4Cdwz7xI4zgWvUZFk_r_TZZYHysTaFijZZ1K8L3JN8AmNQCc5D6ohRmQ9uUGNpnhC2txvgYt8sVefZ_Vjln5ABsbyOM2B_QJ_Y2DHNFRQOyvohvI7upIyuoT4YVZ89P5adUDqLjZrWGbCbsRkf1lvgFUcRtm4TdPTHFgfXI-n0-DF7nyouUSjneXjxEbcTFRSurxEZHoIMF4TeSq7SxAC49q4BDGH7C6zsCgUG5KYFkuG8Ql6nFEoiONOuVnVa3jpRDJtqzQyX1m7SkEBP9ShjIn33wlFlZY-IJMwde03TQEjgSDFc-TdJlJc5wZs3nozUmB7XE_QAjKf1XIk-u5q8hE8FwNTAGrIB-cHjILBqQt8TOfkC-4YwGui3okaoxK5zeqAVklhbSMu0yHwcPc_Wdt3L8rHpWTJx7iOy4mwyYgFsESLCUllr7hOJhs94a9AWHsaheSTyhC2elIIf22p6E9rDS8VecctG4lv6a4zzJYVGZCrx4ebpszoHjor6TZ76qgFr4x817f0MaUb8HjwmNTBHWTmrTxvHg8rTbMZkEu7Si0tJJWWMGjyVqR3s49OlOB6xqXk-DP_B34R7K5XmcDSW2dIPdGLMLtqypauvVaNKnJUAATXphBqy5xgmZrL8OWyClmth5JCaMRsl3F95sBlI0nz2MtQMvj_ep85xH&sai=AMfl-YQMDXZQGC0dPlc4F2UYvMBncNEAM5Ug-b2il30RkZyFk7r-UWYuvnuw2w&sig=Cg0ArKJSzGKGMfElh2VnEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6773924891626056&output=html&h=90&slotname=1962536055&adk=2659712286&adf=94351142&pi=t.ma~as.1962536055&w=728&lmt=1647448490&psa=0&format=728x90&url=http%3A%2F%2Fproxy.my-addr.com%2F&wgl=1&dt=1647448490854&bpp=1&bdt=156&idt=113&shv=r20220314&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_slotnames=1955924050&correlator=6969974581276&frm=20&pv=1&ga_vid=1915947001.1647448491&ga_sid=1647448491&ga_hid=1609568396&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=439&ady=212&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C31065470%2C44760494%2C31065654&oid=2&pvsid=4127566475602876&pem=836&tmod=36349387&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Te1xQuQmOP&p=http%3A//proxy.my-addr.com&dtd=116
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Wed, 16 Mar 2022 16:34:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 16 Mar 2022 16:34:51 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 65C4 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6773924891626056&output=html&h=90&slotname=1962536055&adk=2659712286&adf=94351142&pi=t.ma~as.1962536055&w=728&lmt=1647448490&psa=0&format=728x90&url=http%3A%2F%2Fproxy.my-addr.com%2F&wgl=1&dt=1647448490854&bpp=1&bdt=156&idt=113&shv=r20220314&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_slotnames=1955924050&correlator=6969974581276&frm=20&pv=1&ga_vid=1915947001.1647448491&ga_sid=1647448491&ga_hid=1609568396&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=439&ady=212&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C31065470%2C44760494%2C31065654&oid=2&pvsid=4127566475602876&pem=836&tmod=36349387&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Te1xQuQmOP&p=http%3A//proxy.my-addr.com&dtd=116
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 14 Mar 2022 07:27:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
205654
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 14 Mar 2023 07:27:17 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame CE43 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Tue, 15 Mar 2022 09:37:02 GMT
expires
Wed, 15 Mar 2023 09:37:02 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
111469
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 65C4 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bdf0b1cdbbe23d7b4c2742ba69d0ced5442872f4f4edc38e2f890da804ad5366

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220314&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6773924891626056&plah=proxy.my-addr.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7f3a82456dc27cbcdc45ed0a96499bc4e6032269f992c038f14df7abeb68dd70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://proxy.my-addr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 16 Mar 2022 16:34:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10626
x-xss-protection
0
t8NylQo1xB2GWJCi-kujG7WJbcGG27TqDMZSIoHl89E.js
pagead2.googlesyndication.com/bg/ Frame CE43 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/t8NylQo1xB2GWJCi-kujG7WJbcGG27TqDMZSIoHl89E.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b7c372950a35c41d865890a2fa4ba31bb5896dc186dbb4ea0cc6522281e5f3d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 14:34:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
7245
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13798
x-xss-protection
0
last-modified
Tue, 08 Mar 2022 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 16 Mar 2023 14:34:06 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6773924891626056&plah=proxy.my-addr.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://proxy.my-addr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 16:34:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 16 Mar 2022 16:34:52 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B119 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://proxy.my-addr.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 16 Mar 2022 16:31:56 GMT
expires
Thu, 16 Mar 2023 16:31:56 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
176
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 8DD4 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
875d3b51f5dab0f4fe635cf6beda18d4d25434eb815a44daf236e8665a0577fc
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Fhcrec1aEHpdVKP2C8EXKA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://proxy.my-addr.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Wed, 16 Mar 2022 16:34:52 GMT
date
Wed, 16 Mar 2022 16:34:52 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-Fhcrec1aEHpdVKP2C8EXKA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
511
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
t8NylQo1xB2GWJCi-kujG7WJbcGG27TqDMZSIoHl89E.js
pagead2.googlesyndication.com/bg/ Frame B119 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/t8NylQo1xB2GWJCi-kujG7WJbcGG27TqDMZSIoHl89E.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b7c372950a35c41d865890a2fa4ba31bb5896dc186dbb4ea0cc6522281e5f3d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 14:34:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
7246
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13798
x-xss-protection
0
last-modified
Tue, 08 Mar 2022 11:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 16 Mar 2023 14:34:06 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 8DD4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220314&jk=4127566475602876&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame CE43 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B9HyoqhEyYqy-PPuC9u8PopWwoAUAAAAAOAHgBAI&bg=!x8SlxIDNAAZgliNcYJY7ACkAdvg8Whxv269ppd6r5OWsqNe207YrF_UTVJj6WxVO3vvJ6TQDAZyLsQIAAACBUgAAAAJoAQeZAwKthwr643VQ1NwZ32ntY32B-F3mL1obaLGNeBDooy-dSssflHic7aVMxKvg4a5_8zMsi9tSPpovkcRZGeKB3nn5_z8qduD7nLqPteNzOruSLU3wmT_SwQz8XXBt94WQIwSpXg84PzIVzPE4YgeNI1HeovjmBSsG4eFVSLjURXstOa-Zv7zXPi_IDbmjy_j9oqemWrnqsW3BemoamFodw1BYw6w2Vubz-eo6yUYmEscqsYupwuVLOXreH8ZpZX-xJHDOfMrSeymDudTQCyqt8V0qWGbzej45yLSkb3klGLcsgZCZ8-OlVYPXIH7I28tWkOOkWFsIygv4JVot1AV_eHucG8J3ofEgstU2UcMLEH8Y5Ls-qL61KbA5vcLqMm0-AoUIxGaRxy7_jjh5NNXn5KJEgyaIsjsuxfAXqnQ34KKwBb9nbY9TB2oi1dZ9MCt0GkLXTD0bd4fuKubpw9dkqXfL9N5uekRJKmd1kG67uC7uNsH3_zUesMzST9fiYrh7U8vlYGjSi0vOeNxGgtEd3AeQtiUBQFx8SzxWNEKVivtftR9us9fmTFcqhbZX3cPLvaV6wIyNffKvacHMRoyOfG3niY4yJvH8HgerDko_bDOVPEOdW1ER2dP3WWYv1WUwguxgqyguIIvJSdTgQC-OQTa2obmDaGL_4PyHsVRSsivTSt_tdUnfHK0Jq7cY5AWZ5tOGthAODu0OkY_k-JUyo1Pr5Ht1TVLcX40IQwabGAVazAq8BQi9qQb169nMa7mIpe565WgzbLxFiRqazcGQeI_pwTprt-lrD59PNzX4S1ps2yaotItLEt7xMpEsPXGlpuypNXoRBkIa8vpbXAdtPecxCXtGDFNLNWR177GkNryIdwIwxFM2zIE8cejoXUHSlGEVUB195TGPphqTzKV2Vh6r5xbxvoMKfO_GvYedNhQmDIvHX9VbB5vwAEPyFtD7yyXKy5SCNs0k-J2jV0DKWL-H2y-PuNA8bw_z9-0xMf54i6trjBEu4pk0RPF0Ho7JMKgAHw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Mar 2022 16:34:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame B119 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?2XuY6Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 16:34:52 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220314&jk=4127566475602876&bg=!0tGl0ZXNAAZgliNcYJY7ACkAdvg8WiiVAv0Ee7PmrIpqOqLnsl4gu4521KM665iF5HSak8paWhVDGQIAAABrUgAAAAJoAQeZAtOb_UJJPOf46YDu2ygmrcGywoDsyemQHQX_NpTWxDXe4Dg0LVUezxLZA-m5Pa0Nkho4abiO-cPRXnsTNS_M1XKxgGFnF6YZa-4iecvv5br2WG9jkIGqGHQ45uHLlKmbx2uOtPTVndSa40t14Zvtt4-Uvhzv7G2lmChessPFJN7bVHjV0OwAc5IsdZ-VS9ZW9McmlqXfo4_VtNv0H9YCxG9HVU6OIpyez8kb0f-CzlWwNQiFQd7f4w9Q8ku83s2QXK0em1HlK9_TZ3zc2qzBy7Z_um-7ehqBHgvYR-ah-4QyKMsEOOMT-wrQIx3ziKz2kbc-f--KEh3ieU1TSKz7RmnlHflI0dxRMb_f92QKHhvCDvKaNf_skjfW02DJQ7dmBgCVkY2bt2pnyI1OtBGn6_2H4ozYKm2Wk3FdJgeJcgOJjxZR4IJ5L4hP5HZnFrY6F4-_UXiQXuQ-l9tEYKihlOCR1pMRoRUZX0RD1bsPJGQwQOXFOGb5ZJAHOP9NQHIKeXEKBWv4Uidl5fotiITGYXpZ5BzRNwdLeoA_HSZdmfapT_wrR-5N5AJesLoJzeDWeQPh24KVSnW_Y2y5F8Mm5JNoIIPSx3Zs2YFfyrmMwydSHlkcd3CqQGYK-shoe3OA3SSDwt5Z0IHpR3rn8-2MzPYuN9PKgtBNSqkFCB5X0s1-J7KPRvGqt8yhir7NGH045uYuAfyuewikkOVzqM42zlmnTYrEDxoRL7IRj8XX54z0MU8YTXd4M0iM8i4BHEkam4SCFq86H7cCTkghShetfDt0cG39FprdQHr87CyjP1asGvZ6dszoMF05q613NdepQbcvRU0RtmiHtFByzhDIDklrMCNyQiIvS4vsuPNVuAS5WQi_zfJUQUrejUfeq3QA5GzH6SdKHiBOFJwk0pZU88kwKBAr8-jiQ1NddKVtveZ5UNxQC4VclXKLblk8q4QjrMIbidA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://proxy.my-addr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Mar 2022 16:34:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 65C4 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvacUNOjUYMb64gJOCBBM2K7MqS8W0lMfAKIoatKIHUZ9NblnT4oqG8ViYdY0VxVj1uyumPE0BFaTNDxMTj5NQFkq7h5-Co__wZ_O9gDeVzjX2ry6m4z6AUMZRdWQ2rQTpfdCMKAzAv-FzQJmsDxuAKkRDwA7rHchqcpZsO5ojNpw&sai=AMfl-YQuaaaq-GHZepX_ORLk7JCcpLaUrRj1swDWSv8Qt-LDbyX5o5qLvUkDIhFbdeVPt-_YASIXyQ3RMDXw&sig=Cg0ArKJSzBV0w74MW548EAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220314&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2659712286&rs=2&la=0&cr=0&vs=4&r=v&rst=1647448490971&rpt=943&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Mar 2022 16:34:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&wpc=ca-pub-6773924891626056&su=proxy.my-addr.com&eid=44759875%2C44759926%2C44759837%2C42531397%2C44750773%2C31065470%2C44760494%2C31065654&doc=complete&pg_h=617&pg_w=1600&pg_hs=1200&c=3&aa_c=0&av_h=40&av_w=728&av_a=29120&s=32&all_s=32&b=46.281&all_b=46.281&d=0.194&all_d=0.194&ard=0.088&all_ard=0.088&dt=d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://proxy.my-addr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Mar 2022 16:34:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 function| structuredClone object| oncontextlost object| oncontextrestored boolean| ie function| init_ajax function| ajax_request function| update_useragent function| save_settings object| adsbygoogle object| googletag object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| google_image_requests

6 Cookies

Domain/Path Name / Value
proxy9747.my-addr.org/ Name: i1243
Value: 1
proxy.my-addr.com/ Name: i1243
Value: 1
proxy.my-addr.com/ Name: PHPSESSID
Value: 5f8mhfsrdgosmovg2vu1sqiop5
proxy.my-addr.com/ Name: proxy_session
Value: 22031612320326
.my-addr.com/ Name: __gads
Value: ID=2806bd7811b5c72f-2246f5435ecd005b:T=1647448490:RT=1647448490:S=ALNI_MbAVPhw5GWP7JKufL3A_bKJX8X_iQ
.doubleclick.net/ Name: IDE
Value: AHWqTUnbxnL223FlGSMwlr2T-8KZMgG164s-yV0N4bpbOfi5CkLbFUmo_67SkjBqPmA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
proxy.my-addr.com
proxy9747.my-addr.org
s0.2mdn.net
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
142.250.184.226
142.250.185.98
2a00:1450:4001:801::2006
2a00:1450:4001:80f::2004
2a00:1450:4001:810::2002
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2001
91.197.129.74
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1d3e99b9e8a549e37f73b35938d7b2ff957b5bf367a04d607902f1f068216720
29fa8bd22f9b6dc47e71c02de5dae69cad3ea00b60e712257dff52e63ae47ed8
2fefcc7975ba3e28b750f0cf49e67c5ae8b7c36c01c19e022d31ce0f13d122d8
3c798ebf5d75862f07c082788e18ae1d7ca0b6d7b10400f82d454bfce83829c6
40a6db698693247573884faeb582a2f0b5bf69c9994267f2e3020b3f21718055
420dc750f6d3b6eb2098b252b2d92b5707402bcceeb8580f1dedd5a21b974145
4700f6c00fb0b28cd1744c833e0ef9c209c30d53a29f1b8e2e6970d7caf4f94d
4d27e49e2b5b96a2951948fc1779ab3d8fc7100f38e6456bf11159b8144d10aa
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
7a944e60b3f282b4ce8e15e4169bc532234dad64fdd30a5be810e06d5bd87032
7f3a82456dc27cbcdc45ed0a96499bc4e6032269f992c038f14df7abeb68dd70
7fd96699e6395d34f2bf22d96512de7c00ec9a9703b152bd821a02bd8e8911b3
875d3b51f5dab0f4fe635cf6beda18d4d25434eb815a44daf236e8665a0577fc
978598976dd2c430c4c674e4c4ca150e0fefdbf3fadcec4c64ea1c70b8387911
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4f2f49549fbb5721574523e7861740eac3ce89da67816caeac20aa96ff84ee9
b7c372950a35c41d865890a2fa4ba31bb5896dc186dbb4ea0cc6522281e5f3d1
bb8f1fd9eac6417a7798877763a40fa7d08107c0a426ab68c08d098c2d05b635
bdf0b1cdbbe23d7b4c2742ba69d0ced5442872f4f4edc38e2f890da804ad5366
c28d184e92bc7a99b9555067b726abd39dd28fa511d9eb7f0f9233e73a5b3f93
c39d994e33ee115b35d7872dbea911a99508c74e34629725343b269b5d5233e4
c89c272c7d8ed523e0a0c8a042792c4dfca11e0c6439ecd254e0ccb482688f5f
d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e74f3f876d03d649ece3a59b21b0cf03c9e2b720f9daa98771deb34bc52b07d1
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629