urlscan.io logo urlscan.io
SecurityTrails logo

obankofamerica.com Open in urlscan Pro
34.116.74.150  Public Scan

Go To Rescan Add Verdict Report
URL: https://obankofamerica.com/
Submission Tags: @phishunt_io
Submission: On October 18 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 28 IPs in 8 countries across 37 domains to perform 252 HTTP transactions. The main IP is 34.116.74.150, located in Sydney, Australia and belongs to GOOGLE, US. The main domain is obankofamerica.com.
TLS certificate: Issued by R3 on October 18th 2021. Valid for: 3 months.
This is the only time obankofamerica.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 34.116.74.150 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 82.98.176.31 42612 (DINAHOSTI...)
10 2600:9000:205... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
70 142.250.185.98 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
14 2a00:1450:400... 15169 (GOOGLE)
32 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
24 2a00:1450:400... 15169 (GOOGLE)
11 35 142.250.181.226 15169 (GOOGLE)
3 7 2.18.234.21 16625 (AKAMAI-AS)
4 6 185.33.221.11 29990 (ASN-APPNEX)
1 2 2001:678:cb4:... 56396 (AMOBEE)
2 2 185.29.134.244 30419 (MEDIAMATH...)
2 76.223.111.131 16509 (AMAZON-02)
1 1 69.173.144.165 26667 (RUBICONPR...)
4 4 213.19.147.45 3356 (LEVEL3)
8 142.250.185.130 15169 (GOOGLE)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 35.186.193.173 15169 (GOOGLE)
4 4 37.157.6.241 198622 (ADFORM)
1 82.113.101.132 6805 (TDDE-ASN1)
6 8 34.98.64.218 ()
4 104.111.242.245 ()
2 2 18.193.4.24 ()
1 1 159.253.128.183 ()
2 2 185.64.189.115 ()
2 2 216.52.2.19 ()
2 2 3.126.56.137 ()
1 1 85.114.159.93 ()
1 1 35.190.0.66 ()
252 28
1    34.116.74.150 (Sydney, Australia)

ASN15169 (GOOGLE, US)
PTR: 150.74.116.34.bc.googleusercontent.com
obankofamerica.com
1    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    82.98.176.31 (Arganda, Spain)

ASN42612 (DINAHOSTING-AS, ES)
PTR: vl22333.dinaserver.com
www.motofichas.com
10    2600:9000:2057:400:4:4f50:1e40:21 (United States)

ASN16509 (AMAZON-02, US)
d13tq2cqmxyt15.cloudfront.net
2    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
70    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
2    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c04::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
7    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
6    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
pagead2.googlesyndication.com
5    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
14    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com
83ac6b6e7e5aee9be4ea51bb505026ec.safeframe.googlesyndication.com
00b60a390aded31298f0237f320d50d6.safeframe.googlesyndication.com
f13d6db1c689e54b2934b3feb880359c.safeframe.googlesyndication.com
53ab8df00057ea206686f649674cc05e.safeframe.googlesyndication.com
32    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
7    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
7    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
24    2a00:1450:4001:813::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
35    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
cm.g.doubleclick.net
7    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
6    185.33.221.11 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
2    185.29.134.244 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    76.223.111.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
4    213.19.147.45 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.1rx.io
sync.targeting.unrulymedia.com
8    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
googleads4.g.doubleclick.net
2    2606:4700::6812:d05 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
4    37.157.6.241 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    82.113.101.132 (Hanau, Germany)

ASN6805 (TDDE-ASN1, DE)
PTR: portal.o2online.de
portal.o2online.de
8    34.98.64.218 (None, )

ASN- ()
us-u.openx.net
4    104.111.242.245 (None, )

ASN- ()
sync.teads.tv
2    18.193.4.24 (None, )

ASN- ()
pm.w55c.net
1    159.253.128.183 (None, )

ASN- ()
um.simpli.fi
2    185.64.189.115 (None, )

ASN- ()
image6.pubmatic.com
2    216.52.2.19 (None, )

ASN- ()
ap.lijit.com
2    3.126.56.137 (None, )

ASN- ()
ups.analytics.yahoo.com
1    85.114.159.93 (None, )

ASN- ()
dsp.adfarm1.adition.com
1    35.190.0.66 (None, )

ASN- ()
ads.travelaudience.com
Apex Domain
Subdomains		 Transfer
91 googlesyndication.com
d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
83ac6b6e7e5aee9be4ea51bb505026ec.safeframe.googlesyndication.com
00b60a390aded31298f0237f320d50d6.safeframe.googlesyndication.com
f13d6db1c689e54b2934b3feb880359c.safeframe.googlesyndication.com
53ab8df00057ea206686f649674cc05e.safeframe.googlesyndication.com
481 KB
77 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
googleads4.g.doubleclick.net
907 KB
24 2mdn.net
s0.2mdn.net
957 KB
12 google.com
www.google.com
adservice.google.com
6 KB
10 cloudfront.net
d13tq2cqmxyt15.cloudfront.net
59 KB
8 openx.net
us-u.openx.net
2 KB
7 casalemedia.com
dsum-sec.casalemedia.com
6 KB
7 googletagservices.com
www.googletagservices.com
260 KB
6 adnxs.com
ib.adnxs.com
6 KB
6 google.de
www.google.de
adservice.google.de
2 KB
6 motofichas.com
www.motofichas.com
88 KB
4 teads.tv
sync.teads.tv
688 B
4 adform.net
c1.adform.net
2 KB
2 yahoo.com
ups.analytics.yahoo.com
2 KB
2 lijit.com
ap.lijit.com
1 KB
2 pubmatic.com
image6.pubmatic.com
1 KB
2 w55c.net
pm.w55c.net
2 KB
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 unrulymedia.com
sync.targeting.unrulymedia.com
1 KB
2 1rx.io
sync.1rx.io
1 KB
2 adsrvr.org
match.adsrvr.org
529 B
2 mathtag.com
sync.mathtag.com
1 KB
2 turn.com
ad.turn.com
r.turn.com
857 B
2 google-analytics.com
www.google-analytics.com
20 KB
2 gstatic.com
fonts.gstatic.com
41 KB
1 travelaudience.com
ads.travelaudience.com
523 B
1 adition.com
dsp.adfarm1.adition.com
584 B
1 simpli.fi
um.simpli.fi
713 B
1 o2online.de
portal.o2online.de
609 B
1 ctnsnet.com
gcm.ctnsnet.com
481 B
1 rubiconproject.com
pixel.rubiconproject.com
461 B
1 googleapis.com
fonts.googleapis.com
1 KB
1 obankofamerica.com
obankofamerica.com
18 KB
0 smartadserver.com Failed
ssbsync.smartadserver.com Failed
0 m6r.eu Failed
tracking.m6r.eu Failed
0 dotomi.com Failed
dclk-match.dotomi.com Failed
0 netmng.com Failed
google2waycm.netmng.com Failed
252 37
Domain Requested by
45 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
83ac6b6e7e5aee9be4ea51bb505026ec.safeframe.googlesyndication.com
googleads.g.doubleclick.net
obankofamerica.com
00b60a390aded31298f0237f320d50d6.safeframe.googlesyndication.com
s0.2mdn.net
www.googletagservices.com
f13d6db1c689e54b2934b3feb880359c.safeframe.googlesyndication.com
53ab8df00057ea206686f649674cc05e.safeframe.googlesyndication.com
35 cm.g.doubleclick.net 11 redirects googleads.g.doubleclick.net
83ac6b6e7e5aee9be4ea51bb505026ec.safeframe.googlesyndication.com
00b60a390aded31298f0237f320d50d6.safeframe.googlesyndication.com
53ab8df00057ea206686f649674cc05e.safeframe.googlesyndication.com
f13d6db1c689e54b2934b3feb880359c.safeframe.googlesyndication.com
32 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com
83ac6b6e7e5aee9be4ea51bb505026ec.safeframe.googlesyndication.com
obankofamerica.com
00b60a390aded31298f0237f320d50d6.safeframe.googlesyndication.com
s0.2mdn.net
f13d6db1c689e54b2934b3feb880359c.safeframe.googlesyndication.com
53ab8df00057ea206686f649674cc05e.safeframe.googlesyndication.com
26 securepubads.g.doubleclick.net www.motofichas.com
securepubads.g.doubleclick.net
d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com
www.googletagservices.com
24 s0.2mdn.net obankofamerica.com
83ac6b6e7e5aee9be4ea51bb505026ec.safeframe.googlesyndication.com
s0.2mdn.net
53ab8df00057ea206686f649674cc05e.safeframe.googlesyndication.com
10 d13tq2cqmxyt15.cloudfront.net obankofamerica.com
8 us-u.openx.net 6 redirects googleads.g.doubleclick.net
8 googleads4.g.doubleclick.net obankofamerica.com
7 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
7 googleads.g.doubleclick.net 83ac6b6e7e5aee9be4ea51bb505026ec.safeframe.googlesyndication.com
obankofamerica.com
f13d6db1c689e54b2934b3feb880359c.safeframe.googlesyndication.com
53ab8df00057ea206686f649674cc05e.safeframe.googlesyndication.com
7 www.googletagservices.com d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com
83ac6b6e7e5aee9be4ea51bb505026ec.safeframe.googlesyndication.com
obankofamerica.com
f13d6db1c689e54b2934b3feb880359c.safeframe.googlesyndication.com
53ab8df00057ea206686f649674cc05e.safeframe.googlesyndication.com
7 www.google.com tpc.googlesyndication.com
f13d6db1c689e54b2934b3feb880359c.safeframe.googlesyndication.com
6 ib.adnxs.com 4 redirects googleads.g.doubleclick.net
6 d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com securepubads.g.doubleclick.net
6 www.motofichas.com obankofamerica.com
www.motofichas.com
d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com
5 adservice.google.com securepubads.g.doubleclick.net
5 adservice.google.de securepubads.g.doubleclick.net
4 sync.teads.tv googleads.g.doubleclick.net
4 c1.adform.net 4 redirects
2 ups.analytics.yahoo.com 2 redirects
2 ap.lijit.com 2 redirects
2 image6.pubmatic.com 2 redirects
2 pm.w55c.net 2 redirects
2 53ab8df00057ea206686f649674cc05e.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 f13d6db1c689e54b2934b3feb880359c.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 sync.targeting.unrulymedia.com 2 redirects
2 sync.1rx.io 2 redirects
2 match.adsrvr.org 83ac6b6e7e5aee9be4ea51bb505026ec.safeframe.googlesyndication.com
00b60a390aded31298f0237f320d50d6.safeframe.googlesyndication.com
2 sync.mathtag.com 2 redirects
2 00b60a390aded31298f0237f320d50d6.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 83ac6b6e7e5aee9be4ea51bb505026ec.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 www.google-analytics.com www.motofichas.com
www.google-analytics.com
2 fonts.gstatic.com fonts.googleapis.com
1 ads.travelaudience.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 um.simpli.fi 1 redirects
1 portal.o2online.de
1 gcm.ctnsnet.com 1 redirects
1 s.tribalfusion.com 00b60a390aded31298f0237f320d50d6.safeframe.googlesyndication.com
1 a.tribalfusion.com 1 redirects
1 pixel.rubiconproject.com 1 redirects
1 r.turn.com 83ac6b6e7e5aee9be4ea51bb505026ec.safeframe.googlesyndication.com
1 ad.turn.com 1 redirects
1 www.google.de
1 stats.g.doubleclick.net www.google-analytics.com
1 fonts.googleapis.com obankofamerica.com
1 obankofamerica.com
0 ssbsync.smartadserver.com Failed f13d6db1c689e54b2934b3feb880359c.safeframe.googlesyndication.com
0 tracking.m6r.eu Failed f13d6db1c689e54b2934b3feb880359c.safeframe.googlesyndication.com
0 dclk-match.dotomi.com Failed f13d6db1c689e54b2934b3feb880359c.safeframe.googlesyndication.com
0 google2waycm.netmng.com Failed f13d6db1c689e54b2934b3feb880359c.safeframe.googlesyndication.com
252 51

This site contains links to these domains. Also see Links.

Domain
www.motofichas.com
www.motofichas.com.mx
Subject Issuer Validity Valid
obankofamerica.com
R3		 2021-10-18 -
2022-01-16		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
www.motofichas.com
AlphaSSL CA - SHA256 - G2		 2021-07-22 -
2022-08-23		 a year crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
www.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
www.google.de
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.google.de
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.turn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-31 -
2022-03-31		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-08 -
2022-07-07		 a year crt.sh
*.o2online.de
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-19 -
2022-02-19		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
teads.tv
R3		 2021-08-23 -
2021-11-21		 3 months crt.sh

This page contains 42 frames:

Primary Page: https://obankofamerica.com/
Frame ID: 85BE6B7CCA965AA909FE931B48FD8CA1
Requests: 31 HTTP requests in this frame

Frame: https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D2D84A12DF1976CB8D0270186AEFD0D5
Requests: 1 HTTP requests in this frame

Frame: https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 593854628EFA94FF395117BE33DA37AE
Requests: 10 HTTP requests in this frame

Frame: https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9320EC01BCDA8C78ACF13D5217ED0029
Requests: 14 HTTP requests in this frame

Frame: https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2E2207549B1ACC8BA05C96B9137E17FF
Requests: 13 HTTP requests in this frame

Frame: https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 76F4493CBD9DAB7EFC4D7346524A7652
Requests: 13 HTTP requests in this frame

Frame: https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3B177F532F32E3BFB6248E32023936D0
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: DC6CF10FDD62BEDDD385070F8D4BD4C9
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D733405656451AEC7A96F77277E1E225
Requests: 2 HTTP requests in this frame

Frame: https://83ac6b6e7e5aee9be4ea51bb505026ec.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 7341BBEB9B5C6C9BC436681ED0C3A84A
Requests: 1 HTTP requests in this frame

Frame: https://00b60a390aded31298f0237f320d50d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 8AF0E80F015A01A9E6A194D75D2C2401
Requests: 1 HTTP requests in this frame

Frame: https://83ac6b6e7e5aee9be4ea51bb505026ec.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 6C885D099958ED874200DF112EE1150B
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ4KTvAhjR9d-3ATAB&v=APEucNWX_5SxWfFZcIAx6figP7Rk75fwbWxugZ7Xw7hoAi14wNDZ_kttZi0MgDoEEYBdI89ASUL44huvwm5XkxS3JKtJHIhqqj3lOHNzXrI068v5BNYgRJo0co6pR_bDqVsrL9jkFkqUgaWE6lpM1jdePto1yYuT-2o9Owj_O5sH5xmEbwbp6io
Frame ID: C9AA4E7E6C77A213A040C67B231E8CB0
Requests: 5 HTTP requests in this frame

Frame: https://00b60a390aded31298f0237f320d50d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 21D510A01B5633BF32B4B91F0DE47856
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiH6eioATAB&v=APEucNUTtC1kC-6F-FVLPF_ct4jlbB1wd552BFLVeth1u2bfh3Sw2AYHNSZvPBl7JhVjPBvmc3MqKhs-nwlOqRHiglwpwNydJZrRV9DlnNa5R_9yNmUdxaZmFNgmYM2BKkn3o81GrA8E9hVJlU62kQRXCEenjnTjncP192GRI-8xLDWL7eH2Cds
Frame ID: D46661075ACA6478874AE0E390C8DE53
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DePydXms6wuUweYC4v21GGqhsg671u2YbQdYELnOXAlYMrqq4n3MgIaZoF4c0fR9g3x_Wq-sQrmyQLnfprdceiz_UZJK6NRqYh8_e-zazL26jNejxi7hKHNOEO0M1ZKNBCBZm8IgFJE11SrYsu3UURn4tcnw&dbm_d=AKAmf-CCCNNPb43UVcWARtkwXYXIV-ZhsOoT_H9C-b981UNrpU_9ojd62BHsJqyZ3y6m7oxSHyub5QdYRZXDG93zKbH6o27XGSdhzBCWHoDv3BTTUGhXVvRiH0civ41gEr6heySP8l5NIbcyPmnJ-54ozDXzZX_9QPw5xZJFjZKWP-7jILvDlEz0HvqRVbH46UZ5Z0GLS-0Cob5nWw4XyIqg3Om_IW90S6K_ajOY_2Ogbn8NKkEeOHBa9qSSEbZQJydLGTIst8Ph3uAG2S5dnZ8HKRPZCWvhD-0MxTaquMAeSQS_WDn9Ma_boBB7koRKENwgbYQnfOt8rJWb9l0W3ZfzFOV28IQk_YXrTrlkdBitZOUtdCsCUK12YFpyypnnovgu-1h88kqnL7I6CmUyciBixbldR7qPbdVgkAdHqgM0Hg-htgAbTtjRMCM_AWiftMeKSaNndBc60kLFK8TIDXjMcvu3GgqRF5yyuTgcNcpX3VfzlyNd-fJxY3iNx-qsvO7QCI1LrNy7p7LAPpM0qbjUH9G2wL61AR9dp1YMJpPQjKH6EIWn3UIozYvYCceWSlD9fCJ_KfcH08Xo0PoXlBFsKHJQzDQmFJivReDNgAoeuYzHvYM2t7R9eYrdfwjsLxJOCWEnFIfsdP8sow5pK7dFwNxyK2uqpq21xU2-ErqqArwmgTP26p06anqinJlYSRR3AUBa2gA8F0-6K0yEhR6jCpukveeYPuhyGsjt8acIJ0QmomPzSj19oYUmK0O5n7mUzQX-_qDH7G_oK0VZ5v7XDx1PKFcdjVhrNJ2KsUQIS8f6rlWCNtevlFALdr4WJAbIAzmZMann-8t34zizTKGdIzA2uiAU2jW1wQWEbfglT9RyFSTQOBnITXI4c26BxK5pDZpy93x-CcoOJKOmHXCkG1-CxGLnICROgGLrFeUPDEKbhGXKSl3H12gfFSW69n00jf0LbjsDNYk5iWznoYgnWM0SV5R8drylDebJvglwk9iD96Kstxck8a72XpLsCegBeTC4YpEk3ZOn6XfCrNYy9OCI9TyWrU2fsF6UpuhFiEFiKhGYWoFOaVraR1Wd0iRiKhSE7nq2uhcJVNXxJOCVhSz37vB2Dk5L7YWxObN2BxkLuFwLvCW2OANPPFxWV34h18Ki62WHfOD4lf-TEgsdRMFocQXwFCDkWXMqaN49wYiEXlAOA90YHxGg2kixOrmu8NszLHHLMWDpr2OJfgbIzNlX1zomzL_jfb4stgB66xeO02ZK1aX4P8X37dSYJf4Gf9nDtrocCgBkUXj3Tv6X25GporCvZ-WPPOwHdJDxNuPmaBpMvdN3SITN76sfQM1Cf2Iz1dwjKqFILlBikgNH92zZPDh5kkgtR0Dj1pf14NCm5JBZuCE4Gi6DoGUHXyj_jrZ0_d_NCV7vYvwKsoWTozkbiM3uFkDxJCDMTs4BsG6Lm2T2EuIVCdO7ialmHoXOoMTLP3AHex0loA7EI3mrLfWpt5YswZG-yqoAVJs8X7xPIz2L4MtzQSBO2VpPOBwfZamNzJtxuuWFv7n7JVdezNNNzzsb-XQuQHQuMB7PufdarLtSpM5FtkESdV2f3cfLy1QBvtnfDdDjLhZYyA7NN8UTS8coBCuprfWNezQjNpCLapnaBL45-vm3gxb5J7kU18b_mUNZXDA6gbv-6PFv1zZSzZlpjGoH6VWyxy12PWIkolqkYEMEaVvMa6NAT9SM6xnt80xbLCopJP1b7o2OA9hflZ8OR43j6jTPAb8KnK3he5TgCjFO1dBOgvLBtdRVll1uXXmB0ycgj_UITD6jjtEgPA-ikDH1kisoO5ulHjsfV_7mf4cvybU8bf5BBEaUspK6RRddqXI6o0HcXvRnRoJbJjoqFg0sT3scta8Wf6bB-zEJEz72hNpSMxQr1eOdlA0pwR6uqRRvbJvytyQiqATjErl7sikh37fv2KVOtQwNRhqDuxbM7WA4TimVYibEcVFCNlTYDYPWN-CnsCgGZaLEjy2g2tMOIMjf18OsrRp-b992oBmWDmt6PQIoKrNlaOqWL1YYZaJMnwm5FoDnPsJWepAWbr1rUflWmhJQi_a6Bq1L6P9cH3olb-VVQzHX4OpfJqmFArdJ8OTK1t2Fl-J0AZIbtuUdb-yzNndqhDxVN-6YUy4aHS_0fD0kA7HDcteM3PYsTwmGChPzZb2LxZzKVFNUyGpGdpPbNzF1RY_N99on9XE7jZQnmRWGDgweN3iRMaUb8RnhGRac5_0oYdKO_6iIomBdgEAVdBJEbzD5rjKItSqS7P1kq3xpA3gRbC4O0zQm1ZAsqYIX_xx7nLOMK76M1GSLotC1lB0mdEWDGX4ltUiREYl2oX7CUoSHablVfKqpNGzrSW0WldwurXJpkq399IY3ltEjn6TXqxH6zwduc_UpJySsbossNki_VK2PXq23J5UMMOnGimVqvsLlwNKqgXhRhLbImnyeQiPTU4On_zDaH1rCy7EwddGDepVxaJ9M1mx7HiMMVzUnGxmA9Zxe9vxY_ZNnKojVnHbiYn6W2m0yUxh-kUpmaYC_ZXC3qyj40bVBLPT9HUK1eDQ7jO1FDp3AFVs8w3V-fJfbPgDqGcwa_vxoZezRFmm25GCXjao9ur4Ju_Fxmpxg5LlsVSvXP53wR_szDgz6CvK2bTfE8xFcO-2sCVIlcn7xyuoetuqfI2knKbQb6O9W1WLSvskZkXgtPubLErRgTPGwJzFXbOXRuDPVQvQI_2XdwVxiReuTKe4dc2bleavXnTPITHO8kwue0qecbyf8eiokuzAyqMJuh3HrKnj_kR_DfsC9SA3x6aB5iMCcNqmdyz6KkmB9wELMWcrOefGxAfRlNjs2wURxx5MGqxGuK_EqpQt8SXJj1BrRvIgJgG4OQjwsKiEcmSKDvqMHCaUpzWHH_IN-g9CmEWxEwkfw3M_XA5a0fwrX&cid=CAASEuRoXXpcQB_obfjJkpHmqxtlKg&rfl=3%2Chttps%253A%252F%252Fobankofamerica.com%242%2Chttps%253A%252F%252Fd652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com%252F%240
Frame ID: 4E94778831C40B292EC3EDE54D396873
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1C7D61C7096C1FB1A26B9B3C3E5C99C2
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F1B67BFE6DF98D79F911523DEABBA555
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6730F6FDEA9D9132C90A2B2A256FE607
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/9951322/1634210246367/index.html
Frame ID: FB9F253D2FF22D9234471D321B631284
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/61697663/20210921064113908/728x090.html?e=69&leftOffset=0&topOffset=0&c=NDwX5MUOSF&t=1&renderingType=2
Frame ID: 68939C0ABEB40415FBD1E262600BD0E1
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2D65481712692AE999F5F148656B66BA
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 3F243820B9462B203A1AF3D2DF289005
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4C37E7C6A2E4A69F48C59490BB005991
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: AFB6057B5794371A7C8A24BB4C064E42
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FD5CC618CE2D378E42BC67CB99EE106F
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/3NpV0t_ssl6JniOQZDZq0-jr2lBMmb0RSXUDLe8J8DM.js
Frame ID: 24F501082CE42EDD6D2F6BDC8E567FAC
Requests: 1 HTTP requests in this frame

Frame: https://f13d6db1c689e54b2934b3feb880359c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 63125D716A7F2A659036EE79169B992B
Requests: 1 HTTP requests in this frame

Frame: https://53ab8df00057ea206686f649674cc05e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: D04FDAA57B8A67293205178A7E9B345B
Requests: 1 HTTP requests in this frame

Frame: https://f13d6db1c689e54b2934b3feb880359c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 73AE2551148E82CC6F6BA44A9AB8EC34
Requests: 13 HTTP requests in this frame

Frame: https://53ab8df00057ea206686f649674cc05e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: D409566357B24495B36343669CC03ACF
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjt3eioATAB&v=APEucNVc8gDB5ZypNcsASzfEKZE84lJa81tH2Y8vgegloktLlCce4GCdUL4joBDGC9ygif2ZZynoqZN4Ut0gKLV6WDJus-jKfJW39h0xeF--mx244cZdzYPZPmFuUFRSM-xKt5jEaHSX8K89ma7BuAIkVbhEowd5qvsvRy6KRcNPkE8V8SXofxs
Frame ID: B1E4687CAB65C1FF867823964ACBE150
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMj-qgIQgJyQvwIYuqm0twEwAQ&v=APEucNVwzDhzfwpuA5EFEAEzLfKaWICeVxVKssNtL5jCu95nIRDIMg5s-I3C8DQ2WD3neSF88bAma-jbqomSAIVyr6NEH7eII79XvamfN0UvXdwp0yXZ6728qR8dASe59BSwdmk3bDMd8W_xNQKsXUrJ2zVRtzqoE9H26tvPIQdNYGvfjvJVW0c
Frame ID: C7D12CA7973979D28CC74FFEE67DA621
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 4E9E376FFBF4C6E53D4FC64752783E9F
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7E1C736969B395271F6831B681695293
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B6573E1F0DA82667A68B629A71964875
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2E3C876DF07BE038C758AE2C0246208E
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: E9E53472DDFCD3EF35B5CC99E228A5DB
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 122DCD952DBCAB2EECC3E10E4F2AE87D
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/61692970/20210607074802688/300x600.html?e=69&leftOffset=0&topOffset=0&c=NF79w6lVYu&t=1&renderingType=2
Frame ID: 3B996A12E789BEE21118472687898DF4
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 74EAB2D756ECB4A1DB0CFDBF9E297AED
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1F78C5730821CE28352D2101138BA4C3
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

▷ Motos Nuevas. Precios Ofertas Información y Opiniones

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Page Statistics

252
Requests

97 %
HTTPS

41 %
IPv6

37
Domains

51
Subdomains

28
IPs

8
Countries

2848 kB
Transfer

8354 kB
Size

22
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 90
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECGb-Td3gfRcLV4KfQVrnkA&google_cver=1
Request Chain 91
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YW0cM.D-3ic4adcHDntHQgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECGb-Td3gfRcLV4KfQVrnkA&google_cver=1&google_hm=2
Request Chain 92
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEBNhjVzeY5dvFBxcAF1Vurk&google_cver=1
Request Chain 93
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzMwODUzOTAxNDUyODg5MDkzOA%3D%3D
Request Chain 103
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECGb-Td3gfRcLV4KfQVrnkA&google_cver=1
Request Chain 104
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YW0cM.D-3ic4adcHDntHQgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECGb-Td3gfRcLV4KfQVrnkA&google_cver=1&google_hm=2
Request Chain 105
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEBNhjVzeY5dvFBxcAF1Vurk&google_cver=1
Request Chain 106
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY5NDA2MjA0NTk5NjMwNDM2OQ%3D%3D
Request Chain 107
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESECWDX20Wn2p3H7PQ1loEeDU&google_cver=1&google_push=AYg5qPKoBtA-7L8ImcptGL3GgtYD0vFX_phfImBf2u8_mHBYcZAcb_aGIFG_V33xy1och38jVhsy1WJxEg0cga-m9JJOK8SIcD4n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzE3NTY4NDUzMzkxMjA5MjYxMQ== HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESECWDX20Wn2p3H7PQ1loEeDU&google_cver=1
Request Chain 108
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEHX30t2RI6g2uwnKlURIZHg&google_cver=1&google_push=AYg5qPLwIwYZFufCbCjdU4rnWzPxYlkb3w6AAk0qZ1ibwMGs1wrT8ChC4ztecSJ78Ar31gqLU__JvvH5l9Ic_atRYFFIbEVEEaG- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPLwIwYZFufCbCjdU4rnWzPxYlkb3w6AAk0qZ1ibwMGs1wrT8ChC4ztecSJ78Ar31gqLU__JvvH5l9Ic_atRYFFIbEVEEaG-
Request Chain 111
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEG2IGIG1qSZDAIGJrDjG40Q&google_cver=1&google_push=AYg5qPJisXS1Kr683yBN7KaIaiVSEz2VbjhqCcdfTfp_cZJY2yRZnM9aiQ5FLXkzdiaLoI1BrGXBolA0e4bWhacf3A4sVGKDIA8e HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VXQjlORzgtMVUtR08xWg==&google_push=AYg5qPJisXS1Kr683yBN7KaIaiVSEz2VbjhqCcdfTfp_cZJY2yRZnM9aiQ5FLXkzdiaLoI1BrGXBolA0e4bWhacf3A4sVGKDIA8e
Request Chain 112
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEH90anqloSLsd44XSTfjHH4&google_cver=1&google_push=AYg5qPLgF6Vr39srAz4PkJh5dzMNYbl2gQ2nQHEwkufqAmTE9wvW_z-ZTM-EhIy0N3BxSKb2MNNfe843qs0LNz-lI55WdmseuZU HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-7439088e-8f87-4a32-896d-07dbfbabcac6-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPLgF6Vr39srAz4PkJh5dzMNYbl2gQ2nQHEwkufqAmTE9wvW_z-ZTM-EhIy0N3BxSKb2MNNfe843qs0LNz-lI55WdmseuZU%26google_hm%3DA3Q5CI6Ph0oyiW0H2_urysY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPLgF6Vr39srAz4PkJh5dzMNYbl2gQ2nQHEwkufqAmTE9wvW_z-ZTM-EhIy0N3BxSKb2MNNfe843qs0LNz-lI55WdmseuZU&google_hm=A3Q5CI6Ph0oyiW0H2_urysY
Request Chain 128
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEHX30t2RI6g2uwnKlURIZHg&google_cver=1&google_push=AYg5qPLE0FMjvz2nfZuEn5T-lXYHEAU3MX9LiIO3ozB-6ikDe5G-nlmrxg67YySOVH4UK7_sChxaF33Q_FQsH3RtyxxruQhT2Qnn HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=xOxhbRwzRgCJEfFLvcDe8Q&google_push=AYg5qPLE0FMjvz2nfZuEn5T-lXYHEAU3MX9LiIO3ozB-6ikDe5G-nlmrxg67YySOVH4UK7_sChxaF33Q_FQsH3RtyxxruQhT2Qnn
Request Chain 129
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEH6Pe_RfAwPLt0SJWqGmQdk&google_cver=1&google_push=AYg5qPKWd9-aGyU1wSo0pzpDUOiyjtCWhomv_ubnGapBY_ikApoUrJdSCzEM5M62X1s1LMswSXJL-qlbNR3MGzbkxoKNqTltyTSCeg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPKWd9-aGyU1wSo0pzpDUOiyjtCWhomv_ubnGapBY_ikApoUrJdSCzEM5M62X1s1LMswSXJL-qlbNR3MGzbkxoKNqTltyTSCeg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEH6Pe_RfAwPLt0SJWqGmQdk&google_cver=1&google_push=AYg5qPKWd9-aGyU1wSo0pzpDUOiyjtCWhomv_ubnGapBY_ikApoUrJdSCzEM5M62X1s1LMswSXJL-qlbNR3MGzbkxoKNqTltyTSCeg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPKWd9-aGyU1wSo0pzpDUOiyjtCWhomv_ubnGapBY_ikApoUrJdSCzEM5M62X1s1LMswSXJL-qlbNR3MGzbkxoKNqTltyTSCeg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 131
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESELrO_Fq369NKbwTzwYkysdE&google_cver=1&google_push=AYg5qPIKR8t719Rj-luozC61T_zJjAar-hx9ALuCLzoSNeZrNG82adYuIGKqLZZ02qKCAapXFS_L70C7N3l5tRXjDFQg7dgBSA3ICw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPIKR8t719Rj-luozC61T_zJjAar-hx9ALuCLzoSNeZrNG82adYuIGKqLZZ02qKCAapXFS_L70C7N3l5tRXjDFQg7dgBSA3ICw&google_hm=BEzbPTZgRau7U62nxmluCU4
Request Chain 132
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEN92wggEFnZ6oGpERvg1Kbo&google_cver=1&google_push=AYg5qPKfYRC5b750K6yuu5ywc9XCcVazDuakSnRNrJCdAHopEnlYpuHvSRInG7LZuHWFfcUPVEF--j372_HkzbL7F_GWVhvhWc27 HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEN92wggEFnZ6oGpERvg1Kbo&google_cver=1&google_push=AYg5qPKfYRC5b750K6yuu5ywc9XCcVazDuakSnRNrJCdAHopEnlYpuHvSRInG7LZuHWFfcUPVEF--j372_HkzbL7F_GWVhvhWc27 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTEzNTY2ODM1NzY2MzYyNTM4&google_push=AYg5qPKfYRC5b750K6yuu5ywc9XCcVazDuakSnRNrJCdAHopEnlYpuHvSRInG7LZuHWFfcUPVEF--j372_HkzbL7F_GWVhvhWc27
Request Chain 133
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKoGPKR0RB3lW7qpz2gf3FA&google_cver=1&google_push=AYg5qPI3kndcYYgUswpj5HBRj71tAUSm5ZZxeF4TIDFdSmDTDUNvzzYLyU-HvGUJojElZivLUERS6bw_yPoHhhSx9h9w5wJtPeo71g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YW0cM-D_3ic4adcHDntHQgAABKYAAAIB&google_push=AYg5qPI3kndcYYgUswpj5HBRj71tAUSm5ZZxeF4TIDFdSmDTDUNvzzYLyU-HvGUJojElZivLUERS6bw_yPoHhhSx9h9w5wJtPeo71g&google_gid=CAESEKoGPKR0RB3lW7qpz2gf3FA&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YW0cM-D_3ic4adcHDntHQgAABKYAAAIB&google_push=AYg5qPI3kndcYYgUswpj5HBRj71tAUSm5ZZxeF4TIDFdSmDTDUNvzzYLyU-HvGUJojElZivLUERS6bw_yPoHhhSx9h9w5wJtPeo71g&google_gid=CAESEKoGPKR0RB3lW7qpz2gf3FA&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YW0cM-D_3ic4adcHDntHQgAABKYAAAIB&google_push=AYg5qPI3kndcYYgUswpj5HBRj71tAUSm5ZZxeF4TIDFdSmDTDUNvzzYLyU-HvGUJojElZivLUERS6bw_yPoHhhSx9h9w5wJtPeo71g&google_gid=CAESEKoGPKR0RB3lW7qpz2gf3FA&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YW0cM-D_3ic4adcHDntHQgAABKYAAAIB&google_push=AYg5qPI3kndcYYgUswpj5HBRj71tAUSm5ZZxeF4TIDFdSmDTDUNvzzYLyU-HvGUJojElZivLUERS6bw_yPoHhhSx9h9w5wJtPeo71g&google_gid=CAESEKoGPKR0RB3lW7qpz2gf3FA&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YW0cM-D_3ic4adcHDntHQgAABKYAAAIB&google_push=AYg5qPI3kndcYYgUswpj5HBRj71tAUSm5ZZxeF4TIDFdSmDTDUNvzzYLyU-HvGUJojElZivLUERS6bw_yPoHhhSx9h9w5wJtPeo71g&google_gid=CAESEKoGPKR0RB3lW7qpz2gf3FA&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YW0cM-D_3ic4adcHDntHQgAABKYAAAIB&google_push=AYg5qPI3kndcYYgUswpj5HBRj71tAUSm5ZZxeF4TIDFdSmDTDUNvzzYLyU-HvGUJojElZivLUERS6bw_yPoHhhSx9h9w5wJtPeo71g&google_gid=CAESEKoGPKR0RB3lW7qpz2gf3FA&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YW0cM-D_3ic4adcHDntHQgAABKYAAAIB&google_push=AYg5qPI3kndcYYgUswpj5HBRj71tAUSm5ZZxeF4TIDFdSmDTDUNvzzYLyU-HvGUJojElZivLUERS6bw_yPoHhhSx9h9w5wJtPeo71g&google_gid=CAESEKoGPKR0RB3lW7qpz2gf3FA&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YW0cM-D_3ic4adcHDntHQgAABKYAAAIB&google_push=AYg5qPI3kndcYYgUswpj5HBRj71tAUSm5ZZxeF4TIDFdSmDTDUNvzzYLyU-HvGUJojElZivLUERS6bw_yPoHhhSx9h9w5wJtPeo71g&google_gid=CAESEKoGPKR0RB3lW7qpz2gf3FA&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YW0cM-D_3ic4adcHDntHQgAABKYAAAIB&google_push=AYg5qPI3kndcYYgUswpj5HBRj71tAUSm5ZZxeF4TIDFdSmDTDUNvzzYLyU-HvGUJojElZivLUERS6bw_yPoHhhSx9h9w5wJtPeo71g&google_gid=CAESEKoGPKR0RB3lW7qpz2gf3FA&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YW0cM-D_3ic4adcHDntHQgAABKYAAAIB&google_push=AYg5qPI3kndcYYgUswpj5HBRj71tAUSm5ZZxeF4TIDFdSmDTDUNvzzYLyU-HvGUJojElZivLUERS6bw_yPoHhhSx9h9w5wJtPeo71g&google_gid=CAESEKoGPKR0RB3lW7qpz2gf3FA&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YW0cM-D_3ic4adcHDntHQgAABKYAAAIB&google_push=AYg5qPI3kndcYYgUswpj5HBRj71tAUSm5ZZxeF4TIDFdSmDTDUNvzzYLyU-HvGUJojElZivLUERS6bw_yPoHhhSx9h9w5wJtPeo71g&google_gid=CAESEKoGPKR0RB3lW7qpz2gf3FA&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YW0cM-D_3ic4adcHDntHQgAABKYAAAIB&google_push=AYg5qPI3kndcYYgUswpj5HBRj71tAUSm5ZZxeF4TIDFdSmDTDUNvzzYLyU-HvGUJojElZivLUERS6bw_yPoHhhSx9h9w5wJtPeo71g&google_gid=CAESEKoGPKR0RB3lW7qpz2gf3FA&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YW0cM-D_3ic4adcHDntHQgAABKYAAAIB&google_push=AYg5qPI3kndcYYgUswpj5HBRj71tAUSm5ZZxeF4TIDFdSmDTDUNvzzYLyU-HvGUJojElZivLUERS6bw_yPoHhhSx9h9w5wJtPeo71g&google_gid=CAESEKoGPKR0RB3lW7qpz2gf3FA&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YW0cM-D_3ic4adcHDntHQgAABKYAAAIB&google_push=AYg5qPI3kndcYYgUswpj5HBRj71tAUSm5ZZxeF4TIDFdSmDTDUNvzzYLyU-HvGUJojElZivLUERS6bw_yPoHhhSx9h9w5wJtPeo71g&google_gid=CAESEKoGPKR0RB3lW7qpz2gf3FA&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YW0cM-D_3ic4adcHDntHQgAABKYAAAIB&google_push=AYg5qPI3kndcYYgUswpj5HBRj71tAUSm5ZZxeF4TIDFdSmDTDUNvzzYLyU-HvGUJojElZivLUERS6bw_yPoHhhSx9h9w5wJtPeo71g&google_gid=CAESEKoGPKR0RB3lW7qpz2gf3FA&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YW0cM-D_3ic4adcHDntHQgAABKYAAAIB&google_push=AYg5qPI3kndcYYgUswpj5HBRj71tAUSm5ZZxeF4TIDFdSmDTDUNvzzYLyU-HvGUJojElZivLUERS6bw_yPoHhhSx9h9w5wJtPeo71g&google_gid=CAESEKoGPKR0RB3lW7qpz2gf3FA&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YW0cM-D_3ic4adcHDntHQgAABKYAAAIB&google_push=AYg5qPI3kndcYYgUswpj5HBRj71tAUSm5ZZxeF4TIDFdSmDTDUNvzzYLyU-HvGUJojElZivLUERS6bw_yPoHhhSx9h9w5wJtPeo71g&google_gid=CAESEKoGPKR0RB3lW7qpz2gf3FA&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YW0cM-D_3ic4adcHDntHQgAABKYAAAIB&google_push=AYg5qPI3kndcYYgUswpj5HBRj71tAUSm5ZZxeF4TIDFdSmDTDUNvzzYLyU-HvGUJojElZivLUERS6bw_yPoHhhSx9h9w5wJtPeo71g&google_gid=CAESEKoGPKR0RB3lW7qpz2gf3FA&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YW0cM-D_3ic4adcHDntHQgAABKYAAAIB&google_push=AYg5qPI3kndcYYgUswpj5HBRj71tAUSm5ZZxeF4TIDFdSmDTDUNvzzYLyU-HvGUJojElZivLUERS6bw_yPoHhhSx9h9w5wJtPeo71g&google_gid=CAESEKoGPKR0RB3lW7qpz2gf3FA&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YW0cM-D_3ic4adcHDntHQgAABKYAAAIB&google_push=AYg5qPI3kndcYYgUswpj5HBRj71tAUSm5ZZxeF4TIDFdSmDTDUNvzzYLyU-HvGUJojElZivLUERS6bw_yPoHhhSx9h9w5wJtPeo71g&google_gid=CAESEKoGPKR0RB3lW7qpz2gf3FA&google_cver=1
Request Chain 134
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEH90anqloSLsd44XSTfjHH4&google_cver=1&google_push=AYg5qPIedFL43eX-_xx67hXAs5aaJyZyTBJjhbxyq2RBA1Xc0VjqHoFuNKufEN3qr4HetzI8XnQLQIP8xnx45tCljjyz-3weHn7I1A HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-7439088e-8f87-4a32-896d-07dbfbabcac6-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPIedFL43eX-_xx67hXAs5aaJyZyTBJjhbxyq2RBA1Xc0VjqHoFuNKufEN3qr4HetzI8XnQLQIP8xnx45tCljjyz-3weHn7I1A%26google_hm%3DA3Q5CI6Ph0oyiW0H2_urysY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPIedFL43eX-_xx67hXAs5aaJyZyTBJjhbxyq2RBA1Xc0VjqHoFuNKufEN3qr4HetzI8XnQLQIP8xnx45tCljjyz-3weHn7I1A&google_hm=A3Q5CI6Ph0oyiW0H2_urysY
Request Chain 213
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENK2Rt4JHiXBiCcRJ-vrS1g&google_cver=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESENK2Rt4JHiXBiCcRJ-vrS1g&google_cver=1
Request Chain 214
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzJkZGIzMjUtZGNmZC0yOWNmLWNkYmUtNjAyYjIwMzFjYjY2
Request Chain 215
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEFTAE9A6KXURwVV653el4mY&google_cver=1
Request Chain 224
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENK2Rt4JHiXBiCcRJ-vrS1g&google_cver=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESENK2Rt4JHiXBiCcRJ-vrS1g&google_cver=1
Request Chain 225
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzJkZGIzMjUtZGNmZC0yOWNmLWNkYmUtNjAyYjIwMzFjYjY2
Request Chain 226
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEFTAE9A6KXURwVV653el4mY&google_cver=1
Request Chain 234
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFf_WVbbvThPjsX4lJiboVY&google_cver=1&google_push=AYg5qPLT82lMeUYx2gYTdAeb1FTdLdLuzatM0wMuFjEw-31Wk1WKtctg0Fa9bhbSpmIN1Nk7vBZZWFbEjdcXFHpeY7Ax5U2RcauO HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFf_WVbbvThPjsX4lJiboVY&google_cver=1&google_push=AYg5qPLT82lMeUYx2gYTdAeb1FTdLdLuzatM0wMuFjEw-31Wk1WKtctg0Fa9bhbSpmIN1Nk7vBZZWFbEjdcXFHpeY7Ax5U2RcauO HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OGx3bUtZTG0xTUNtRzE1&google_gid=CAESEFf_WVbbvThPjsX4lJiboVY&google_cver=1&google_push=AYg5qPLT82lMeUYx2gYTdAeb1FTdLdLuzatM0wMuFjEw-31Wk1WKtctg0Fa9bhbSpmIN1Nk7vBZZWFbEjdcXFHpeY7Ax5U2RcauO
Request Chain 235
  • https://um.simpli.fi/gp_match?google_gid=CAESEEAjpRDmTeSqK0Nh0PQ_0AM&google_cver=1&google_push=AYg5qPIAgDQitXky3F_gEI2ySCUk-DqneDFWyW2CcLAuewDplw2KnlIR-rWjKkyQZplWSugPFXEG-nH48HDwVhJr2q1K6Jcq1Yzp HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=19F7C0FEC7BD4137A766311269102BBF&google_push=AYg5qPIAgDQitXky3F_gEI2ySCUk-DqneDFWyW2CcLAuewDplw2KnlIR-rWjKkyQZplWSugPFXEG-nH48HDwVhJr2q1K6Jcq1Yzp
Request Chain 236
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEN92wggEFnZ6oGpERvg1Kbo&google_cver=1&google_push=AYg5qPIL7vUklm3lvTIETI_Thdb9SdgwIynz-7fAVJIOY3JDBt4frqiMHhkLxNx_3r4XEGsZi8jkne6-Lm3BJrkHK-USy_vtey6d HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTEzNTY2ODM1NzY2MzYyNTM4&google_push=AYg5qPIL7vUklm3lvTIETI_Thdb9SdgwIynz-7fAVJIOY3JDBt4frqiMHhkLxNx_3r4XEGsZi8jkne6-Lm3BJrkHK-USy_vtey6d
Request Chain 237
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELA0fhhayRdfDCSNtb2H8CE&google_cver=1&google_push=AYg5qPL87QxMMK_doJHdJcMa3efW7o4fYkT7bPuiVLxFt2Oh5Qb3tU82P2G5ajG4LNB0VTOuWoJWyywvE83ob0a5dK9zx1S5HkBS HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELA0fhhayRdfDCSNtb2H8CE&google_cver=1&google_push=AYg5qPL87QxMMK_doJHdJcMa3efW7o4fYkT7bPuiVLxFt2Oh5Qb3tU82P2G5ajG4LNB0VTOuWoJWyywvE83ob0a5dK9zx1S5HkBS&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=eQtRUQAYQ3iy4RhCsTK6cA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPL87QxMMK_doJHdJcMa3efW7o4fYkT7bPuiVLxFt2Oh5Qb3tU82P2G5ajG4LNB0VTOuWoJWyywvE83ob0a5dK9zx1S5HkBS
Request Chain 238
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEBal4EnQ6CErYedZAHqmerA&google_cver=1&google_push=AYg5qPIXy918c4gpFO0w6Uuz73CnM-MuCWpdCUUcS-7aXBqXTY0GZCgfmdeVYausbhxfiAdYZtxbh9ubB6JzqKzTc2wxksJ33GPt HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEBal4EnQ6CErYedZAHqmerA&google_cver=1&google_push=AYg5qPIXy918c4gpFO0w6Uuz73CnM-MuCWpdCUUcS-7aXBqXTY0GZCgfmdeVYausbhxfiAdYZtxbh9ubB6JzqKzTc2wxksJ33GPt&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPIXy918c4gpFO0w6Uuz73CnM-MuCWpdCUUcS-7aXBqXTY0GZCgfmdeVYausbhxfiAdYZtxbh9ubB6JzqKzTc2wxksJ33GPt&google_hm=b58ead9751fbe33c055cc12d
Request Chain 239
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEAp5N83w0sbGGJBdpdSqvlE&google_cver=1&google_push=AYg5qPIDRZBe6XpSrFtYASAnMGfJhBM26zJoDUbEtJGDGoj1jNKbBu3YSw7VdoyEBUMwlkpI2j_bpmK9boXJQnWKOFgGpPfRXaQtEA HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEAp5N83w0sbGGJBdpdSqvlE&google_cver=1&google_push=AYg5qPIDRZBe6XpSrFtYASAnMGfJhBM26zJoDUbEtJGDGoj1jNKbBu3YSw7VdoyEBUMwlkpI2j_bpmK9boXJQnWKOFgGpPfRXaQtEA&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS0ubzhmN2xKRTJ1SFhndWtfbGRJT1pfUnNnMksyVEFqM35B&google_push=AYg5qPIDRZBe6XpSrFtYASAnMGfJhBM26zJoDUbEtJGDGoj1jNKbBu3YSw7VdoyEBUMwlkpI2j_bpmK9boXJQnWKOFgGpPfRXaQtEA
Request Chain 250
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEKR928MPOoVFkQ2hlUx3Rfw&google_cver=1&google_push=AYg5qPKM2AImTlR0pBq_FxQ5u6MR3TmzJ2t5h6GX7EpGSjlkuXS9xGUcbxlK-LvhioilL2gcwHNrumLtniBHVfVlyndKvjptsGbS HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAyMDI5ODQwODExNTA0MjQ1Ng%3D%3D&google_push=AYg5qPKM2AImTlR0pBq_FxQ5u6MR3TmzJ2t5h6GX7EpGSjlkuXS9xGUcbxlK-LvhioilL2gcwHNrumLtniBHVfVlyndKvjptsGbS
Request Chain 251
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEPV7l8920FoFMuD589q0iq4&google_cver=1&google_push=AYg5qPJpQ9Ntb7XME_YIv8MQAx7C0eAE7FpVcVh4JACDTtZlv_jlmjI2thQ58AblqJeRA2V9kUsAKgOMopgCYJSMV34S1ebt-4Un HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=GQUEZC1eSQq_TfsvX4NHaw2&google_push=AYg5qPJpQ9Ntb7XME_YIv8MQAx7C0eAE7FpVcVh4JACDTtZlv_jlmjI2thQ58AblqJeRA2V9kUsAKgOMopgCYJSMV34S1ebt-4Un
Request Chain 252
  • https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEEyxmqULjE7wVsNm4kqTABs&google_cver=1&google_push=AYg5qPKNoiMv6oAgVZbo3S4xOUQyg6E4ZBgEkhah-DlBXpubAai-vbk6Wfjp9iQxdlud-FZeIrmUtAz-rPz5PmhFA9rZSQSaNrVE HTTP 302
  • https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEEyxmqULjE7wVsNm4kqTABs&google_cver=1&google_push=AYg5qPKNoiMv6oAgVZbo3S4xOUQyg6E4ZBgEkhah-DlBXpubAai-vbk6Wfjp9iQxdlud-FZeIrmUtAz-rPz5PmhFA9rZSQSaNrVE&checkcookies=true
Request Chain 253
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEN92wggEFnZ6oGpERvg1Kbo&google_cver=1&google_push=AYg5qPIeJVDJoMt9UoFj0mgd7G_2gXmwQdghT8fwvpGABnL8yRTfzA-sgIi7-AvNkzvxbEPIRKzWZEeGj1Va4AWsfrujCx5RMOqJ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTEzNTY2ODM1NzY2MzYyNTM4&google_push=AYg5qPIeJVDJoMt9UoFj0mgd7G_2gXmwQdghT8fwvpGABnL8yRTfzA-sgIi7-AvNkzvxbEPIRKzWZEeGj1Va4AWsfrujCx5RMOqJ

252 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
obankofamerica.com/ 		108 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://obankofamerica.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.116.74.150 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
150.74.116.34.bc.googleusercontent.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
2a2436f5dcc89c67af1d2a188f41976f99a465f93eda716a21682861e8b5049e

Request headers

Host
obankofamerica.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Mon, 18 Oct 2021 07:03:12 GMT
Server
Apache/2.4.41 (Ubuntu)
Last-Modified
Mon, 18 Oct 2021 02:56:54 GMT
ETag
"1ae92-5ce97b291ef74-gzip"
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
18462
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html
css2
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Oswald:wght@400;500&family=Open+Sans&display=swap
Requested by
Host: obankofamerica.com
URL: https://obankofamerica.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d9ad8df7699a0d6ba7186b67fd574c9cb7951b7eac23cb852abe98b7bb515e04
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://obankofamerica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 18 Oct 2021 07:03:12 GMT
server
ESF
date
Mon, 18 Oct 2021 07:03:12 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Mon, 18 Oct 2021 07:03:12 GMT
2a946e2a1e9a7ada66f89de5ee9ec659.css
www.motofichas.com/media/plg_jchoptimize/cache/css/ 		42 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.motofichas.com/media/plg_jchoptimize/cache/css/2a946e2a1e9a7ada66f89de5ee9ec659.css
Requested by
Host: obankofamerica.com
URL: https://obankofamerica.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.98.176.31 Arganda, Spain, ASN42612 (DINAHOSTING-AS, ES),
Reverse DNS
vl22333.dinaserver.com
Software
HTTPd /
Resource Hash
7aac57c1e43998c8b833a07f48474fbf7d51f81b87ea2b2ff98eff177a0436df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://obankofamerica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 07:03:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
81253
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
8252
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
HTTPd
x-frame-options
sameorigin
expect-ct
enforce, max-age=21600
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800, public
accept-ranges
bytes
expires
Thu, 15 Apr 2022 20:00:00 GMT
logo.png
d13tq2cqmxyt15.cloudfront.net/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d13tq2cqmxyt15.cloudfront.net/images/logo.png
Requested by
Host: obankofamerica.com
URL: https://obankofamerica.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:400:4:4f50:1e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
HTTPd /
Resource Hash
5ef3d77067143b374e45165a5b091a8ba69a6ebdda4bf9d8e5b6ce9cd8afbd35

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://obankofamerica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 11:31:21 GMT
via
1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
server
HTTPd
age
3551253
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31449600, public
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
2205
x-amz-cf-id
P-q5f4eGwhYkDMFWjfZOlgztDnRPIa5CjS3ttlB5TpJfxCfnrc4Udw==
expires
Thu, 15 Apr 2022 20:00:00 GMT
l.gif
d13tq2cqmxyt15.cloudfront.net/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d13tq2cqmxyt15.cloudfront.net/l.gif
Requested by
Host: obankofamerica.com
URL: https://obankofamerica.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:400:4:4f50:1e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
HTTPd /
Resource Hash
f9f7d91a866eb82211da55242d79e8db9b1e5f1c904a94017d21a3c95c7cf9ff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://obankofamerica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 11:31:20 GMT
via
1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
server
HTTPd
age
3551302
x-cache
Hit from cloudfront
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31449600, public
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
8108
x-amz-cf-id
m8ho19Z7qpU9q78_YJv4MhxMs9gJEg97ULrJVYf9ZZQEjrk1MNqk1Q==
expires
Thu, 15 Apr 2022 20:00:00 GMT
search2.png
d13tq2cqmxyt15.cloudfront.net/assets/images/ 		932 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d13tq2cqmxyt15.cloudfront.net/assets/images/search2.png
Requested by
Host: obankofamerica.com
URL: https://obankofamerica.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:400:4:4f50:1e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
HTTPd /
Resource Hash
474b6b6ae9279599a12c5244eabde929fc536446c6a539192244b3c18898981a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://obankofamerica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 12:34:24 GMT
via
1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
server
HTTPd
age
3551303
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31449600, public
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
932
x-amz-cf-id
z9BZvHMdCBvlfP9TWp0HUd_LMUiWPTbkvelALFx-9orqAsDdwoVFqg==
expires
Thu, 15 Apr 2022 20:00:00 GMT
info-red20.png
d13tq2cqmxyt15.cloudfront.net/images/ 		737 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d13tq2cqmxyt15.cloudfront.net/images/info-red20.png
Requested by
Host: obankofamerica.com
URL: https://obankofamerica.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:400:4:4f50:1e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
HTTPd /
Resource Hash
5faf62169f7da6114f53dd0a157ed71226bf96b65bf32b793787fdf3959eab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://obankofamerica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 21:37:53 GMT
via
1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
server
HTTPd
age
3551175
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31449600, public
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
737
x-amz-cf-id
XLEsDzQmg5_zy5Lck_8ivARmfmQXK3n0hQqr0VCHP_AXc4b3nXKB7A==
expires
Thu, 15 Apr 2022 20:00:00 GMT
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v26/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v26/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Oswald:wght@400;500&family=Open+Sans&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
53bb85849942fe0fdb6998300d0c68f1727a6f34a3bdcd9f6f8f12476f64b1e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://obankofamerica.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 14 Oct 2021 17:06:43 GMT
x-content-type-options
nosniff
age
309389
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16736
x-xss-protection
0
last-modified
Thu, 23 Sep 2021 16:50:15 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 14 Oct 2022 17:06:43 GMT
TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
fonts.gstatic.com/s/oswald/v40/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v40/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Oswald:wght@400;500&family=Open+Sans&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c21b3dbf862e916d2689453d7f27dcc0539a0239bf323e5f2db397fca0e5d21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://obankofamerica.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 14:28:39 GMT
x-content-type-options
nosniff
age
59673
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24080
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:16:47 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 17 Oct 2022 14:28:39 GMT
921e9d745db782f20bedc5debdb0b116.js
www.motofichas.com/media/plg_jchoptimize/cache/js/ 		140 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.motofichas.com/media/plg_jchoptimize/cache/js/921e9d745db782f20bedc5debdb0b116.js
Requested by
Host: obankofamerica.com
URL: https://obankofamerica.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.98.176.31 Arganda, Spain, ASN42612 (DINAHOSTING-AS, ES),
Reverse DNS
vl22333.dinaserver.com
Software
HTTPd /
Resource Hash
5cd30a5ea630c5918b368d97e660bca26c52060476052172f655a9b12e1a5884
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://obankofamerica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 07:03:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74072
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
45728
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
HTTPd
x-frame-options
sameorigin
expect-ct
enforce, max-age=21600
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=216000, private
accept-ranges
bytes
expires
Thu, 15 Apr 2022 20:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.motofichas.com
URL: https://www.motofichas.com/media/plg_jchoptimize/cache/js/921e9d745db782f20bedc5debdb0b116.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
2d83ebac8aaf7b702dfb804ef1b8000fa7caedceda307ff0ceecd7fb0680213a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://obankofamerica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 07:03:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1018 / 108 of 1000 / last-modified: 1634523407"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27167
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 18 Oct 2021 07:03:12 GMT
01-honda-pcx125-2021-estudio-rojo-210-150.jpg
d13tq2cqmxyt15.cloudfront.net/images/cache/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d13tq2cqmxyt15.cloudfront.net/images/cache/01-honda-pcx125-2021-estudio-rojo-210-150.jpg
Requested by
Host: obankofamerica.com
URL: https://obankofamerica.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:400:4:4f50:1e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
HTTPd /
Resource Hash
b29507fb6668637b13c34941b74ef9fa939afcb554204dbef9dde887f7ff2d3b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://obankofamerica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 09:42:10 GMT
via
1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
server
HTTPd
age
2598193
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31449600, public
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
7756
x-amz-cf-id
b_YOMN1S41r-NNi83Sulldgj69m2LWRtSLlKyBWJIR5m7GbH5Dbg7g==
expires
Thu, 15 Apr 2022 20:00:00 GMT
01-honda-forza-125-2021-estudio-negro-210-150.jpg
d13tq2cqmxyt15.cloudfront.net/images/cache/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d13tq2cqmxyt15.cloudfront.net/images/cache/01-honda-forza-125-2021-estudio-negro-210-150.jpg
Requested by
Host: obankofamerica.com
URL: https://obankofamerica.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:400:4:4f50:1e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
HTTPd /
Resource Hash
7b164b55d923436d57a934eef56e099b3eaf4cc638e22a377ae768c9faf3a696

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://obankofamerica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 14:58:28 GMT
via
1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
server
HTTPd
age
2481860
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31449600, public
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
6863
x-amz-cf-id
6j3upaMJK4qlOoG-ZjNCiaMu_aGecjwLcRMdj1Sg6xl9Cdd6ymzi1w==
expires
Thu, 15 Apr 2022 20:00:00 GMT
01-yamaha-xmax-125-2021-estudio-icon-gris-210-150.jpg
d13tq2cqmxyt15.cloudfront.net/images/cache/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d13tq2cqmxyt15.cloudfront.net/images/cache/01-yamaha-xmax-125-2021-estudio-icon-gris-210-150.jpg
Requested by
Host: obankofamerica.com
URL: https://obankofamerica.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:400:4:4f50:1e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
HTTPd /
Resource Hash
5ef9e96ddb990925c293831963f2b5da6a29232cba2540c1126ded87c95f80e1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://obankofamerica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 14:33:51 GMT
via
1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
server
HTTPd
age
2367976
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31449600, public
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
7623
x-amz-cf-id
sAZXHpBuFFDaWJ-shrTS3ATP8jsCiQ6IbKOq18NbUHSHwZpV2Qz0aA==
expires
Thu, 15 Apr 2022 20:00:00 GMT
01-honda-x-adv-2021-estudio-rojo-210-150.jpg
d13tq2cqmxyt15.cloudfront.net/images/cache/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d13tq2cqmxyt15.cloudfront.net/images/cache/01-honda-x-adv-2021-estudio-rojo-210-150.jpg
Requested by
Host: obankofamerica.com
URL: https://obankofamerica.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:400:4:4f50:1e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
HTTPd /
Resource Hash
29ae43f03b8f5eac942435f29a69b933105b6245ef692b91e1bb5f1f7d08d822
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://obankofamerica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 13 Oct 2021 20:58:32 GMT
via
1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
424287
x-cache
Hit from cloudfront
content-length
8021
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
HTTPd
x-frame-options
sameorigin
expect-ct
enforce, max-age=21600
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31449600, public
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
x-amz-cf-id
uQNbRUaoFHLuEQldd8RlmXFNbXQrDQPZzbUQfCCreK3KWU5fL3-X8g==
expires
Thu, 15 Apr 2022 20:00:00 GMT
01-yamaha-aerox-4-2018-perfil-gris-210-150.jpg
d13tq2cqmxyt15.cloudfront.net/images/cache/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d13tq2cqmxyt15.cloudfront.net/images/cache/01-yamaha-aerox-4-2018-perfil-gris-210-150.jpg
Requested by
Host: obankofamerica.com
URL: https://obankofamerica.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:400:4:4f50:1e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
HTTPd /
Resource Hash
7885d5344938dfc178f8b521a7542346f7e2db1bd0cb0ff5e36dce9f81eceb75

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://obankofamerica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 14:06:58 GMT
via
1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
server
HTTPd
age
2504298
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31449600, public
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
7590
x-amz-cf-id
QP94Hn9ITXvzGAgn_NMeEs0bAOe-P7ZCck6OMRbTI3qP8CBPSJnjWA==
expires
Thu, 15 Apr 2022 20:00:00 GMT
01-yamaha-nmax-125-2021-estudio-rojo-210-150.jpg
d13tq2cqmxyt15.cloudfront.net/images/cache/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d13tq2cqmxyt15.cloudfront.net/images/cache/01-yamaha-nmax-125-2021-estudio-rojo-210-150.jpg
Requested by
Host: obankofamerica.com
URL: https://obankofamerica.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:400:4:4f50:1e40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
HTTPd /
Resource Hash
5775b8862843b70917777ecfc11a069e866aec6d7a6fdede172edcf9e862f843

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://obankofamerica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 14:33:54 GMT
via
1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
server
HTTPd
age
2305758
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31449600, public
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
6986
x-amz-cf-id
cpKfWxrt8QbP-6NjsnZrJVBp-QhTba0UCpyvb4QfBcxxAhO7rkpD0Q==
expires
Thu, 15 Apr 2022 20:00:00 GMT
pubads_impl_2021101301.js
securepubads.g.doubleclick.net/gpt/ 		361 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063192
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
29d3ac66cb7823c6a5771bbb0ee77b819f72c251c06f7c9eb5c3000ea9611b32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://obankofamerica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 07:03:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124741
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 08:34:16 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 18 Oct 2021 07:03:13 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		37 B
77 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=obankofamerica.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
adacfff51021fd65f61cf89d5bdb7432993df747dc92b8c327ab4afc6114f858
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://obankofamerica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 18 Oct 2021 07:03:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53
x-xss-protection
0
expires
Mon, 18 Oct 2021 07:03:13 GMT
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.motofichas.com
URL: https://www.motofichas.com/media/plg_jchoptimize/cache/js/921e9d745db782f20bedc5debdb0b116.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://obankofamerica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Oct 2021 16:38:54 GMT
server
Golfe2
age
977
date
Mon, 18 Oct 2021 06:46:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Mon, 18 Oct 2021 08:46:57 GMT
googletag.js
www.motofichas.com/templates/motofichas/custom/js/ 		11 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.motofichas.com/templates/motofichas/custom/js/googletag.js?t=1634540594209
Requested by
Host: www.motofichas.com
URL: https://www.motofichas.com/media/plg_jchoptimize/cache/js/921e9d745db782f20bedc5debdb0b116.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.98.176.31 Arganda, Spain, ASN42612 (DINAHOSTING-AS, ES),
Reverse DNS
vl22333.dinaserver.com
Software
HTTPd /
Resource Hash
a6828bf9516807c892a64abe314658777c36824e910a9fb5e6ab31070084b796
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://obankofamerica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 07:03:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
1983
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
HTTPd
x-frame-options
sameorigin
expect-ct
enforce, max-age=21600
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=216000, private
accept-ranges
bytes
expires
Thu, 15 Apr 2022 20:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1599270958&t=pageview&_s=1&dl=https%3A%2F%2Fobankofamerica.com%2F&ul=en-us&de=UTF-8&dt=%E2%96%B7%20Motos%20Nuevas.%20Precios%20Ofertas%20Informaci%C3%B3n%20y%20Opiniones&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1281164437&gjid=1783660530&cid=531716827.1634540594&tid=UA-11325747-1&_gid=1469405003.1634540594&_r=1&_slc=1&z=186896329
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://obankofamerica.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 07:03:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://obankofamerica.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
415 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-11325747-1&cid=531716827.1634540594&jid=1281164437&gjid=1783660530&_gid=1469405003.1634540594&_u=IEBAAEAAAAAAAC~&z=1674480523
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://obankofamerica.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 18 Oct 2021 07:03:14 GMT
content-type
text/plain
access-control-allow-origin
https://obankofamerica.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-11325747-1&cid=531716827.1634540594&jid=1281164437&_u=IEBAAEAAAAAAAC~&z=650652510
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://obankofamerica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 07:03:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-11325747-1&cid=531716827.1634540594&jid=1281164437&_u=IEBAAEAAAAAAAC~&z=650652510
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://obankofamerica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 07:03:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=obankofamerica.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063192
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://obankofamerica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 18 Oct 2021 07:03:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=obankofamerica.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063192
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://obankofamerica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 18 Oct 2021 07:03:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		124 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1925269093006967&correlator=2841474379428597&output=ldjh&impl=fifs&eid=31063192%2C31063201%2C31062524%2C31063128&vrg=2021101301&ptt=17&sc=1&sfv=1-0-38&ecs=20211018&iu_parts=121029794%2Cnull&enc_prev_ius=%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1&prev_iu_szs=980x250%7C980x180%7C980x90%7C970x250%7C970x90%7C728x90%2C980x250%7C980x180%7C980x90%7C970x250%7C970x90%7C728x90%2C160x600%7C120x800%7C120x600%2C160x600%7C120x801%7C120x600%2C450x306%7C360x291%7C360x250%7C300x450%7C300x380%7C300x300%7C320x450%7C300x600%7C300x250%2C450x306%7C360x291%7C360x250%7C300x450%7C300x380%7C300x300%7C320x450%7C300x600%7C300x250%2C450x306%7C360x291%7C360x250%7C300x450%7C300x380%7C300x300%7C320x450%7C300x600%7C300x250%2C728x90%2C728x90%2C728x90%2C728x90%2C980x250%7C980x180%7C980x150%7C728x90%2C300x50%7C380x40%2C1x1%2C720x489%7C300x250&prev_scp=pos%3Dgiga_1%7Cpos%3Dgiga_2%7Cpos%3Dsky_izq%7Cpos%3Dsky_der%7Cpos%3Droba_1%7Cpos%3Droba_2%7Cpos%3Droba_3%7Cpos%3Dmega_1%7Cpos%3Dmega_2%7Cpos%3Dmega_3%7Cpos%3Dmega_4%7Cpos%3Dmega_sticky%7Cpos%3Dpatrocinio_equipamiento%7Cpos%3Dskin%7Cpos%3Dsekindo_banner&cookie_enabled=1&bc=31&abxe=1&lmt=1634525814&dt=1634540594371&dlt=1634540592427&idt=773&frm=20&biw=1600&bih=1200&oid=2&adxs=264%2C264%2C-9%2C-9%2C1014%2C1014%2C-9%2C-9%2C-9%2C-9%2C-9%2C-12245933%2C-9%2C800%2C-9&adys=329%2C10445%2C-9%2C-9%2C675%2C10555%2C-9%2C-9%2C-9%2C-9%2C-9%2C-12245933%2C-9%2C11866%2C-9&adks=1274268220%2C1274268221%2C4101346191%2C897131000%2C429097107%2C429097106%2C429097105%2C2988698727%2C2988698726%2C2988698725%2C2988698724%2C2871994391%2C113799941%2C3083565797%2C3274725072&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fobankofamerica.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1072x11569%7C1072x90%7C0x-1%7C0x-1%7C322x-1%7C322x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C1600x11956%7C0x-1%7C1600x11956%7C0x-1&msz=1072x250%7C1072x90%7C0x-1%7C0x-1%7C322x-1%7C322x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C1600x90%7C0x-1&ga_vid=531716827.1634540594&ga_sid=1634540594&ga_hid=1599270958&ga_fc=false&fws=4%2C4%2C2%2C2%2C4%2C4%2C2%2C2%2C2%2C2%2C2%2C644%2C2%2C4%2C2&ohw=1600%2C1600%2C0%2C0%2C1600%2C1600%2C0%2C0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C0&btvi=0%7C1%7C-1%7C-1%7C0%7C2%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C3%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063192
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
4066fd0a04b8661675e82a7f4d2ee8f19f1b56c75ac9e3f566c70d3f145039b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://obankofamerica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 07:03:14 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15751
x-xss-protection
0
google-lineitem-id
5801917870,5807257874,-2,-2,5805294174,5805306681,-2,5807257631,5806526047,-2,-2,5807257634,-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138365898902,138366654399,-2,-2,138366652725,138367080919,-2,138367086508,138366648120,-2,-2,138367150454,-2,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://obankofamerica.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D2D8 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063192
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://obankofamerica.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://obankofamerica.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 18 Oct 2021 07:03:14 GMT
expires
Tue, 18 Oct 2022 07:03:14 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5938 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063192
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://obankofamerica.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://obankofamerica.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 18 Oct 2021 07:03:14 GMT
expires
Tue, 18 Oct 2022 07:03:14 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9320 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063192
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://obankofamerica.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://obankofamerica.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 18 Oct 2021 07:03:14 GMT
expires
Tue, 18 Oct 2022 07:03:14 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2E22 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063192
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://obankofamerica.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://obankofamerica.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 18 Oct 2021 07:03:14 GMT
expires
Tue, 18 Oct 2022 07:03:14 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 76F4 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063192
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://obankofamerica.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://obankofamerica.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 18 Oct 2021 07:03:14 GMT
expires
Tue, 18 Oct 2022 07:03:14 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3B17 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063192
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://obankofamerica.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://obankofamerica.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 18 Oct 2021 07:03:14 GMT
expires
Tue, 18 Oct 2022 07:03:14 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021101301&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063192
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6b3e2fc337b32194f1e28751762144baee1844b0b69c8f1fe43a2317d2efa4e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://obankofamerica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 18 Oct 2021 07:03:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8530
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063192
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://obankofamerica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 07:03:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Mon, 18 Oct 2021 07:03:14 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame DC6C 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://obankofamerica.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://obankofamerica.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Sun, 17 Oct 2021 21:12:41 GMT
expires
Mon, 17 Oct 2022 21:12:41 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
35433
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame D733 		783 B
997 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
77853315d2369bcb8b22545cc192f72f62aa912ea6a5a708782c0463ddaeeaaa
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-hoRG+nMdjQ4kqhZuQGIJhQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://obankofamerica.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://obankofamerica.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 18 Oct 2021 07:03:14 GMT
date
Mon, 18 Oct 2021 07:03:14 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-hoRG+nMdjQ4kqhZuQGIJhQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
QjHKgOpm15qTJXWLxUnNMS8wTt6682k-qtw68OFTrDs.js
pagead2.googlesyndication.com/bg/ Frame DC6C 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QjHKgOpm15qTJXWLxUnNMS8wTt6682k-qtw68OFTrDs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
4231ca80ea66d79a9325758bc549cd312f304edebaf3693eaadc3af0e153ac3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 08:40:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
80548
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13301
x-xss-protection
0
last-modified
Mon, 11 Oct 2021 11:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Mon, 17 Oct 2022 08:40:46 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame D733 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021101301&jk=1925269093006967&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021101301&jk=1925269093006967&bg=!ZmWlZSHNAAao6lBpqOo7ACkAdvg8Wsv1BKevo44eiQysvIvRkKC9QbiyyPBhR6nhZoLWFM0V-uG0dgIAAABnUgAAAAxoAQeZAskCGArxEMtolv4AujocHlBB4o_bXrawZi5lL1-qdZ5_9STtJxrdbQsKPGHP1Y8SC5eOVPxKKMxzo0trzfznFSrmNJtS-GXeRZ4hnKx-uSsMCxnYQ5FiMAHGwreKHQ0hLWq9Vp3vf8b7sp2bYw-n14Q0Jl3qNnbmR82GNvyv6iFuEXMR5QAupPXZJ5PeYOkhaGhYkCe1OQM9eJGDYHFM7X_2xtbHccr9Q6xQzOUVX4XUmyVW0hqF9red81cEpj_E0d_6hKaJm424EkL66zmR_XcG3fDFNb8J_XzyfATP4SP3zobnNomC-M-ookdp-oU92hA-j0bKTkjxKtF6JppD0TOqhqZT6Bgqr4RXhuYowdqi4I1HVVB3LBvZywxG70p5aYxzByDK1ocZq2HIB3DZKYMGFYfm1BJXQwNnXOzZOokIS8766qzcSe9GL8b7faUocmLv3TqB_MjhVXn_K6SBQaQClBFC4rLPiOOsy_Quulc91Gn2bIXWXBDQ1yOg8XfpQmEMNvl0eeQdib9BPbunUOuGoiyAK-DI4VMYHKmGIX1OLPiGHQF_7uv-xt-pJHDq63Xax_heWR6g3VKZECckiiOnmM3yTF7JCoGKFdOLilI6jLnhVATJxJp3-es3m50xK7QO3xdo11EV1H-m8qToOyj_Eos0bJziFu2IbdgZzYiMMSO1JgMa--RayL-6wLN-nlEb2LWXB80ArcUi27Z2SnNqk6pkoECoIsiv0ZhPYaEX_rPtcSIzY69ObBbnLyeiGvcQyhSoZbAd6RRphvjQmvnfuAB7FA9nTzLwuGT7DBzMRZmFGvydaV4nGcz3C7f6WCX8YWRFkAtjByPRUMV0bIUMhUfVNQ8D8J_Qyufyx78Nm5yeKCYl0r5g1_kQnkorM-UXkrnJwCvpsBYSNdJKvMaOHGidT2Km6h4Hthj0VWsPz8_mde6YTUmEGg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://obankofamerica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 07:03:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 5938 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com
URL: https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 21:12:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35434
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 17 Oct 2022 21:12:40 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5938 		123 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com
URL: https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
41d9de265e720a301cbd9c525fa7089a677e0b099b422579a401516212b5add3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 07:03:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37919
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1634125446224599"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 18 Oct 2021 07:03:14 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 76F4 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com
URL: https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 21:12:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35434
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 17 Oct 2022 21:12:40 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 76F4 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com
URL: https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
aaf2f7bc90cc29a453bd07229397a5124581a75d0f0675ca3cf87c051fcb6813
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 07:03:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1018 / 645 of 1000 / last-modified: 1634523407"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27168
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 18 Oct 2021 07:03:14 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 76F4 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com
URL: https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
41d9de265e720a301cbd9c525fa7089a677e0b099b422579a401516212b5add3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 07:03:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37919
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1634125446224599"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 18 Oct 2021 07:03:15 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 3B17 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com
URL: https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 21:12:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35434
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 17 Oct 2022 21:12:40 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 3B17 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com
URL: https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
2d83ebac8aaf7b702dfb804ef1b8000fa7caedceda307ff0ceecd7fb0680213a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 07:03:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1018 / 100 of 1000 / last-modified: 1634523407"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27167
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 18 Oct 2021 07:03:14 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3B17 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com
URL: https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
41d9de265e720a301cbd9c525fa7089a677e0b099b422579a401516212b5add3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 07:03:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37919
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1634125446224599"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 18 Oct 2021 07:03:15 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 9320 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com
URL: https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 21:12:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35434
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 17 Oct 2022 21:12:40 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 9320 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com
URL: https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
b8d0686fa3b6082b3e684c5925dc585db636154775e3e8eba399ad46b878430a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 07:03:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1018 / 508 of 1000 / last-modified: 1634523407"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27148
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 18 Oct 2021 07:03:14 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9320 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com
URL: https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
41d9de265e720a301cbd9c525fa7089a677e0b099b422579a401516212b5add3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 07:03:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37919
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1634125446224599"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 18 Oct 2021 07:03:15 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 2E22 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com
URL: https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 21:12:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35434
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 17 Oct 2022 21:12:40 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 2E22 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com
URL: https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
aaf2f7bc90cc29a453bd07229397a5124581a75d0f0675ca3cf87c051fcb6813
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 07:03:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1018 / 613 of 1000 / last-modified: 1634523407"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27168
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 18 Oct 2021 07:03:14 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2E22 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com
URL: https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
41d9de265e720a301cbd9c525fa7089a677e0b099b422579a401516212b5add3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 07:03:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37919
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1634125446224599"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 18 Oct 2021 07:03:15 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 5938 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstIVvu5duP7PEuLcckByjN9VFlHptquaXpHidiDgahBIT_TexI2UkOIDbvAD_FD5qzXRB4VW916s9DZPbosSC4oaXip41gklubs0EYJGGdYrv5pBscT04HGXTRc7Uu6c0eDhRDeSHs-1D38eG9gZa8b-ZiKzfcLfcwk7P6KfleIemZXvyoBOQnFhr_EWs2c1GXOxZQLw1Mt_a5-U5c3992CGR8kpu7WadpHMROpsVTMciaIYcBiNg4r4Cf0xJhNQlDlN62GGmJBr1l6KHtQryyhmO7n9pEUV278tlIYWIxC5wwrIm5pLhnzhpAFt24PQN-eFyyzk6pU4w&sai=AMfl-YTsp1I8Waqo0RVwOYGTKPR0vFsw8U4RVt_TywjExZ2RbegEyOENsqZwXfrB8Lob5xG3aXt0broYQGiMOT__aH1Kl_nLp5SZAc1nzaYZRrash8-6enbPGLTfypyy73fq&sig=Cg0ArKJSzPlbvLS5AfbBEAE&urlfix=1&adurl=
Requested by
Host: d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com
URL: https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 18 Oct 2021 07:03:14 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 18 Oct 2021 07:03:14 GMT
videobanner-desktop-seat-mo-125.mp4
www.motofichas.com/videos/ Frame 5938 		199 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://www.motofichas.com/videos/videobanner-desktop-seat-mo-125.mp4
Requested by
Host: d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com
URL: https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.98.176.31 Arganda, Spain, ASN42612 (DINAHOSTING-AS, ES),
Reverse DNS
vl22333.dinaserver.com
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 18 Oct 2021 07:03:15 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-1080557/1080558
strict-transport-security
max-age=31536000; includeSubDomains; preload
Content-Length
1080558
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 01 Oct 2021 10:03:53 GMT
server
Apache
x-frame-options
sameorigin
expect-ct
enforce, max-age=21600
vary
Accept-Encoding
content-type
video/mp4
cache-control
max-age=31536000
accept-ranges
bytes
expires
Tue, 18 Oct 2022 07:03:14 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 76F4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvLlQYWiRoOyZacLo3JBxMrBr-TU6SUP9FhD-B6ifWBLrWcZY3RYTeGPexPRl-uEtlU8Y4fTNRKYjZa9Ih6_MIFfEv-oRcE48TlxXeGjFHhzXbs_3w3_vuyOS7qCLQAg1fB_I4EpmVmX7BNQ0SoNoddNb_vMlXshduL8FkFiX9JeCk4lG45q3z-Kh3548pkGO4MRBtxSYduc-FcdI6l0iFaWLk9q_Bc24Pfq2QWGTEy_3KuSVHD2sTZ1Z3-J_IZDjxgY77B48IUMWNETYSD7hD7TqJGOyLMK1ak2U4AtroTsbXVLM8vzbY&sai=AMfl-YRu2a4sz3R3WfTZ3bWNmoGrbH2J3FbVr8FkW_vMFKkAzRctNHht9fQNY-WlGMcMdg9KeE6DSND3Mpf-zJYdxZxlZwk34f1riWe7UiQNe89g52b2qrD7jkuVE940o_MG&sig=Cg0ArKJSzI47YOc-n0W5EAE&urlfix=1&adurl=
Requested by
Host: d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com
URL: https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 18 Oct 2021 07:03:14 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame 3B17 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsveBiGk0PgOXHwV7RH3P4e5PguoPbR2ZX9AHZf0yp-7exg-kugyyPD0ursz5AqW0I-qGw-IwVRGSivx0FgQq95IxOX8WEHXkcDC1sft49mvva1kGr7cgYq5X19A0BXV_u4oS0tzFnv_5RibfBqC8pg-G2KU6Bvodw4mYb2fEUfLg2IpPhglCUkalPdVb-rQ5bFEXBC17Cnn-NiG1Arlp1bcProKlCp-QHF6Hes8s4uQjoLcP-d2jHGiggrZEZNY2BXccOcYFXaVUsi4ZGMm2ebMULbUYM3l2h1j9AYiLIZc2CmhgsuGUwm9oOfqIHRTpqsAg7oJfQ&sai=AMfl-YRbqPGki8ke2tlCPMZPUV8CcIZhirh_m9oQsZQJMOab223su2WeY8eeK_felvAzn1r9zjfzziHXkDygr3U2WeBvNB0eAyankVvaks-9Tv93SIcCYIO1uy6dJHawrhGx&sig=Cg0ArKJSzAtcRfg9nVKGEAE&urlfix=1&adurl=
Requested by
Host: d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com
URL: https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 18 Oct 2021 07:03:14 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame 9320 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuDMsQvUlXbK9Xda-59jAedUZSqgzGVq71OzM_RPlxdg7_M4uKTPQR_4mqFLiwRKix7maGSY_18nkTtmfi1tshBsaMYco8zGzJPGvE5n-jmKTGh1itVkXR_jVyS8GDupyMuSW1fO-EPO-ZQNvO8davqG3QueJ-8c2nqHm3y0SKK9wZn38zBJWqUR-EvoKD1OtpJ0-0LAPSgsKYQ4UIGuDrKOEVUSq3Q0qfsn9wfN85zqKVU1ZhawVE5IsCwhtO8MkadNdGiQJWOrNH4dsZCA_jWMxbz5thJoKgp2Dl3MncoLcRVHpC2MjY&sai=AMfl-YS0MtLkXvtePuQuBKKblFqyV6A5nqJ6r866GU3nq98kFg1k68n8B3HZ5rJfLThRT1VJLS4hLXj1gIqHNoG0mUJJyuJWi58yXxYf3rIU25T6EOvIYCvQFWmUIROErRS1&sig=Cg0ArKJSzAmypIIr5xItEAE&urlfix=1&adurl=
Requested by
Host: d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com
URL: https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 18 Oct 2021 07:03:15 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame 2E22 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstCdHchBNfD_fYh0wLaSK5NZqTzKcyd4BAMddFOhlTXmBS9FOfDBLebrNvcTVBOcm87NkhjdxY0QS_GEuxSszZQeQRB9GzWUPsN-EV_pWZSUPSPfspLIftYbFz-CK7WwqKZiqIduEzfvxOdm9rRoFvDxlgy3P2EFT2lxxS32irAuHNleXYf_i1ieOwLTmoPwow09cL_4fihD28XluIvJhGcUgVyXhQOjJlWSYJAA_r7P5eUEMDgl7hqV7sYyXy-Mtk7C8k2OIbaGydt-54UQhZ7MGcO2StLAZj3VEbOi4EFWlUuJ5L7dF4&sai=AMfl-YQr2gpEAYXd-IyASdvynS9pZKw9YZbIKP787IfB7rIYwJfuNG-uGVkHO1FoEToSy1NnMRPapPwQPngXcFJYM_XG6rRK31FlfRNoMtqEEphz7jbpt8Gup8sTq3M0RWyd&sig=Cg0ArKJSzNEkPXTtGDBsEAE&urlfix=1&adurl=
Requested by
Host: d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com
URL: https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 18 Oct 2021 07:03:14 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
pubads_impl_2021101301.js
securepubads.g.doubleclick.net/gpt/ Frame 76F4 		361 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063159
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
29d3ac66cb7823c6a5771bbb0ee77b819f72c251c06f7c9eb5c3000ea9611b32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 07:03:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124741
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 08:34:16 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 18 Oct 2021 07:03:17 GMT
pubads_impl_2021101301.js
securepubads.g.doubleclick.net/gpt/ Frame 3B17 		361 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063192
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
29d3ac66cb7823c6a5771bbb0ee77b819f72c251c06f7c9eb5c3000ea9611b32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 07:03:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124741
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 08:34:16 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 18 Oct 2021 07:03:15 GMT
pubads_impl_2021101301.js
securepubads.g.doubleclick.net/gpt/ Frame 2E22 		361 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063159
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
29d3ac66cb7823c6a5771bbb0ee77b819f72c251c06f7c9eb5c3000ea9611b32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 07:03:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124741
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 08:34:16 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 18 Oct 2021 07:03:17 GMT
pubads_impl_2021101201.js
securepubads.g.doubleclick.net/gpt/ Frame 9320 		361 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js?31063158
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
3739f7e3f233afefaaf897a2c109cd3dcce3799125f58957b4a622b610511a63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 07:03:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124532
x-xss-protection
0
last-modified
Tue, 12 Oct 2021 08:35:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 18 Oct 2021 07:03:15 GMT
truncated
/ Frame 5938 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
708f3e65df746ce52aa2da4458ba8227142afcf4f7c604404faa97fb1c7edd01

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 76F4 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
be6026ee43686dc089b8ce4dd9a9aa72fb28a2a53cf800e9997ba50c0587c276

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 3B17 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
72332ed8866e479889aefb2b570a7007f5b64d8ade2bcea3879a2622a7f4d660

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
integrator.js
adservice.google.de/adsid/ Frame 3B17 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063192
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 18 Oct 2021 07:03:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 3B17 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063192
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 18 Oct 2021 07:03:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 3B17 		14 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1392327008043604&correlator=2072231534367544&output=ldjh&impl=fif&eid=31063192%2C31063213%2C31062525&vrg=2021101301&ptt=17&sc=1&sfv=1-0-38&ecs=20211018&iu_parts=22315401138%3A121029794%2CMOTOFICHAS%2CMOTOFICHASMX_DK_970x90*_DISPLAY&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250&eri=4&cdm=d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com&bc=31&abxe=1&dt=1634540595109&dlt=1634540594903&idt=194&ea=0&frm=24&biw=-12245933&bih=-12245933&isw=980&ish=250&oid=2&adxs=0&adys=0&adks=1751143830&ucis=b83065v8n6wg&ifi=1&ifk=1383766350&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.motofichas.com.mx%2F&loc=https%3A%2F%2Fd652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&top=obankofamerica.com&vis=1&dmc=8&scr_x=-12245933&scr_y=-12245933&psz=0x0&msz=980x0&ga_vid=1854481582.1634540595&ga_sid=1634540595&ga_hid=34198259&ga_fc=false&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063192
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
17d1cf42245d2ef2eba8dfa67ca52099000b92e9435cd9d362cb0b527f1e61ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 07:03:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8537
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
83ac6b6e7e5aee9be4ea51bb505026ec.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7341 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://83ac6b6e7e5aee9be4ea51bb505026ec.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063192
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
83ac6b6e7e5aee9be4ea51bb505026ec.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 18 Oct 2021 07:03:15 GMT
expires
Tue, 18 Oct 2022 07:03:15 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 2E22 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fb32c92a0a5ec78418491f41e27687cb5d0c501665badf278ab5496c733e5914

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 9320 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9cd51539b72e46d024a93b71ef9e2d45ae8c2d575b3481c2fc3eccb2d552153c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
integrator.js
adservice.google.de/adsid/ Frame 9320 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js?31063158
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 18 Oct 2021 07:03:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 9320 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js?31063158
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 18 Oct 2021 07:03:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 9320 		18 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=824056060162544&correlator=3005250610249344&output=ldjh&impl=fif&eid=31063158%2C31062525&vrg=2021101201&ptt=17&sc=1&sfv=1-0-38&ecs=20211018&iu_parts=22315401138%3A121029794%2CMOTOFICHAS%2CMOTOFICHASMX_DK_970x90*_DISPLAY&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x90&eri=4&cdm=d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com&bc=31&abxe=1&dt=1634540595185&dlt=1634540594911&idt=250&ea=0&frm=24&biw=-12245933&bih=-12245933&isw=970&ish=90&oid=2&adxs=0&adys=0&adks=3116657724&ucis=1qun12o5b6ni&ifi=1&ifk=1622016510&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.motofichas.com.mx%2F&loc=https%3A%2F%2Fd652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&top=obankofamerica.com&vis=1&dmc=8&scr_x=-12245933&scr_y=-12245933&psz=0x0&msz=970x0&ga_vid=1799475381.1634540595&ga_sid=1634540595&ga_hid=1618272370&ga_fc=false&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js?31063158
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
552109b217566153d7b6af5b791a0cc4b6265a1946afcf15b6de62f3476baee6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 07:03:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9319
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
00b60a390aded31298f0237f320d50d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8AF0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://00b60a390aded31298f0237f320d50d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js?31063158
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
00b60a390aded31298f0237f320d50d6.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 18 Oct 2021 07:03:15 GMT
expires
Tue, 18 Oct 2022 07:03:15 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
videobanner-desktop-seat-mo-125.mp4
www.motofichas.com/videos/ Frame 5938 		31 KB
32 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://www.motofichas.com/videos/videobanner-desktop-seat-mo-125.mp4
Requested by
Host: d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com
URL: https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.98.176.31 Arganda, Spain, ASN42612 (DINAHOSTING-AS, ES),
Reverse DNS
vl22333.dinaserver.com
Software
Apache /
Resource Hash
59ed0d781d748658f0995fbeeafdcadf81122cafb6854faab8d03289cf7cc863
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range
bytes=1048576-

Response headers

date
Mon, 18 Oct 2021 07:03:15 GMT
x-content-type-options
nosniff
Content-Range
bytes 1048576-1080557/1080558
strict-transport-security
max-age=31536000; includeSubDomains; preload
Content-Length
31982
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 01 Oct 2021 10:03:53 GMT
server
Apache
x-frame-options
sameorigin
expect-ct
enforce, max-age=21600
vary
Accept-Encoding
content-type
video/mp4
cache-control
max-age=31536000
accept-ranges
bytes
expires
Tue, 18 Oct 2022 07:03:15 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 5938 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss0B-NHtjmhOYL22eMpiVkDWN07hSfat9A4sqZNJKcOG7Ke6DDhn7eZsv_Oe8Ts_7oP0wHvHFDd2s_vyEVH1XflKYrQ9_B38ATLBELtObDDxlmmovmw3KAcjMZ2ms4bY0jo6pfeaybvr-Bo8pJOnF6nXbihESMieXe5_gabvgLYDaYpD3kB4zxTiCf6-uTXFbXCag--6RU0Rl1niNCZYDP_XKno_haevgEpSA7o38hsmCWYQxucLJvWA8fuHEEbS2CLQwBlD6DbN9KAXIGwf9U3YO9rF2QjphbV4RrbbUpWY6ZNBowLsja0VjSYjw&sai=AMfl-YSr0b94x9q7GWuIdIroTtcLJnWf6o1vzFrFbuDaw-M825kmmis8DaQJVSREqjbG5gqBYjASiJTfuWBsT7QsmHUpvrtn-bbwZeFSyQf5P3t-3YK42WB5gUxzOM6j_Pjm&sig=Cg0ArKJSzOgOrPI_lDftEAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 18 Oct 2021 07:03:15 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 18 Oct 2021 07:03:15 GMT
container.html
83ac6b6e7e5aee9be4ea51bb505026ec.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6C88 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://83ac6b6e7e5aee9be4ea51bb505026ec.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063192
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
83ac6b6e7e5aee9be4ea51bb505026ec.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 18 Oct 2021 07:03:15 GMT
expires
Tue, 18 Oct 2022 07:03:15 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel
googleads.g.doubleclick.net/xbbe/ Frame C9AA 		624 B
754 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ4KTvAhjR9d-3ATAB&v=APEucNWX_5SxWfFZcIAx6figP7Rk75fwbWxugZ7Xw7hoAi14wNDZ_kttZi0MgDoEEYBdI89ASUL44huvwm5XkxS3JKtJHIhqqj3lOHNzXrI068v5BNYgRJo0co6pR_bDqVsrL9jkFkqUgaWE6lpM1jdePto1yYuT-2o9Owj_O5sH5xmEbwbp6io
Requested by
Host: 83ac6b6e7e5aee9be4ea51bb505026ec.safeframe.googlesyndication.com
URL: https://83ac6b6e7e5aee9be4ea51bb505026ec.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CMX_6gIQ4KTvAhjR9d-3ATAB&v=APEucNWX_5SxWfFZcIAx6figP7Rk75fwbWxugZ7Xw7hoAi14wNDZ_kttZi0MgDoEEYBdI89ASUL44huvwm5XkxS3JKtJHIhqqj3lOHNzXrI068v5BNYgRJo0co6pR_bDqVsrL9jkFkqUgaWE6lpM1jdePto1yYuT-2o9Owj_O5sH5xmEbwbp6io
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://83ac6b6e7e5aee9be4ea51bb505026ec.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUmDoamMcuKkNE3MfS1rwJzFe2mOmjXAMfAGQ2f5RvdzEQvAh4sPdZAiKbHhgz0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://83ac6b6e7e5aee9be4ea51bb505026ec.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 18 Oct 2021 07:03:15 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 6C88 		71 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BhuXeZNMKKxOBOeJjLufkTax0ksnKg0azsatG7xVss_7HU1-xhEWZKx-FIZGIwIcces_-Piia1aanIxx1nedtpQZd8_VjTWBi9TAWDtEdOsRtMhWSwgh8DYeCRAKUph8Ugy7AejkOta8Y1VUAa3js0VV6pzg&dbm_d=AKAmf-D7swroVS8JyyLv1edKFWN9RLjsQcjgz4-8ZV1JYSpe8NDR0ekaTT2nBzdHFptG2v5sYtrbWksDhrS3w1-dtnQfxTbE_yhS6AYd1JcdLxwdbRH_T3waMg0z5YewRmnkotE0c3OA3rUGSSpFZF5gPdQcga-XCJohAt1yANwaXwQw3HjBxLcXVkDS9K7kpeRfAF9lJ5hJnA5Jg7lgbYWFfEaYM25J9xzF4dO_AsHwIl4SZ-3GhW0bIjNdvR3WczUc6DHD0uphxqzz61mDbPaSTEwIVjW89pdPuB3mkB1MpADjHBVH-BzU9nVuSKWjW_S-4N7UxDiT4bGInomUpUZf97vyLmdWHvoBj25jbnj031-e5WbK2PL0RnNR23yHV_TQXUvHmshO8PFZ57I7pMEkQNtVK-k5ZUrQSrD909eM_8ENw397DAMqMN9Mue7ocbYca5vxeQygpA-Gj8Qfu4V5INlQPDMJxgdbqjV92aV4dwve4_d-6ieTg7jjFY67pvS87a_B7bDJ4LxmCtFwVaqFGEwmxAZH-HTq8vDENEsytcE4G5kaOpGlG-H5zyWD5rJ8ZeJotTIbRJ39OGT9hJkYuDBQfYG8u6o6WInR6dNE_LmhAgVWlQqLaQLsNSnJ9OWvFdR7Tzy11EOqTfG0ahR5-b1N1SHH1PUlZhr6t9pj7PDDlp-x2vnMbOcS4lt5i2A7EobkM7DvhRwbm-2Qzxg6BSz0NCr12G3JHmyjIulMmuiBGOc06vT86qyuE7EspKCxT3xVICGxkMYoAU9suKBC3C95uO00c1mt5ETeTRV1WyhLXvFC9-HGIioeiF9riHgWvXXi4Ro1NKbTbX0tTyAe1cA85MeHT6owgiEgXwIeHu77xyOeEp22ofD_s8P-o655MI2B1SVJGmaPmbdSEXu-kRTTxQaV-qDPcKGSprdsl5QmDSdEIZP1leQ9i34I21aXrbIlmqxojdtJ59aU-THvi6Pk6Uv0HZtMBLIQYbRqfX_8AOxa8yx9Jk4r_B4b13dGokB4M5_HR_KR22cFW2a1r1Wr_PLWR4vYcTjvUdnVCaSdOTfgvSLQqhqj0KvVnqAJCZS-A2zeIZCXUdyeortxcDryYsOSsKHwjPl23JsQjmCnM_5VZndoJKQZvrsxK3XmlcsacNiFVenhwCoqPsAsf0OK4FzzZ-m9Nqe88qaONcE9UA6ig7VCwmU2KdhRtadW-UBvkxo6swMMuvWtJAfFh4qJ6mBOOk6kyGOz0HbI4h-TyLU2kyLDnjENhKZDkwBAZc_mx26aWqmkOpwSxPQOJZUEzvlxnaFULQNZJ4x1cR_1llVuIlR076R4IiLh7NWVo29s4__MRsNOMt-wQXGVvrLG-YQ8XERKzfrv1xFZjrxAFT05DX5HT8SRUIt8sXdBgynO2YRxmkhrl83bdiejJt3feFaercGbp9caa_3Xjgrx-IT0y78Lq4L-LDSdaZIAaBkoIp-l0P6o0ExXR2lLvAOTDg_RbyOwBYjApStUfdg9NowjAgxUzgvIs9U-D6MC26FOYh8O004TMRC15ajFuF7I78tIsl1q2G50YU37gSf3vwZq2omDfAi3Y7_tmyjEKdgdclC1j0YdvwE5SLPtwgOmJzVpCuPDevsqYjYRUYd5INrxO9OA5mIgPNKKDcqUIfF5_z0UT2GakkYeDsNDNXGi2ThNltrVCgn93WjW9VLArZGu_tkpbYyFqh_dRFyzeCXEWUwniemhjGfRUhqvszvm_rCXibMdk2P3ilNSXTVCG7Df7f17sMo_ThSebFQx9yHli-_2NSKXObqpZSwauDx6JmBbmdpN5uDlheDhqMOjTyWSdxFb8PgDA92nfqWPn3TAYNjAOc4r5u2d9nvogbf959ipPX-YHAEVHFmElcYg_AoztMP35PfrzcUZBvG5nzHFV4DNVCkR1gnTEYB3wrgwJCQBl7xvXc3UyInqOzj0Qi1LgX4sJemO-9ALE6n745wkJdTnTxtKbW9iLQGEd5AOp41xIVQD8UJZEEJikPUV--UndnGdeHhJR8Q7jGGpUm2pPVfTihOayLV9uCyULC2_DUSr8PsCg3uv3GyCgtwfGC_oCxZ6nfkDAybkAt6yTJZW3IExP-JNVis-aB1crCmtsTMj0ynfwPxFOa6dADvh83cTgp_pIuy0H1BSiNmO9Am9r1ANKsvd0NGSd3Ab-HkrpEQjfA7tqE52hlSAR3Wg4ku1F5fnDIgllPqTYVOS6GJ1zwm-k7BnsNSadpHYY9r1IFnC8rCjuR9FSpphyieYTR971Tdc2-_LPMZf6o8QdWP2vekUitiZkELH4iw2NhUkTqMxYeYFTa6OvJCSLQsE0ow8DVEIvWxBv6MBeNeK-3k7fukqmXfwi3DUcaTbVlMFMjL4RvtEB-PFECPY2QcjKhHGqnfGR3ebdPORlCJpIqKFKksf-LJDW4VgxGMNlqQRX8z_dH_2WUd8l4jfEXGbBISS9ke_bbMOT38bzs3aC4X3YNHv8tB-Sk8Qx2UtpLF6aH7zq2g0OFJiZky2JB92F9JtQE5S64xNwqVuvvJU2_86n4Bgw8M9ST9A1kFDGfLzGgY3pHA_Gx9tCnfjh_DifaAcWFEf2-vJyxr-2MkGW7AQs0eSxR17BZd1UDFmUfxg3PAqckMY4a45AVne1UNE-pA2PZ5LeicdyP4vzV8QmKGrvLYMx5crlm9JmcrO-878APVk3SB-84yViMiEz0wiejGicazxiQk2EgNTVp04yO3vRAMeHwM9_uQdSkyX2onA7pWe2okXYAYMcNZSREQwjTUJOTDXgscC4E__qzNRG0erweJF_7HIPRCy3pmsvRnkTs-c3k1OCNrEO6pto7Wz4OW61LiPJ1FPqDq9oZhqdjaFPEy3JxpsbWPOElM4_Si7UUm9hp9YrW9XqeNBQkiq8otfyUw7nhYCbDC366BcseuVW9np&cid=CAASEuRosqKbcLGqtkAYMGup01Lr4g&rfl=2%2Chttps%253A%252F%252Fobankofamerica.com%242%2Chttps%253A%252F%252Fd652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com%252F%240
Requested by
Host: obankofamerica.com
URL: https://obankofamerica.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
04bbede4f72508d7a23ac323498251a0002cf62d24d778bbe82bf28f7b412adc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://83ac6b6e7e5aee9be4ea51bb505026ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 07:03:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29023
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6C88 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Au164x13VdVGygKs79DScbcMhMlDxzlEpx2qxZzoq57mOFG_33meSo9p1ndchc160kfTQaDABIzSiSdFyeWg1AO3g_asGnyyyDXh8WVJZd6u3mqaY
Requested by
Host: 83ac6b6e7e5aee9be4ea51bb505026ec.safeframe.googlesyndication.com
URL: https://83ac6b6e7e5aee9be4ea51bb505026ec.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://83ac6b6e7e5aee9be4ea51bb505026ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 07:03:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/ Frame 6C88 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/window_focus_fy2019.js
Requested by
Host: 83ac6b6e7e5aee9be4ea51bb505026ec.safeframe.googlesyndication.com
URL: https://83ac6b6e7e5aee9be4ea51bb505026ec.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://83ac6b6e7e5aee9be4ea51bb505026ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 06:52:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
630
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 Nov 2021 06:52:45 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6C88 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 83ac6b6e7e5aee9be4ea51bb505026ec.safeframe.googlesyndication.com
URL: https://83ac6b6e7e5aee9be4ea51bb505026ec.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
41d9de265e720a301cbd9c525fa7089a677e0b099b422579a401516212b5add3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://83ac6b6e7e5aee9be4ea51bb505026ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 07:03:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37919
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1634125446224599"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 18 Oct 2021 07:03:15 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/ Frame 6C88 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 83ac6b6e7e5aee9be4ea51bb505026ec.safeframe.googlesyndication.com
URL: https://83ac6b6e7e5aee9be4ea51bb505026ec.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://83ac6b6e7e5aee9be4ea51bb505026ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 06:10:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3173
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6281
x-xss-protection
0
server
cafe
etag
18349783599053866072
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 Nov 2021 06:10:22 GMT
container.html
00b60a390aded31298f0237f320d50d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 21D5 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://00b60a390aded31298f0237f320d50d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js?31063158
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
00b60a390aded31298f0237f320d50d6.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 18 Oct 2021 07:03:15 GMT
expires
Tue, 18 Oct 2022 07:03:15 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
express_html_inpage_rendering_lib_200_273.js
s0.2mdn.net/879366/ Frame 6C88 		114 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Requested by
Host: obankofamerica.com
URL: https://obankofamerica.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://83ac6b6e7e5aee9be4ea51bb505026ec.safeframe.googlesyndication.com/
Origin
https://83ac6b6e7e5aee9be4ea51bb505026ec.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 11:05:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71845
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40185
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 20:54:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 18 Oct 2021 11:05:50 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20211013/r20110914/elements/html/ Frame 6C88 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211013/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BhuXeZNMKKxOBOeJjLufkTax0ksnKg0azsatG7xVss_7HU1-xhEWZKx-FIZGIwIcces_-Piia1aanIxx1nedtpQZd8_VjTWBi9TAWDtEdOsRtMhWSwgh8DYeCRAKUph8Ugy7AejkOta8Y1VUAa3js0VV6pzg&dbm_d=AKAmf-D7swroVS8JyyLv1edKFWN9RLjsQcjgz4-8ZV1JYSpe8NDR0ekaTT2nBzdHFptG2v5sYtrbWksDhrS3w1-dtnQfxTbE_yhS6AYd1JcdLxwdbRH_T3waMg0z5YewRmnkotE0c3OA3rUGSSpFZF5gPdQcga-XCJohAt1yANwaXwQw3HjBxLcXVkDS9K7kpeRfAF9lJ5hJnA5Jg7lgbYWFfEaYM25J9xzF4dO_AsHwIl4SZ-3GhW0bIjNdvR3WczUc6DHD0uphxqzz61mDbPaSTEwIVjW89pdPuB3mkB1MpADjHBVH-BzU9nVuSKWjW_S-4N7UxDiT4bGInomUpUZf97vyLmdWHvoBj25jbnj031-e5WbK2PL0RnNR23yHV_TQXUvHmshO8PFZ57I7pMEkQNtVK-k5ZUrQSrD909eM_8ENw397DAMqMN9Mue7ocbYca5vxeQygpA-Gj8Qfu4V5INlQPDMJxgdbqjV92aV4dwve4_d-6ieTg7jjFY67pvS87a_B7bDJ4LxmCtFwVaqFGEwmxAZH-HTq8vDENEsytcE4G5kaOpGlG-H5zyWD5rJ8ZeJotTIbRJ39OGT9hJkYuDBQfYG8u6o6WInR6dNE_LmhAgVWlQqLaQLsNSnJ9OWvFdR7Tzy11EOqTfG0ahR5-b1N1SHH1PUlZhr6t9pj7PDDlp-x2vnMbOcS4lt5i2A7EobkM7DvhRwbm-2Qzxg6BSz0NCr12G3JHmyjIulMmuiBGOc06vT86qyuE7EspKCxT3xVICGxkMYoAU9suKBC3C95uO00c1mt5ETeTRV1WyhLXvFC9-HGIioeiF9riHgWvXXi4Ro1NKbTbX0tTyAe1cA85MeHT6owgiEgXwIeHu77xyOeEp22ofD_s8P-o655MI2B1SVJGmaPmbdSEXu-kRTTxQaV-qDPcKGSprdsl5QmDSdEIZP1leQ9i34I21aXrbIlmqxojdtJ59aU-THvi6Pk6Uv0HZtMBLIQYbRqfX_8AOxa8yx9Jk4r_B4b13dGokB4M5_HR_KR22cFW2a1r1Wr_PLWR4vYcTjvUdnVCaSdOTfgvSLQqhqj0KvVnqAJCZS-A2zeIZCXUdyeortxcDryYsOSsKHwjPl23JsQjmCnM_5VZndoJKQZvrsxK3XmlcsacNiFVenhwCoqPsAsf0OK4FzzZ-m9Nqe88qaONcE9UA6ig7VCwmU2KdhRtadW-UBvkxo6swMMuvWtJAfFh4qJ6mBOOk6kyGOz0HbI4h-TyLU2kyLDnjENhKZDkwBAZc_mx26aWqmkOpwSxPQOJZUEzvlxnaFULQNZJ4x1cR_1llVuIlR076R4IiLh7NWVo29s4__MRsNOMt-wQXGVvrLG-YQ8XERKzfrv1xFZjrxAFT05DX5HT8SRUIt8sXdBgynO2YRxmkhrl83bdiejJt3feFaercGbp9caa_3Xjgrx-IT0y78Lq4L-LDSdaZIAaBkoIp-l0P6o0ExXR2lLvAOTDg_RbyOwBYjApStUfdg9NowjAgxUzgvIs9U-D6MC26FOYh8O004TMRC15ajFuF7I78tIsl1q2G50YU37gSf3vwZq2omDfAi3Y7_tmyjEKdgdclC1j0YdvwE5SLPtwgOmJzVpCuPDevsqYjYRUYd5INrxO9OA5mIgPNKKDcqUIfF5_z0UT2GakkYeDsNDNXGi2ThNltrVCgn93WjW9VLArZGu_tkpbYyFqh_dRFyzeCXEWUwniemhjGfRUhqvszvm_rCXibMdk2P3ilNSXTVCG7Df7f17sMo_ThSebFQx9yHli-_2NSKXObqpZSwauDx6JmBbmdpN5uDlheDhqMOjTyWSdxFb8PgDA92nfqWPn3TAYNjAOc4r5u2d9nvogbf959ipPX-YHAEVHFmElcYg_AoztMP35PfrzcUZBvG5nzHFV4DNVCkR1gnTEYB3wrgwJCQBl7xvXc3UyInqOzj0Qi1LgX4sJemO-9ALE6n745wkJdTnTxtKbW9iLQGEd5AOp41xIVQD8UJZEEJikPUV--UndnGdeHhJR8Q7jGGpUm2pPVfTihOayLV9uCyULC2_DUSr8PsCg3uv3GyCgtwfGC_oCxZ6nfkDAybkAt6yTJZW3IExP-JNVis-aB1crCmtsTMj0ynfwPxFOa6dADvh83cTgp_pIuy0H1BSiNmO9Am9r1ANKsvd0NGSd3Ab-HkrpEQjfA7tqE52hlSAR3Wg4ku1F5fnDIgllPqTYVOS6GJ1zwm-k7BnsNSadpHYY9r1IFnC8rCjuR9FSpphyieYTR971Tdc2-_LPMZf6o8QdWP2vekUitiZkELH4iw2NhUkTqMxYeYFTa6OvJCSLQsE0ow8DVEIvWxBv6MBeNeK-3k7fukqmXfwi3DUcaTbVlMFMjL4RvtEB-PFECPY2QcjKhHGqnfGR3ebdPORlCJpIqKFKksf-LJDW4VgxGMNlqQRX8z_dH_2WUd8l4jfEXGbBISS9ke_bbMOT38bzs3aC4X3YNHv8tB-Sk8Qx2UtpLF6aH7zq2g0OFJiZky2JB92F9JtQE5S64xNwqVuvvJU2_86n4Bgw8M9ST9A1kFDGfLzGgY3pHA_Gx9tCnfjh_DifaAcWFEf2-vJyxr-2MkGW7AQs0eSxR17BZd1UDFmUfxg3PAqckMY4a45AVne1UNE-pA2PZ5LeicdyP4vzV8QmKGrvLYMx5crlm9JmcrO-878APVk3SB-84yViMiEz0wiejGicazxiQk2EgNTVp04yO3vRAMeHwM9_uQdSkyX2onA7pWe2okXYAYMcNZSREQwjTUJOTDXgscC4E__qzNRG0erweJF_7HIPRCy3pmsvRnkTs-c3k1OCNrEO6pto7Wz4OW61LiPJ1FPqDq9oZhqdjaFPEy3JxpsbWPOElM4_Si7UUm9hp9YrW9XqeNBQkiq8otfyUw7nhYCbDC366BcseuVW9np&cid=CAASEuRosqKbcLGqtkAYMGup01Lr4g&rfl=2%2Chttps%253A%252F%252Fobankofamerica.com%242%2Chttps%253A%252F%252Fd652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
67cf5c21bfc71ee46210832792237e4a6ccd99e5c7bc198b046a38c9167fd0ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://83ac6b6e7e5aee9be4ea51bb505026ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 06:52:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
650
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3128
x-xss-protection
0
server
cafe
etag
3658073882064373855
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 Nov 2021 06:52:25 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20211013/r20110914/ Frame 6C88 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211013/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BhuXeZNMKKxOBOeJjLufkTax0ksnKg0azsatG7xVss_7HU1-xhEWZKx-FIZGIwIcces_-Piia1aanIxx1nedtpQZd8_VjTWBi9TAWDtEdOsRtMhWSwgh8DYeCRAKUph8Ugy7AejkOta8Y1VUAa3js0VV6pzg&dbm_d=AKAmf-D7swroVS8JyyLv1edKFWN9RLjsQcjgz4-8ZV1JYSpe8NDR0ekaTT2nBzdHFptG2v5sYtrbWksDhrS3w1-dtnQfxTbE_yhS6AYd1JcdLxwdbRH_T3waMg0z5YewRmnkotE0c3OA3rUGSSpFZF5gPdQcga-XCJohAt1yANwaXwQw3HjBxLcXVkDS9K7kpeRfAF9lJ5hJnA5Jg7lgbYWFfEaYM25J9xzF4dO_AsHwIl4SZ-3GhW0bIjNdvR3WczUc6DHD0uphxqzz61mDbPaSTEwIVjW89pdPuB3mkB1MpADjHBVH-BzU9nVuSKWjW_S-4N7UxDiT4bGInomUpUZf97vyLmdWHvoBj25jbnj031-e5WbK2PL0RnNR23yHV_TQXUvHmshO8PFZ57I7pMEkQNtVK-k5ZUrQSrD909eM_8ENw397DAMqMN9Mue7ocbYca5vxeQygpA-Gj8Qfu4V5INlQPDMJxgdbqjV92aV4dwve4_d-6ieTg7jjFY67pvS87a_B7bDJ4LxmCtFwVaqFGEwmxAZH-HTq8vDENEsytcE4G5kaOpGlG-H5zyWD5rJ8ZeJotTIbRJ39OGT9hJkYuDBQfYG8u6o6WInR6dNE_LmhAgVWlQqLaQLsNSnJ9OWvFdR7Tzy11EOqTfG0ahR5-b1N1SHH1PUlZhr6t9pj7PDDlp-x2vnMbOcS4lt5i2A7EobkM7DvhRwbm-2Qzxg6BSz0NCr12G3JHmyjIulMmuiBGOc06vT86qyuE7EspKCxT3xVICGxkMYoAU9suKBC3C95uO00c1mt5ETeTRV1WyhLXvFC9-HGIioeiF9riHgWvXXi4Ro1NKbTbX0tTyAe1cA85MeHT6owgiEgXwIeHu77xyOeEp22ofD_s8P-o655MI2B1SVJGmaPmbdSEXu-kRTTxQaV-qDPcKGSprdsl5QmDSdEIZP1leQ9i34I21aXrbIlmqxojdtJ59aU-THvi6Pk6Uv0HZtMBLIQYbRqfX_8AOxa8yx9Jk4r_B4b13dGokB4M5_HR_KR22cFW2a1r1Wr_PLWR4vYcTjvUdnVCaSdOTfgvSLQqhqj0KvVnqAJCZS-A2zeIZCXUdyeortxcDryYsOSsKHwjPl23JsQjmCnM_5VZndoJKQZvrsxK3XmlcsacNiFVenhwCoqPsAsf0OK4FzzZ-m9Nqe88qaONcE9UA6ig7VCwmU2KdhRtadW-UBvkxo6swMMuvWtJAfFh4qJ6mBOOk6kyGOz0HbI4h-TyLU2kyLDnjENhKZDkwBAZc_mx26aWqmkOpwSxPQOJZUEzvlxnaFULQNZJ4x1cR_1llVuIlR076R4IiLh7NWVo29s4__MRsNOMt-wQXGVvrLG-YQ8XERKzfrv1xFZjrxAFT05DX5HT8SRUIt8sXdBgynO2YRxmkhrl83bdiejJt3feFaercGbp9caa_3Xjgrx-IT0y78Lq4L-LDSdaZIAaBkoIp-l0P6o0ExXR2lLvAOTDg_RbyOwBYjApStUfdg9NowjAgxUzgvIs9U-D6MC26FOYh8O004TMRC15ajFuF7I78tIsl1q2G50YU37gSf3vwZq2omDfAi3Y7_tmyjEKdgdclC1j0YdvwE5SLPtwgOmJzVpCuPDevsqYjYRUYd5INrxO9OA5mIgPNKKDcqUIfF5_z0UT2GakkYeDsNDNXGi2ThNltrVCgn93WjW9VLArZGu_tkpbYyFqh_dRFyzeCXEWUwniemhjGfRUhqvszvm_rCXibMdk2P3ilNSXTVCG7Df7f17sMo_ThSebFQx9yHli-_2NSKXObqpZSwauDx6JmBbmdpN5uDlheDhqMOjTyWSdxFb8PgDA92nfqWPn3TAYNjAOc4r5u2d9nvogbf959ipPX-YHAEVHFmElcYg_AoztMP35PfrzcUZBvG5nzHFV4DNVCkR1gnTEYB3wrgwJCQBl7xvXc3UyInqOzj0Qi1LgX4sJemO-9ALE6n745wkJdTnTxtKbW9iLQGEd5AOp41xIVQD8UJZEEJikPUV--UndnGdeHhJR8Q7jGGpUm2pPVfTihOayLV9uCyULC2_DUSr8PsCg3uv3GyCgtwfGC_oCxZ6nfkDAybkAt6yTJZW3IExP-JNVis-aB1crCmtsTMj0ynfwPxFOa6dADvh83cTgp_pIuy0H1BSiNmO9Am9r1ANKsvd0NGSd3Ab-HkrpEQjfA7tqE52hlSAR3Wg4ku1F5fnDIgllPqTYVOS6GJ1zwm-k7BnsNSadpHYY9r1IFnC8rCjuR9FSpphyieYTR971Tdc2-_LPMZf6o8QdWP2vekUitiZkELH4iw2NhUkTqMxYeYFTa6OvJCSLQsE0ow8DVEIvWxBv6MBeNeK-3k7fukqmXfwi3DUcaTbVlMFMjL4RvtEB-PFECPY2QcjKhHGqnfGR3ebdPORlCJpIqKFKksf-LJDW4VgxGMNlqQRX8z_dH_2WUd8l4jfEXGbBISS9ke_bbMOT38bzs3aC4X3YNHv8tB-Sk8Qx2UtpLF6aH7zq2g0OFJiZky2JB92F9JtQE5S64xNwqVuvvJU2_86n4Bgw8M9ST9A1kFDGfLzGgY3pHA_Gx9tCnfjh_DifaAcWFEf2-vJyxr-2MkGW7AQs0eSxR17BZd1UDFmUfxg3PAqckMY4a45AVne1UNE-pA2PZ5LeicdyP4vzV8QmKGrvLYMx5crlm9JmcrO-878APVk3SB-84yViMiEz0wiejGicazxiQk2EgNTVp04yO3vRAMeHwM9_uQdSkyX2onA7pWe2okXYAYMcNZSREQwjTUJOTDXgscC4E__qzNRG0erweJF_7HIPRCy3pmsvRnkTs-c3k1OCNrEO6pto7Wz4OW61LiPJ1FPqDq9oZhqdjaFPEy3JxpsbWPOElM4_Si7UUm9hp9YrW9XqeNBQkiq8otfyUw7nhYCbDC366BcseuVW9np&cid=CAASEuRosqKbcLGqtkAYMGup01Lr4g&rfl=2%2Chttps%253A%252F%252Fobankofamerica.com%242%2Chttps%253A%252F%252Fd652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
599ad71fae7cb8d014f7c2d29b8450bc7c34f8e32d49fa103716becef8ae9964
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://83ac6b6e7e5aee9be4ea51bb505026ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 07:02:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
44
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9283
x-xss-protection
0
server
cafe
etag
1044373809082006429
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 Nov 2021 07:02:31 GMT
rum
dsum-sec.casalemedia.com/ Frame C9AA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECGb-Td3gfRcLV4KfQVrnkA&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECGb-Td3gfRcLV4KfQVrnkA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ4KTvAhjR9d-3ATAB&v=APEucNWX_5SxWfFZcIAx6figP7Rk75fwbWxugZ7Xw7hoAi14wNDZ_kttZi0MgDoEEYBdI89ASUL44huvwm5XkxS3JKtJHIhqqj3lOHNzXrI068v5BNYgRJo0co6pR_bDqVsrL9jkFkqUgaWE6lpM1jdePto1yYuT-2o9Owj_O5sH5xmEbwbp6io
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Oct 2021 07:03:15 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 18 Oct 2021 07:03:15 GMT

Redirect headers

pragma
no-cache
date
Mon, 18 Oct 2021 07:03:15 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECGb-Td3gfRcLV4KfQVrnkA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame C9AA
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YW0cM.D-3ic4adcHDntHQgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECGb-Td3gfRcLV4KfQVrnkA&google_cver=1&google_hm=2
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECGb-Td3gfRcLV4KfQVrnkA&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ4KTvAhjR9d-3ATAB&v=APEucNWX_5SxWfFZcIAx6figP7Rk75fwbWxugZ7Xw7hoAi14wNDZ_kttZi0MgDoEEYBdI89ASUL44huvwm5XkxS3JKtJHIhqqj3lOHNzXrI068v5BNYgRJo0co6pR_bDqVsrL9jkFkqUgaWE6lpM1jdePto1yYuT-2o9Owj_O5sH5xmEbwbp6io
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Oct 2021 07:03:15 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 18 Oct 2021 07:03:15 GMT

Redirect headers

pragma
no-cache
date
Mon, 18 Oct 2021 07:03:15 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECGb-Td3gfRcLV4KfQVrnkA&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame C9AA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEBNhjVzeY5dvFBxcAF1Vurk&google_cver=1
43 B
1004 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEBNhjVzeY5dvFBxcAF1Vurk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ4KTvAhjR9d-3ATAB&v=APEucNWX_5SxWfFZcIAx6figP7Rk75fwbWxugZ7Xw7hoAi14wNDZ_kttZi0MgDoEEYBdI89ASUL44huvwm5XkxS3JKtJHIhqqj3lOHNzXrI068v5BNYgRJo0co6pR_bDqVsrL9jkFkqUgaWE6lpM1jdePto1yYuT-2o9Owj_O5sH5xmEbwbp6io
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Oct 2021 07:03:15 GMT
X-Proxy-Origin
91.199.118.78; 91.199.118.78; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
d58d7a29-33dd-4901-a43a-e989241c16b2
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 18 Oct 2021 07:03:15 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEBNhjVzeY5dvFBxcAF1Vurk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C9AA
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzMwODUzOTAxNDUyODg5MDkzOA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzMwODUzOTAxNDUyODg5MDkzOA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMX_6gIQ4KTvAhjR9d-3ATAB&v=APEucNWX_5SxWfFZcIAx6figP7Rk75fwbWxugZ7Xw7hoAi14wNDZ_kttZi0MgDoEEYBdI89ASUL44huvwm5XkxS3JKtJHIhqqj3lOHNzXrI068v5BNYgRJo0co6pR_bDqVsrL9jkFkqUgaWE6lpM1jdePto1yYuT-2o9Owj_O5sH5xmEbwbp6io
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 07:03:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 18 Oct 2021 07:03:15 GMT
X-Proxy-Origin
91.199.118.78; 91.199.118.78; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
f110f525-039c-492a-8357-5d1d3e78aa36
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzMwODUzOTAxNDUyODg5MDkzOA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame D466 		624 B
340 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiH6eioATAB&v=APEucNUTtC1kC-6F-FVLPF_ct4jlbB1wd552BFLVeth1u2bfh3Sw2AYHNSZvPBl7JhVjPBvmc3MqKhs-nwlOqRHiglwpwNydJZrRV9DlnNa5R_9yNmUdxaZmFNgmYM2BKkn3o81GrA8E9hVJlU62kQRXCEenjnTjncP192GRI-8xLDWL7eH2Cds
Requested by
Host: obankofamerica.com
URL: https://obankofamerica.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CPvjgQEQ_aOOARiH6eioATAB&v=APEucNUTtC1kC-6F-FVLPF_ct4jlbB1wd552BFLVeth1u2bfh3Sw2AYHNSZvPBl7JhVjPBvmc3MqKhs-nwlOqRHiglwpwNydJZrRV9DlnNa5R_9yNmUdxaZmFNgmYM2BKkn3o81GrA8E9hVJlU62kQRXCEenjnTjncP192GRI-8xLDWL7eH2Cds
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://00b60a390aded31298f0237f320d50d6.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUmDoamMcuKkNE3MfS1rwJzFe2mOmjXAMfAGQ2f5RvdzEQvAh4sPdZAiKbHhgz0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://00b60a390aded31298f0237f320d50d6.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 18 Oct 2021 07:03:15 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 4E94 		77 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DePydXms6wuUweYC4v21GGqhsg671u2YbQdYELnOXAlYMrqq4n3MgIaZoF4c0fR9g3x_Wq-sQrmyQLnfprdceiz_UZJK6NRqYh8_e-zazL26jNejxi7hKHNOEO0M1ZKNBCBZm8IgFJE11SrYsu3UURn4tcnw&dbm_d=AKAmf-CCCNNPb43UVcWARtkwXYXIV-ZhsOoT_H9C-b981UNrpU_9ojd62BHsJqyZ3y6m7oxSHyub5QdYRZXDG93zKbH6o27XGSdhzBCWHoDv3BTTUGhXVvRiH0civ41gEr6heySP8l5NIbcyPmnJ-54ozDXzZX_9QPw5xZJFjZKWP-7jILvDlEz0HvqRVbH46UZ5Z0GLS-0Cob5nWw4XyIqg3Om_IW90S6K_ajOY_2Ogbn8NKkEeOHBa9qSSEbZQJydLGTIst8Ph3uAG2S5dnZ8HKRPZCWvhD-0MxTaquMAeSQS_WDn9Ma_boBB7koRKENwgbYQnfOt8rJWb9l0W3ZfzFOV28IQk_YXrTrlkdBitZOUtdCsCUK12YFpyypnnovgu-1h88kqnL7I6CmUyciBixbldR7qPbdVgkAdHqgM0Hg-htgAbTtjRMCM_AWiftMeKSaNndBc60kLFK8TIDXjMcvu3GgqRF5yyuTgcNcpX3VfzlyNd-fJxY3iNx-qsvO7QCI1LrNy7p7LAPpM0qbjUH9G2wL61AR9dp1YMJpPQjKH6EIWn3UIozYvYCceWSlD9fCJ_KfcH08Xo0PoXlBFsKHJQzDQmFJivReDNgAoeuYzHvYM2t7R9eYrdfwjsLxJOCWEnFIfsdP8sow5pK7dFwNxyK2uqpq21xU2-ErqqArwmgTP26p06anqinJlYSRR3AUBa2gA8F0-6K0yEhR6jCpukveeYPuhyGsjt8acIJ0QmomPzSj19oYUmK0O5n7mUzQX-_qDH7G_oK0VZ5v7XDx1PKFcdjVhrNJ2KsUQIS8f6rlWCNtevlFALdr4WJAbIAzmZMann-8t34zizTKGdIzA2uiAU2jW1wQWEbfglT9RyFSTQOBnITXI4c26BxK5pDZpy93x-CcoOJKOmHXCkG1-CxGLnICROgGLrFeUPDEKbhGXKSl3H12gfFSW69n00jf0LbjsDNYk5iWznoYgnWM0SV5R8drylDebJvglwk9iD96Kstxck8a72XpLsCegBeTC4YpEk3ZOn6XfCrNYy9OCI9TyWrU2fsF6UpuhFiEFiKhGYWoFOaVraR1Wd0iRiKhSE7nq2uhcJVNXxJOCVhSz37vB2Dk5L7YWxObN2BxkLuFwLvCW2OANPPFxWV34h18Ki62WHfOD4lf-TEgsdRMFocQXwFCDkWXMqaN49wYiEXlAOA90YHxGg2kixOrmu8NszLHHLMWDpr2OJfgbIzNlX1zomzL_jfb4stgB66xeO02ZK1aX4P8X37dSYJf4Gf9nDtrocCgBkUXj3Tv6X25GporCvZ-WPPOwHdJDxNuPmaBpMvdN3SITN76sfQM1Cf2Iz1dwjKqFILlBikgNH92zZPDh5kkgtR0Dj1pf14NCm5JBZuCE4Gi6DoGUHXyj_jrZ0_d_NCV7vYvwKsoWTozkbiM3uFkDxJCDMTs4BsG6Lm2T2EuIVCdO7ialmHoXOoMTLP3AHex0loA7EI3mrLfWpt5YswZG-yqoAVJs8X7xPIz2L4MtzQSBO2VpPOBwfZamNzJtxuuWFv7n7JVdezNNNzzsb-XQuQHQuMB7PufdarLtSpM5FtkESdV2f3cfLy1QBvtnfDdDjLhZYyA7NN8UTS8coBCuprfWNezQjNpCLapnaBL45-vm3gxb5J7kU18b_mUNZXDA6gbv-6PFv1zZSzZlpjGoH6VWyxy12PWIkolqkYEMEaVvMa6NAT9SM6xnt80xbLCopJP1b7o2OA9hflZ8OR43j6jTPAb8KnK3he5TgCjFO1dBOgvLBtdRVll1uXXmB0ycgj_UITD6jjtEgPA-ikDH1kisoO5ulHjsfV_7mf4cvybU8bf5BBEaUspK6RRddqXI6o0HcXvRnRoJbJjoqFg0sT3scta8Wf6bB-zEJEz72hNpSMxQr1eOdlA0pwR6uqRRvbJvytyQiqATjErl7sikh37fv2KVOtQwNRhqDuxbM7WA4TimVYibEcVFCNlTYDYPWN-CnsCgGZaLEjy2g2tMOIMjf18OsrRp-b992oBmWDmt6PQIoKrNlaOqWL1YYZaJMnwm5FoDnPsJWepAWbr1rUflWmhJQi_a6Bq1L6P9cH3olb-VVQzHX4OpfJqmFArdJ8OTK1t2Fl-J0AZIbtuUdb-yzNndqhDxVN-6YUy4aHS_0fD0kA7HDcteM3PYsTwmGChPzZb2LxZzKVFNUyGpGdpPbNzF1RY_N99on9XE7jZQnmRWGDgweN3iRMaUb8RnhGRac5_0oYdKO_6iIomBdgEAVdBJEbzD5rjKItSqS7P1kq3xpA3gRbC4O0zQm1ZAsqYIX_xx7nLOMK76M1GSLotC1lB0mdEWDGX4ltUiREYl2oX7CUoSHablVfKqpNGzrSW0WldwurXJpkq399IY3ltEjn6TXqxH6zwduc_UpJySsbossNki_VK2PXq23J5UMMOnGimVqvsLlwNKqgXhRhLbImnyeQiPTU4On_zDaH1rCy7EwddGDepVxaJ9M1mx7HiMMVzUnGxmA9Zxe9vxY_ZNnKojVnHbiYn6W2m0yUxh-kUpmaYC_ZXC3qyj40bVBLPT9HUK1eDQ7jO1FDp3AFVs8w3V-fJfbPgDqGcwa_vxoZezRFmm25GCXjao9ur4Ju_Fxmpxg5LlsVSvXP53wR_szDgz6CvK2bTfE8xFcO-2sCVIlcn7xyuoetuqfI2knKbQb6O9W1WLSvskZkXgtPubLErRgTPGwJzFXbOXRuDPVQvQI_2XdwVxiReuTKe4dc2bleavXnTPITHO8kwue0qecbyf8eiokuzAyqMJuh3HrKnj_kR_DfsC9SA3x6aB5iMCcNqmdyz6KkmB9wELMWcrOefGxAfRlNjs2wURxx5MGqxGuK_EqpQt8SXJj1BrRvIgJgG4OQjwsKiEcmSKDvqMHCaUpzWHH_IN-g9CmEWxEwkfw3M_XA5a0fwrX&cid=CAASEuRoXXpcQB_obfjJkpHmqxtlKg&rfl=3%2Chttps%253A%252F%252Fobankofamerica.com%242%2Chttps%253A%252F%252Fd652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com%252F%240
Requested by
Host: obankofamerica.com
URL: https://obankofamerica.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
806546a8c77e194561ce4b86c1799765ee57bde30100cdbc22595e5b5422dc6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://00b60a390aded31298f0237f320d50d6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 07:03:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29754
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/ Frame 4E94 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/window_focus_fy2019.js
Requested by
Host: obankofamerica.com
URL: https://obankofamerica.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://00b60a390aded31298f0237f320d50d6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 06:52:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
630
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 Nov 2021 06:52:45 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4E94 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: obankofamerica.com
URL: https://obankofamerica.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
41d9de265e720a301cbd9c525fa7089a677e0b099b422579a401516212b5add3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://00b60a390aded31298f0237f320d50d6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 07:03:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37919
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1634125446224599"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 18 Oct 2021 07:03:15 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/ Frame 4E94 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: obankofamerica.com
URL: https://obankofamerica.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://00b60a390aded31298f0237f320d50d6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 06:10:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3173
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6281
x-xss-protection
0
server
cafe
etag
18349783599053866072
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 Nov 2021 06:10:22 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4E94 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CAjY0EerxuYGHr7ew_Xn2Ani-WD0DV-9T1_wL-NTFf_5L5Jbbanxl83-AYwPUQd9do5K-Kq3bb1-0RiY6ulkeIl1X65Ft54GxNQ44gyCCg6XJmBOQ
Requested by
Host: obankofamerica.com
URL: https://obankofamerica.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://00b60a390aded31298f0237f320d50d6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 07:03:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 6C88 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 83ac6b6e7e5aee9be4ea51bb505026ec.safeframe.googlesyndication.com
URL: https://83ac6b6e7e5aee9be4ea51bb505026ec.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://83ac6b6e7e5aee9be4ea51bb505026ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 21:12:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35434
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Mon, 17 Oct 2022 21:12:41 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 1C7D 		1 KB
754 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 83ac6b6e7e5aee9be4ea51bb505026ec.safeframe.googlesyndication.com
URL: https://83ac6b6e7e5aee9be4ea51bb505026ec.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://83ac6b6e7e5aee9be4ea51bb505026ec.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://83ac6b6e7e5aee9be4ea51bb505026ec.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sun, 17 Oct 2021 21:06:15 GMT
expires
Mon, 18 Oct 2021 21:06:15 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
35820
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame F1B6 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://83ac6b6e7e5aee9be4ea51bb505026ec.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://83ac6b6e7e5aee9be4ea51bb505026ec.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Sun, 17 Oct 2021 21:12:41 GMT
expires
Mon, 17 Oct 2022 21:12:41 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
35434
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rum
dsum-sec.casalemedia.com/ Frame D466
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECGb-Td3gfRcLV4KfQVrnkA&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECGb-Td3gfRcLV4KfQVrnkA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiH6eioATAB&v=APEucNUTtC1kC-6F-FVLPF_ct4jlbB1wd552BFLVeth1u2bfh3Sw2AYHNSZvPBl7JhVjPBvmc3MqKhs-nwlOqRHiglwpwNydJZrRV9DlnNa5R_9yNmUdxaZmFNgmYM2BKkn3o81GrA8E9hVJlU62kQRXCEenjnTjncP192GRI-8xLDWL7eH2Cds
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Oct 2021 07:03:15 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 18 Oct 2021 07:03:15 GMT

Redirect headers

pragma
no-cache
date
Mon, 18 Oct 2021 07:03:15 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECGb-Td3gfRcLV4KfQVrnkA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame D466
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YW0cM.D-3ic4adcHDntHQgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECGb-Td3gfRcLV4KfQVrnkA&google_cver=1&google_hm=2
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECGb-Td3gfRcLV4KfQVrnkA&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiH6eioATAB&v=APEucNUTtC1kC-6F-FVLPF_ct4jlbB1wd552BFLVeth1u2bfh3Sw2AYHNSZvPBl7JhVjPBvmc3MqKhs-nwlOqRHiglwpwNydJZrRV9DlnNa5R_9yNmUdxaZmFNgmYM2BKkn3o81GrA8E9hVJlU62kQRXCEenjnTjncP192GRI-8xLDWL7eH2Cds
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Oct 2021 07:03:15 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 18 Oct 2021 07:03:15 GMT

Redirect headers

pragma
no-cache
date
Mon, 18 Oct 2021 07:03:15 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECGb-Td3gfRcLV4KfQVrnkA&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame D466
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEBNhjVzeY5dvFBxcAF1Vurk&google_cver=1
43 B
1004 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEBNhjVzeY5dvFBxcAF1Vurk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiH6eioATAB&v=APEucNUTtC1kC-6F-FVLPF_ct4jlbB1wd552BFLVeth1u2bfh3Sw2AYHNSZvPBl7JhVjPBvmc3MqKhs-nwlOqRHiglwpwNydJZrRV9DlnNa5R_9yNmUdxaZmFNgmYM2BKkn3o81GrA8E9hVJlU62kQRXCEenjnTjncP192GRI-8xLDWL7eH2Cds
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.11 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
733.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Oct 2021 07:03:15 GMT
X-Proxy-Origin
91.199.118.78; 91.199.118.78; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
26f9183c-cf0b-4f51-8dcd-af61c859bee9
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 18 Oct 2021 07:03:15 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEBNhjVzeY5dvFBxcAF1Vurk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D466
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY5NDA2MjA0NTk5NjMwNDM2OQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY5NDA2MjA0NTk5NjMwNDM2OQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiH6eioATAB&v=APEucNUTtC1kC-6F-FVLPF_ct4jlbB1wd552BFLVeth1u2bfh3Sw2AYHNSZvPBl7JhVjPBvmc3MqKhs-nwlOqRHiglwpwNydJZrRV9DlnNa5R_9yNmUdxaZmFNgmYM2BKkn3o81GrA8E9hVJlU62kQRXCEenjnTjncP192GRI-8xLDWL7eH2Cds
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 07:03:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 18 Oct 2021 07:03:15 GMT
X-Proxy-Origin
91.199.118.78; 91.199.118.78; 733.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
a8bc1892-8843-4ab2-afba-ff4557363dbb
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTY5NDA2MjA0NTk5NjMwNDM2OQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 1C7D
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESECWDX20Wn2p3H7PQ1loEeDU&google_cver=1&google_push=AYg5qPKoBtA-7L8ImcptGL3GgtYD0vFX_phfImBf2u8_mHBYcZAcb_aGIFG_V33xy1och38jVhsy1WJxEg0cga-m9JJOK8SIcD4n
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzE3NTY4NDUzMzkxMjA5MjYxMQ==
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESECWDX20Wn2p3H7PQ1loEeDU&google_cver=1
43 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESECWDX20Wn2p3H7PQ1loEeDU&google_cver=1
Requested by
Host: 83ac6b6e7e5aee9be4ea51bb505026ec.safeframe.googlesyndication.com
URL: https://83ac6b6e7e5aee9be4ea51bb505026ec.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 07:03:15 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Mon, 18 Oct 2021 07:03:15 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESECWDX20Wn2p3H7PQ1loEeDU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1C7D
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEHX30t2RI6g2uwnKlURIZHg&google_cver=1&google_push=AYg5qPLwIwYZFufCbCjdU4rnWzPxYlkb3w6AAk0qZ1ibwMGs1wrT8ChC4ztecSJ78Ar31gqLU__JvvH5l9Ic_atR...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPLwIwYZFufCbCjdU4rnWzPxYlkb3w6AAk0qZ1ibwMGs1wrT8ChC4ztecSJ78Ar31gqLU__JvvH5l9Ic_atRYFFIbEVEEaG-
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPLwIwYZFufCbCjdU4rnWzPxYlkb3w6AAk0qZ1ibwMGs1wrT8ChC4ztecSJ78Ar31gqLU__JvvH5l9Ic_atRYFFIbEVEEaG-
Requested by
Host: 83ac6b6e7e5aee9be4ea51bb505026ec.safeframe.googlesyndication.com
URL: https://83ac6b6e7e5aee9be4ea51bb505026ec.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 07:03:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 18 Oct 2021 07:03:15 GMT
Server
MT3 3984 0e3af3b master cdg-pixel-x16 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPLwIwYZFufCbCjdU4rnWzPxYlkb3w6AAk0qZ1ibwMGs1wrT8ChC4ztecSJ78Ar31gqLU__JvvH5l9Ic_atRYFFIbEVEEaG-
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 18 Oct 2021 07:03:14 GMT
google
match.adsrvr.org/track/cmf/ Frame 1C7D 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEHKG7gXbnD_ZhADGX9ZuRTI&google_cver=1&google_push=AYg5qPKbDmsO_L1C4t4Ts5ZW9bhJx4TrbVdzGHCGLbVEzinlF7o9zrGOppb9WrdYl46o17u2qtdSHdqQhePZCI7KOvibCBOtsXFC
Requested by
Host: 83ac6b6e7e5aee9be4ea51bb505026ec.safeframe.googlesyndication.com
URL: https://83ac6b6e7e5aee9be4ea51bb505026ec.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 07:03:15 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dot.gif
s0.2mdn.net/ Frame 1C7D 		43 B
598 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEI9VpoxrP16yXdyUphyZcxs&google_cver=1&google_push=AYg5qPKgutJ3ISUu1e3XBEqu3NMG_pYOLUrGvoa7s4tC2eUJG1Xiul_PnR55nOedlgwHNzji7wXV4BpbuwwQT0AoW9GfcsoxRn_R
Requested by
Host: 83ac6b6e7e5aee9be4ea51bb505026ec.safeframe.googlesyndication.com
URL: https://83ac6b6e7e5aee9be4ea51bb505026ec.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 07:03:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 19 Oct 2021 07:03:15 GMT
pixel
cm.g.doubleclick.net/ Frame 1C7D
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEG2IGIG1qSZDAIGJrDjG40Q&google_cver=1&google_push=AYg5qPJisXS1Kr683yBN7KaIaiVSEz2VbjhqCcdfTfp_cZJY2yRZnM9aiQ5FLXkzdiaLoI1BrGX...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VXQjlORzgtMVUtR08xWg==&google_push=AYg5qPJisXS1Kr683yBN7KaIaiVSEz2VbjhqCcdfTfp_cZJY2yRZnM9aiQ5FLXkzdiaLoI1BrGXBolA0e4bWhacf3A4sVGKDIA8e
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VXQjlORzgtMVUtR08xWg==&google_push=AYg5qPJisXS1Kr683yBN7KaIaiVSEz2VbjhqCcdfTfp_cZJY2yRZnM9aiQ5FLXkzdiaLoI1BrGXBolA0e4bWhacf3A4sVGKDIA8e
Requested by
Host: 83ac6b6e7e5aee9be4ea51bb505026ec.safeframe.googlesyndication.com
URL: https://83ac6b6e7e5aee9be4ea51bb505026ec.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 07:03:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VXQjlORzgtMVUtR08xWg==&google_push=AYg5qPJisXS1Kr683yBN7KaIaiVSEz2VbjhqCcdfTfp_cZJY2yRZnM9aiQ5FLXkzdiaLoI1BrGXBolA0e4bWhacf3A4sVGKDIA8e
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Expires
0
pixel
cm.g.doubleclick.net/ Frame 1C7D
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEH...
  • https://sync.targeting.unrulymedia.com/csync/RX-7439088e-8f87-4a32-896d-07dbfbabcac6-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPLgF6Vr39srAz4PkJh5d...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPLgF6Vr39srAz4PkJh5dzMNYbl2gQ2nQHEwkufqAmTE9wvW_z-ZTM-EhIy0N3BxSKb2MNNfe843qs0LNz-lI55WdmseuZU&google_hm=A3Q5CI6Ph0oyiW0H2_urysY
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPLgF6Vr39srAz4PkJh5dzMNYbl2gQ2nQHEwkufqAmTE9wvW_z-ZTM-EhIy0N3BxSKb2MNNfe843qs0LNz-lI55WdmseuZU&google_hm=A3Q5CI6Ph0oyiW0H2_urysY
Requested by
Host: 83ac6b6e7e5aee9be4ea51bb505026ec.safeframe.googlesyndication.com
URL: https://83ac6b6e7e5aee9be4ea51bb505026ec.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 07:03:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPLgF6Vr39srAz4PkJh5dzMNYbl2gQ2nQHEwkufqAmTE9wvW_z-ZTM-EhIy0N3BxSKb2MNNfe843qs0LNz-lI55WdmseuZU&google_hm=A3Q5CI6Ph0oyiW0H2_urysY
date
Mon, 18 Oct 2021 07:03:15 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX7439088e8f874a32896d07dbfbabcac6003
content-type
text/html
dot.gif
s0.2mdn.net/ Frame 1C7D 		43 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEKC_keD1ArllsmEwe3tMVMQ&google_cver=1&google_push=AYg5qPL9vfYeph4XQuGEco3Wld6KcfPdpE-gLpFQdlapFQjikkmLtHIIgEfVLLFqO4l-Cs2C51hdT8YkYol9lfAToAcL8ZWZcVE3rA
Requested by
Host: 83ac6b6e7e5aee9be4ea51bb505026ec.safeframe.googlesyndication.com
URL: https://83ac6b6e7e5aee9be4ea51bb505026ec.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 07:03:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 19 Oct 2021 07:03:15 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 1C7D 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LdDEdpv0GkSKoV-OMWIUNKn-Tr3_3gwMHVf3-mLOEjkS1KiYj6U64PJjOPAhAF93MSzBoTMA
Requested by
Host: 83ac6b6e7e5aee9be4ea51bb505026ec.safeframe.googlesyndication.com
URL: https://83ac6b6e7e5aee9be4ea51bb505026ec.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 07:03:15 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
html_inpage_rendering_lib_200_273.js
s0.2mdn.net/879366/ Frame 4E94 		169 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_273.js
Requested by
Host: obankofamerica.com
URL: https://obankofamerica.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2cff7ab03cb4e476b49ea05511c6cfcc71af6d5ed20d40e9b40ee31062149e77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://00b60a390aded31298f0237f320d50d6.safeframe.googlesyndication.com/
Origin
https://00b60a390aded31298f0237f320d50d6.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 07:15:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85694
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
59842
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 20:54:49 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 18 Oct 2021 07:15:01 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20211013/r20110914/elements/html/ Frame 4E94 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211013/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DePydXms6wuUweYC4v21GGqhsg671u2YbQdYELnOXAlYMrqq4n3MgIaZoF4c0fR9g3x_Wq-sQrmyQLnfprdceiz_UZJK6NRqYh8_e-zazL26jNejxi7hKHNOEO0M1ZKNBCBZm8IgFJE11SrYsu3UURn4tcnw&dbm_d=AKAmf-CCCNNPb43UVcWARtkwXYXIV-ZhsOoT_H9C-b981UNrpU_9ojd62BHsJqyZ3y6m7oxSHyub5QdYRZXDG93zKbH6o27XGSdhzBCWHoDv3BTTUGhXVvRiH0civ41gEr6heySP8l5NIbcyPmnJ-54ozDXzZX_9QPw5xZJFjZKWP-7jILvDlEz0HvqRVbH46UZ5Z0GLS-0Cob5nWw4XyIqg3Om_IW90S6K_ajOY_2Ogbn8NKkEeOHBa9qSSEbZQJydLGTIst8Ph3uAG2S5dnZ8HKRPZCWvhD-0MxTaquMAeSQS_WDn9Ma_boBB7koRKENwgbYQnfOt8rJWb9l0W3ZfzFOV28IQk_YXrTrlkdBitZOUtdCsCUK12YFpyypnnovgu-1h88kqnL7I6CmUyciBixbldR7qPbdVgkAdHqgM0Hg-htgAbTtjRMCM_AWiftMeKSaNndBc60kLFK8TIDXjMcvu3GgqRF5yyuTgcNcpX3VfzlyNd-fJxY3iNx-qsvO7QCI1LrNy7p7LAPpM0qbjUH9G2wL61AR9dp1YMJpPQjKH6EIWn3UIozYvYCceWSlD9fCJ_KfcH08Xo0PoXlBFsKHJQzDQmFJivReDNgAoeuYzHvYM2t7R9eYrdfwjsLxJOCWEnFIfsdP8sow5pK7dFwNxyK2uqpq21xU2-ErqqArwmgTP26p06anqinJlYSRR3AUBa2gA8F0-6K0yEhR6jCpukveeYPuhyGsjt8acIJ0QmomPzSj19oYUmK0O5n7mUzQX-_qDH7G_oK0VZ5v7XDx1PKFcdjVhrNJ2KsUQIS8f6rlWCNtevlFALdr4WJAbIAzmZMann-8t34zizTKGdIzA2uiAU2jW1wQWEbfglT9RyFSTQOBnITXI4c26BxK5pDZpy93x-CcoOJKOmHXCkG1-CxGLnICROgGLrFeUPDEKbhGXKSl3H12gfFSW69n00jf0LbjsDNYk5iWznoYgnWM0SV5R8drylDebJvglwk9iD96Kstxck8a72XpLsCegBeTC4YpEk3ZOn6XfCrNYy9OCI9TyWrU2fsF6UpuhFiEFiKhGYWoFOaVraR1Wd0iRiKhSE7nq2uhcJVNXxJOCVhSz37vB2Dk5L7YWxObN2BxkLuFwLvCW2OANPPFxWV34h18Ki62WHfOD4lf-TEgsdRMFocQXwFCDkWXMqaN49wYiEXlAOA90YHxGg2kixOrmu8NszLHHLMWDpr2OJfgbIzNlX1zomzL_jfb4stgB66xeO02ZK1aX4P8X37dSYJf4Gf9nDtrocCgBkUXj3Tv6X25GporCvZ-WPPOwHdJDxNuPmaBpMvdN3SITN76sfQM1Cf2Iz1dwjKqFILlBikgNH92zZPDh5kkgtR0Dj1pf14NCm5JBZuCE4Gi6DoGUHXyj_jrZ0_d_NCV7vYvwKsoWTozkbiM3uFkDxJCDMTs4BsG6Lm2T2EuIVCdO7ialmHoXOoMTLP3AHex0loA7EI3mrLfWpt5YswZG-yqoAVJs8X7xPIz2L4MtzQSBO2VpPOBwfZamNzJtxuuWFv7n7JVdezNNNzzsb-XQuQHQuMB7PufdarLtSpM5FtkESdV2f3cfLy1QBvtnfDdDjLhZYyA7NN8UTS8coBCuprfWNezQjNpCLapnaBL45-vm3gxb5J7kU18b_mUNZXDA6gbv-6PFv1zZSzZlpjGoH6VWyxy12PWIkolqkYEMEaVvMa6NAT9SM6xnt80xbLCopJP1b7o2OA9hflZ8OR43j6jTPAb8KnK3he5TgCjFO1dBOgvLBtdRVll1uXXmB0ycgj_UITD6jjtEgPA-ikDH1kisoO5ulHjsfV_7mf4cvybU8bf5BBEaUspK6RRddqXI6o0HcXvRnRoJbJjoqFg0sT3scta8Wf6bB-zEJEz72hNpSMxQr1eOdlA0pwR6uqRRvbJvytyQiqATjErl7sikh37fv2KVOtQwNRhqDuxbM7WA4TimVYibEcVFCNlTYDYPWN-CnsCgGZaLEjy2g2tMOIMjf18OsrRp-b992oBmWDmt6PQIoKrNlaOqWL1YYZaJMnwm5FoDnPsJWepAWbr1rUflWmhJQi_a6Bq1L6P9cH3olb-VVQzHX4OpfJqmFArdJ8OTK1t2Fl-J0AZIbtuUdb-yzNndqhDxVN-6YUy4aHS_0fD0kA7HDcteM3PYsTwmGChPzZb2LxZzKVFNUyGpGdpPbNzF1RY_N99on9XE7jZQnmRWGDgweN3iRMaUb8RnhGRac5_0oYdKO_6iIomBdgEAVdBJEbzD5rjKItSqS7P1kq3xpA3gRbC4O0zQm1ZAsqYIX_xx7nLOMK76M1GSLotC1lB0mdEWDGX4ltUiREYl2oX7CUoSHablVfKqpNGzrSW0WldwurXJpkq399IY3ltEjn6TXqxH6zwduc_UpJySsbossNki_VK2PXq23J5UMMOnGimVqvsLlwNKqgXhRhLbImnyeQiPTU4On_zDaH1rCy7EwddGDepVxaJ9M1mx7HiMMVzUnGxmA9Zxe9vxY_ZNnKojVnHbiYn6W2m0yUxh-kUpmaYC_ZXC3qyj40bVBLPT9HUK1eDQ7jO1FDp3AFVs8w3V-fJfbPgDqGcwa_vxoZezRFmm25GCXjao9ur4Ju_Fxmpxg5LlsVSvXP53wR_szDgz6CvK2bTfE8xFcO-2sCVIlcn7xyuoetuqfI2knKbQb6O9W1WLSvskZkXgtPubLErRgTPGwJzFXbOXRuDPVQvQI_2XdwVxiReuTKe4dc2bleavXnTPITHO8kwue0qecbyf8eiokuzAyqMJuh3HrKnj_kR_DfsC9SA3x6aB5iMCcNqmdyz6KkmB9wELMWcrOefGxAfRlNjs2wURxx5MGqxGuK_EqpQt8SXJj1BrRvIgJgG4OQjwsKiEcmSKDvqMHCaUpzWHH_IN-g9CmEWxEwkfw3M_XA5a0fwrX&cid=CAASEuRoXXpcQB_obfjJkpHmqxtlKg&rfl=3%2Chttps%253A%252F%252Fobankofamerica.com%242%2Chttps%253A%252F%252Fd652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
67cf5c21bfc71ee46210832792237e4a6ccd99e5c7bc198b046a38c9167fd0ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://00b60a390aded31298f0237f320d50d6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 06:52:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
650
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3128
x-xss-protection
0
server
cafe
etag
3658073882064373855
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 Nov 2021 06:52:25 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20211013/r20110914/ Frame 4E94 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211013/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DePydXms6wuUweYC4v21GGqhsg671u2YbQdYELnOXAlYMrqq4n3MgIaZoF4c0fR9g3x_Wq-sQrmyQLnfprdceiz_UZJK6NRqYh8_e-zazL26jNejxi7hKHNOEO0M1ZKNBCBZm8IgFJE11SrYsu3UURn4tcnw&dbm_d=AKAmf-CCCNNPb43UVcWARtkwXYXIV-ZhsOoT_H9C-b981UNrpU_9ojd62BHsJqyZ3y6m7oxSHyub5QdYRZXDG93zKbH6o27XGSdhzBCWHoDv3BTTUGhXVvRiH0civ41gEr6heySP8l5NIbcyPmnJ-54ozDXzZX_9QPw5xZJFjZKWP-7jILvDlEz0HvqRVbH46UZ5Z0GLS-0Cob5nWw4XyIqg3Om_IW90S6K_ajOY_2Ogbn8NKkEeOHBa9qSSEbZQJydLGTIst8Ph3uAG2S5dnZ8HKRPZCWvhD-0MxTaquMAeSQS_WDn9Ma_boBB7koRKENwgbYQnfOt8rJWb9l0W3ZfzFOV28IQk_YXrTrlkdBitZOUtdCsCUK12YFpyypnnovgu-1h88kqnL7I6CmUyciBixbldR7qPbdVgkAdHqgM0Hg-htgAbTtjRMCM_AWiftMeKSaNndBc60kLFK8TIDXjMcvu3GgqRF5yyuTgcNcpX3VfzlyNd-fJxY3iNx-qsvO7QCI1LrNy7p7LAPpM0qbjUH9G2wL61AR9dp1YMJpPQjKH6EIWn3UIozYvYCceWSlD9fCJ_KfcH08Xo0PoXlBFsKHJQzDQmFJivReDNgAoeuYzHvYM2t7R9eYrdfwjsLxJOCWEnFIfsdP8sow5pK7dFwNxyK2uqpq21xU2-ErqqArwmgTP26p06anqinJlYSRR3AUBa2gA8F0-6K0yEhR6jCpukveeYPuhyGsjt8acIJ0QmomPzSj19oYUmK0O5n7mUzQX-_qDH7G_oK0VZ5v7XDx1PKFcdjVhrNJ2KsUQIS8f6rlWCNtevlFALdr4WJAbIAzmZMann-8t34zizTKGdIzA2uiAU2jW1wQWEbfglT9RyFSTQOBnITXI4c26BxK5pDZpy93x-CcoOJKOmHXCkG1-CxGLnICROgGLrFeUPDEKbhGXKSl3H12gfFSW69n00jf0LbjsDNYk5iWznoYgnWM0SV5R8drylDebJvglwk9iD96Kstxck8a72XpLsCegBeTC4YpEk3ZOn6XfCrNYy9OCI9TyWrU2fsF6UpuhFiEFiKhGYWoFOaVraR1Wd0iRiKhSE7nq2uhcJVNXxJOCVhSz37vB2Dk5L7YWxObN2BxkLuFwLvCW2OANPPFxWV34h18Ki62WHfOD4lf-TEgsdRMFocQXwFCDkWXMqaN49wYiEXlAOA90YHxGg2kixOrmu8NszLHHLMWDpr2OJfgbIzNlX1zomzL_jfb4stgB66xeO02ZK1aX4P8X37dSYJf4Gf9nDtrocCgBkUXj3Tv6X25GporCvZ-WPPOwHdJDxNuPmaBpMvdN3SITN76sfQM1Cf2Iz1dwjKqFILlBikgNH92zZPDh5kkgtR0Dj1pf14NCm5JBZuCE4Gi6DoGUHXyj_jrZ0_d_NCV7vYvwKsoWTozkbiM3uFkDxJCDMTs4BsG6Lm2T2EuIVCdO7ialmHoXOoMTLP3AHex0loA7EI3mrLfWpt5YswZG-yqoAVJs8X7xPIz2L4MtzQSBO2VpPOBwfZamNzJtxuuWFv7n7JVdezNNNzzsb-XQuQHQuMB7PufdarLtSpM5FtkESdV2f3cfLy1QBvtnfDdDjLhZYyA7NN8UTS8coBCuprfWNezQjNpCLapnaBL45-vm3gxb5J7kU18b_mUNZXDA6gbv-6PFv1zZSzZlpjGoH6VWyxy12PWIkolqkYEMEaVvMa6NAT9SM6xnt80xbLCopJP1b7o2OA9hflZ8OR43j6jTPAb8KnK3he5TgCjFO1dBOgvLBtdRVll1uXXmB0ycgj_UITD6jjtEgPA-ikDH1kisoO5ulHjsfV_7mf4cvybU8bf5BBEaUspK6RRddqXI6o0HcXvRnRoJbJjoqFg0sT3scta8Wf6bB-zEJEz72hNpSMxQr1eOdlA0pwR6uqRRvbJvytyQiqATjErl7sikh37fv2KVOtQwNRhqDuxbM7WA4TimVYibEcVFCNlTYDYPWN-CnsCgGZaLEjy2g2tMOIMjf18OsrRp-b992oBmWDmt6PQIoKrNlaOqWL1YYZaJMnwm5FoDnPsJWepAWbr1rUflWmhJQi_a6Bq1L6P9cH3olb-VVQzHX4OpfJqmFArdJ8OTK1t2Fl-J0AZIbtuUdb-yzNndqhDxVN-6YUy4aHS_0fD0kA7HDcteM3PYsTwmGChPzZb2LxZzKVFNUyGpGdpPbNzF1RY_N99on9XE7jZQnmRWGDgweN3iRMaUb8RnhGRac5_0oYdKO_6iIomBdgEAVdBJEbzD5rjKItSqS7P1kq3xpA3gRbC4O0zQm1ZAsqYIX_xx7nLOMK76M1GSLotC1lB0mdEWDGX4ltUiREYl2oX7CUoSHablVfKqpNGzrSW0WldwurXJpkq399IY3ltEjn6TXqxH6zwduc_UpJySsbossNki_VK2PXq23J5UMMOnGimVqvsLlwNKqgXhRhLbImnyeQiPTU4On_zDaH1rCy7EwddGDepVxaJ9M1mx7HiMMVzUnGxmA9Zxe9vxY_ZNnKojVnHbiYn6W2m0yUxh-kUpmaYC_ZXC3qyj40bVBLPT9HUK1eDQ7jO1FDp3AFVs8w3V-fJfbPgDqGcwa_vxoZezRFmm25GCXjao9ur4Ju_Fxmpxg5LlsVSvXP53wR_szDgz6CvK2bTfE8xFcO-2sCVIlcn7xyuoetuqfI2knKbQb6O9W1WLSvskZkXgtPubLErRgTPGwJzFXbOXRuDPVQvQI_2XdwVxiReuTKe4dc2bleavXnTPITHO8kwue0qecbyf8eiokuzAyqMJuh3HrKnj_kR_DfsC9SA3x6aB5iMCcNqmdyz6KkmB9wELMWcrOefGxAfRlNjs2wURxx5MGqxGuK_EqpQt8SXJj1BrRvIgJgG4OQjwsKiEcmSKDvqMHCaUpzWHH_IN-g9CmEWxEwkfw3M_XA5a0fwrX&cid=CAASEuRoXXpcQB_obfjJkpHmqxtlKg&rfl=3%2Chttps%253A%252F%252Fobankofamerica.com%242%2Chttps%253A%252F%252Fd652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
599ad71fae7cb8d014f7c2d29b8450bc7c34f8e32d49fa103716becef8ae9964
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://00b60a390aded31298f0237f320d50d6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 07:02:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
44
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9283
x-xss-protection
0
server
cafe
etag
1044373809082006429
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 Nov 2021 07:02:31 GMT
QjHKgOpm15qTJXWLxUnNMS8wTt6682k-qtw68OFTrDs.js
pagead2.googlesyndication.com/bg/ Frame F1B6 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QjHKgOpm15qTJXWLxUnNMS8wTt6682k-qtw68OFTrDs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
4231ca80ea66d79a9325758bc549cd312f304edebaf3693eaadc3af0e153ac3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 08:40:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
80549
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13301
x-xss-protection
0
last-modified
Mon, 11 Oct 2021 11:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Mon, 17 Oct 2022 08:40:46 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 4E94 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 00b60a390aded31298f0237f320d50d6.safeframe.googlesyndication.com
URL: https://00b60a390aded31298f0237f320d50d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://00b60a390aded31298f0237f320d50d6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 21:12:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35434
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Mon, 17 Oct 2022 21:12:41 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 6730 		1 KB
754 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 00b60a390aded31298f0237f320d50d6.safeframe.googlesyndication.com
URL: https://00b60a390aded31298f0237f320d50d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://00b60a390aded31298f0237f320d50d6.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://00b60a390aded31298f0237f320d50d6.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sun, 17 Oct 2021 21:06:15 GMT
expires
Mon, 18 Oct 2021 21:06:15 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
35820
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
index.html
s0.2mdn.net/9951322/1634210246367/ Frame FB9F 		580 KB
48 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/9951322/1634210246367/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6237a85adb2ca0fefe8ced210c8c108658c45a1468d826cf0c35b5222a9d7d3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/9951322/1634210246367/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://83ac6b6e7e5aee9be4ea51bb505026ec.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://83ac6b6e7e5aee9be4ea51bb505026ec.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length
48778
date
Sun, 17 Oct 2021 10:01:45 GMT
expires
Mon, 18 Oct 2021 10:01:45 GMT
last-modified
Thu, 14 Oct 2021 11:17:26 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
age
75691
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 6C88 		0
61 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvJmasG5xmV39qbE6tI9OqIxyTDH7Ug-NPGiq5070aRoU7DHg1PZcB5RNFkc_aMSvkqTF3iqZn3axmcSm20H2qxr8Kzwtml-LDU-IIfR9jYLiR3YqcJSIeOHDZHGLpOPdqGUXI3BYJxAPXISBDqL6zcYufsh2s86vHAqk1yNTHV4kAvdty21wcerPhxprFLI1UTO3EtPmUxBxGImQPwPsKjXNmVoRk1LI8VKjd4RfiKvZOuNDWuSnaHvd6J0JpLcxXEwt-jozlx8s3TLfvMO43ILHLnlUpqWdOfBH18tSP8eSRT6H7qaDEmA5y65mwCFTEM1GlFbIKsC098z5-FrAD77rcz6wwtkLD0PjXo4yVczYksCSDpIkVMFSTwfnMPeIL7FVjk9-YCyuxwhauYkhT7Nv61i3nSRfAcNqQ9pUO6zgypRVFCLgEBdKcmVEk3tqrtGEvgM29__G-_kX5lwWt7pnbRwMJo_vN_LhnhN98ipsAvlZ9LenDeNMuc1i9u2eg5ec8vDbYb-SVTG6vvhzPUVKvOqGUg1PRcEWercry-HPI9N19At-w3JigoOt83V4ZsZb7BTCAbZpG_kMeZr-imlCb8JRZ9N7kX5TcXJA9ttnf2G5CGeI9Lh-GrNbh1BVwjOq7Qb_ufmEefMGlEixwDA-JEwjvApco6tt5hnZ0gNtL7VAkYlRuA1fE52YavHnZAwzV3FeFQdbpi9AWZIP4089bbFAP2xB42HY90CTCJLuvgMhyvnqcB2TbdiGzshKpdMGKoqn1xFANqkbtFmEUw2L0KBQ0mUSivdgAbqVBoi7Rvxqb0iF_eKdRBaSxgKCmu55_rtoreVapwVB-W6tebUUUB3colXxNyhk7Js4k0ldNG7REkVFmaPY-ef4ry3Z25yZRkAytJhjIuoNuINlDB9nqytt4lSjvTnOE01sv033NAbaP4TsrP-WelakWEJf9HJrIQQf9e4dntKgRzyLQHjrGkpBm67d_YFvJotsZd8-CjocOM4bSkj2wEFmqbvOIAhCg9_HUY-RtsRlrddMuGGXos4b0gaHBllePfkhVUm9OS5py7iwlEqQ4yN6hpiR-Lh0IpTdDfI3XYauNvLOAav-kYnY60IyUbrNlH2-vW_08Ej--AL0CxrFmg6Fn03CQA3v9eZddoP8mofGrS2pxWZbbJg7eL44UjL1XS7TwPmL9s7ZNupDnMq7LZCl45PLknXB17IY91V3Bi1RN4vAnKY45GxSygYEFvFDTy&sai=AMfl-YQfx_qb79Msoox9vKjYgMPblqxIMyUmGRZ5Hi2NS05sNdrutPjlyfcN7sdwXfwn1BJb3Q2ihMIjhrF-IiDFS54_Vh_882x9YMsEZrDQIqkvrjl4N7y7gDjtZZ6MP_Y3kEULtkT6cz_pP15p8lmqaDGua5RsiA&sig=Cg0ArKJSzBfr8H65xjUtEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=195&cbvp=1&cstd=192&cisv=r20211013.75818&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: obankofamerica.com
URL: https://obankofamerica.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://83ac6b6e7e5aee9be4ea51bb505026ec.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Mon, 18 Oct 2021 07:03:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
728x090.html
s0.2mdn.net/ads/richmedia/studio/pv2/61697663/20210921064113908/ Frame 6893 		47 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61697663/20210921064113908/728x090.html?e=69&leftOffset=0&topOffset=0&c=NDwX5MUOSF&t=1&renderingType=2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_273.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8d15b5eaa48b5607e6f0f63bf0ecbd361309c0a314a74872812f695d784378
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/ads/richmedia/studio/pv2/61697663/20210921064113908/728x090.html?e=69&leftOffset=0&topOffset=0&c=NDwX5MUOSF&t=1&renderingType=2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://00b60a390aded31298f0237f320d50d6.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://00b60a390aded31298f0237f320d50d6.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin
*
content-length
10981
date
Mon, 18 Oct 2021 07:03:16 GMT
expires
Tue, 19 Oct 2021 07:03:16 GMT
cache-control
public, max-age=86400
last-modified
Tue, 21 Sep 2021 13:41:14 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 4E94 		0
592 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsutIaCtKrCUz9IvQEVtg2ezw7cYaEs-bboYxXH9BC0vHWEifC39tZq8PFFfvJkgUho6ayBp_nIeprwuUrteFKvPJSe5u77PKa0cdCxte_4P8_w3noZyjJvcI-32Dq2VlKoYctL__URLyXyfbTi6GLOMr55r2h1f3uFHGcQMDmruNCFQUo7TCoUWXIthuVeqkfXUPzOT7i0hZ3sh-itRQ66VsN1EGAG2TX189ppGLJJ1JvEqXEIQdMLDeh-80TjLTouldg3pReaYqk0dlB0riixOe7JeWsMUwwbjCq4aRsSrWMdWmglWbmd-_X2wwmu2uHSQmXUtnHv09sQgE0proGar7A1Bi1qHskbphWpGCBwQQbz0Bz5UcOVCP2_ojD4vu4lJjRcaTTO5gTKA5spLIz2wcK8YDZRIvP7sqxSBma_OcRTC8expcpFiKV9sSR4YvDR-YqTT06TJq6QyHLaLbh1iqxeQiUwp7q6neJBViL-9m9l17xzixM60rGYZznKpm3mpUddAQtG7qkFsFWTOHH7qSAzf4kKttjukIPQR3YcZgcYwnz4kIN0puc2b3JM4vmMSQdeUTBMdEhstCshxZkq6zU4OIZriMPoxWptI-_MuxPFtUqr1u0qV4SlPaDDqSv7gSiquZY5Aeh6vDB6UZ-yIOl7lDIRtFbZ2Bje-CZoljHe0ezDhqIUKu_qep7h5BKs_2UbjiMjI_8gTmyK3-DORDBktPKqQqJjhVFv_BapQbuD-DdKGIqXf4PCim0Lu67lVCin9syCpM5B4Col4POmSQzuxFjHd_S-S9OAYuKK4xaWpra0WAb-lGYiUipWsnCp4hRxbDGDWZDH3bDV4qoUhWvnSJrkukDSjFPYRnbkeZVXU-qzZTBdroIp6lnXQ1mnIrUceMi6t4R-U0W4DVArTl8ltIOOX7Ajs79ZeExdCWj1kr3rwCUtktdtqaIHHDdEYMj3Euf-ZLdP7OKRE-z-TK9W1vSR4PeoxXWgmT-7Fjf1txL-pTqmiDFvDPBw1IS_P_ZxdDAlufqUydyTIxcjrHUBswl5zRweGf1kA_rlGoLvjGtI65jWl3ogudQm6wzbHqIXpG3opGKKoAwSM69WQnP3CoAsvExWf3d2a7nHNGUmHO5QkOuoCWCgQr2cM94PvVC0gXzS9O27EIPDm8-ksXllKYLkAAV2ZKUYHtbcRwUf641-yQRNP1Tq5U6K0Vf7qZSQb6rmGBpyHTLm44KJS9ppXPBtT3wkLXYw&sai=AMfl-YSY89G_FZpGtHrbL5hqFs5ved0BPs1XEtuOCZJRu2EDE34WxmS27aTwDRe37KIbuguYbnG9i1umWf8AjxVCx8-gDf0DNk3D4SdAt8pCntwV1QyEnzt-r09_-AeailJDzgvSDidshPkqiphmVxQZIRklFIgiMQ&sig=Cg0ArKJSzAUHtwkZ8t5FEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=95&cbvp=1&cstd=90&cisv=r20211013.13836&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: obankofamerica.com
URL: https://obankofamerica.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://00b60a390aded31298f0237f320d50d6.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Mon, 18 Oct 2021 07:03:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 2D65 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://00b60a390aded31298f0237f320d50d6.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://00b60a390aded31298f0237f320d50d6.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Sun, 17 Oct 2021 21:12:41 GMT
expires
Mon, 17 Oct 2022 21:12:41 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
35434
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 6C88 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2f5112906eabdeacf910ccbff012ad4d9f91faa1e9f0cecf70d2469fcdad5a9d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 4E94 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
99943c61d9b6810556c3936ea2a25aa6fee5747470ddcef4e20d0ee29e486d5b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 6730
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEHX30t2RI6g2uwnKlURIZHg&google_cver=1&google_push=AYg5qPLE0FMjvz2nfZuEn5T-lXYHEAU3MX9LiIO3ozB-6ikDe5G-nlmrxg67YySOVH4UK7_sChxaF33Q_FQsH3Rt...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=xOxhbRwzRgCJEfFLvcDe8Q&google_push=AYg5qPLE0FMjvz2nfZuEn5T-lXYHEAU3MX9LiIO3ozB-6ikDe5G-nlmrxg67YySOVH4UK7_sChxaF33Q_FQsH3RtyxxruQhT...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=xOxhbRwzRgCJEfFLvcDe8Q&google_push=AYg5qPLE0FMjvz2nfZuEn5T-lXYHEAU3MX9LiIO3ozB-6ikDe5G-nlmrxg67YySOVH4UK7_sChxaF33Q_FQsH3RtyxxruQhT2Qnn
Requested by
Host: 00b60a390aded31298f0237f320d50d6.safeframe.googlesyndication.com
URL: https://00b60a390aded31298f0237f320d50d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 07:03:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 18 Oct 2021 07:03:15 GMT
Server
MT3 3984 0e3af3b master cdg-pixel-x2 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=xOxhbRwzRgCJEfFLvcDe8Q&google_push=AYg5qPLE0FMjvz2nfZuEn5T-lXYHEAU3MX9LiIO3ozB-6ikDe5G-nlmrxg67YySOVH4UK7_sChxaF33Q_FQsH3RtyxxruQhT2Qnn
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 18 Oct 2021 07:03:14 GMT
i.match
s.tribalfusion.com/z/ Frame 6730
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEH6Pe_RfAwPLt0SJWqGmQdk&google_cver=1&google_push=AYg5qPKWd9-aGyU1wSo0pzpDUOiyjtCWhomv_ubnGapBY_ikApoUrJdSCzEM5M62X1s1LMswSXJL-qlbNR3MGzbkxoKNqTltyTSCe...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEH6Pe_RfAwPLt0SJWqGmQdk&google_cver=1&google_push=AYg5qPKWd9-aGyU1wSo0pzpDUOiyjtCWhomv_ubnGapBY_ikApoUrJdSCzEM5M62X1s1LMswSXJL-qlbNR3MGzbkxoKNqTltyTS...
43 B
423 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEH6Pe_RfAwPLt0SJWqGmQdk&google_cver=1&google_push=AYg5qPKWd9-aGyU1wSo0pzpDUOiyjtCWhomv_ubnGapBY_ikApoUrJdSCzEM5M62X1s1LMswSXJL-qlbNR3MGzbkxoKNqTltyTSCeg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPKWd9-aGyU1wSo0pzpDUOiyjtCWhomv_ubnGapBY_ikApoUrJdSCzEM5M62X1s1LMswSXJL-qlbNR3MGzbkxoKNqTltyTSCeg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 00b60a390aded31298f0237f320d50d6.safeframe.googlesyndication.com
URL: https://00b60a390aded31298f0237f320d50d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 07:03:16 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
69ffe7e559652c0d-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 18 Oct 2021 07:03:16 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
7288
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
69ffe7e43fe12c0d-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEH6Pe_RfAwPLt0SJWqGmQdk&google_cver=1&google_push=AYg5qPKWd9-aGyU1wSo0pzpDUOiyjtCWhomv_ubnGapBY_ikApoUrJdSCzEM5M62X1s1LMswSXJL-qlbNR3MGzbkxoKNqTltyTSCeg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPKWd9-aGyU1wSo0pzpDUOiyjtCWhomv_ubnGapBY_ikApoUrJdSCzEM5M62X1s1LMswSXJL-qlbNR3MGzbkxoKNqTltyTSCeg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
google
match.adsrvr.org/track/cmf/ Frame 6730 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEHKG7gXbnD_ZhADGX9ZuRTI&google_cver=1&google_push=AYg5qPJqEOMHYaM6FWmiCV7GJyE9-JtKJfCfSdJI--u7xzmoZkpCStGywT_UR7vVaArtuV0si53hUmTRclDv-exP5vhSIbqCsJvE
Requested by
Host: 00b60a390aded31298f0237f320d50d6.safeframe.googlesyndication.com
URL: https://00b60a390aded31298f0237f320d50d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 07:03:15 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 6730
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESELrO_Fq369NKbwTzwYkysdE&google_cver=1&google_push=AYg5qPIKR8t719Rj-luozC61T_zJjAar-hx9ALuCLzoSNeZrNG82adYuIGKqLZZ02qKCAapXFS_L70C7N3l...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPIKR8t719Rj-luozC61T_zJjAar-hx9ALuCLzoSNeZrNG82adYuIGKqLZZ02qKCAapXFS_L70C7N3l5tRXjDFQg7dgBSA3ICw&google_hm=BEzbPTZgRau7U62nxm...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPIKR8t719Rj-luozC61T_zJjAar-hx9ALuCLzoSNeZrNG82adYuIGKqLZZ02qKCAapXFS_L70C7N3l5tRXjDFQg7dgBSA3ICw&google_hm=BEzbPTZgRau7U62nxmluCU4
Requested by
Host: 00b60a390aded31298f0237f320d50d6.safeframe.googlesyndication.com
URL: https://00b60a390aded31298f0237f320d50d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 07:03:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 18 Oct 2021 07:03:15 GMT
via
1.1 google
server
Apache-Coyote/1.1
status
302
p3p
CP="NOI DSP COR NID CUR OUR NOR"
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPIKR8t719Rj-luozC61T_zJjAar-hx9ALuCLzoSNeZrNG82adYuIGKqLZZ02qKCAapXFS_L70C7N3l5tRXjDFQg7dgBSA3ICw&google_hm=BEzbPTZgRau7U62nxmluCU4
cache-control
no-cache, must-revalidate
content-type
text/html;charset=UTF-8
alt-svc
clear
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6730
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEN92wggEFnZ6oGpERvg1Kbo&google_cver=1&google_push=AYg5qPKfYRC5b750K6yuu5ywc9XCcVazDuakSnRNrJCdAHopEnlYpuHvSRInG7LZuHWFfcUPVEF--j37...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEN92wggEFnZ6oGpERvg1Kbo&google_cver=1&google_push=AYg5qPKfYRC5b750K6yuu5ywc9XCcVazDuakSnRNrJCdAHopEnlYpuHvSRInG7LZuHWFfcUPVEF...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTEzNTY2ODM1NzY2MzYyNTM4&google_push=AYg5qPKfYRC5b750K6yuu5ywc9XCcVazDuakSnRNrJCdAHopEnlYpuHvSRInG7LZuHWFfcUPVEF--j37...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTEzNTY2ODM1NzY2MzYyNTM4&google_push=AYg5qPKfYRC5b750K6yuu5ywc9XCcVazDuakSnRNrJCdAHopEnlYpuHvSRInG7LZuHWFfcUPVEF--j372_HkzbL7F_GWVhvhWc27
Requested by
Host: 00b60a390aded31298f0237f320d50d6.safeframe.googlesyndication.com
URL: https://00b60a390aded31298f0237f320d50d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 07:03:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 18 Oct 2021 07:03:15 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTEzNTY2ODM1NzY2MzYyNTM4&google_push=AYg5qPKfYRC5b750K6yuu5ywc9XCcVazDuakSnRNrJCdAHopEnlYpuHvSRInG7LZuHWFfcUPVEF--j372_HkzbL7F_GWVhvhWc27
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 6730
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKoGPKR0RB3lW7qpz2gf3FA&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YW0cM-D_3ic4adcHDntHQgAABKYAAAIB&google_push=AYg5qPI3kndcYYgUswpj5HBRj71tAUSm5ZZxeF4TIDFdSmDTDUNvzzYLyU-HvGUJojElZivLUERS6bw_yPoHhhSx9h...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YW0cM-D_3ic4adcHDntHQgAABKYAAAIB&google_push=AYg5qPI3kndcYYgUswpj5HBRj71tAUSm5ZZxeF4TIDFdSmDTDUNvzzYLyU-HvGUJojElZivLUERS6bw_yPoHhhSx9h...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YW0cM-D_3ic4adcHDntHQgAABKYAAAIB&google_push=AYg5qPI3kndcYYgUswpj5HBRj71tAUSm5ZZxeF4TIDFdSmDTDUNvzzYLyU-HvGUJojElZivLUERS6bw_yPoHhhSx9h...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YW0cM-D_3ic4adcHDntHQgAABKYAAAIB&google_push=AYg5qPI3kndcYYgUswpj5HBRj71tAUSm5ZZxeF4TIDFdSmDTDUNvzzYLyU-HvGUJojElZivLUERS6bw_yPoHhhSx9h...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YW0cM-D_3ic4adcHDntHQgAABKYAAAIB&google_push=AYg5qPI3kndcYYgUswpj5HBRj71tAUSm5ZZxeF4TIDFdSmDTDUNvzzYLyU-HvGUJojElZivLUERS6bw_yPoHhhSx9h...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YW0cM-D_3ic4adcHDntHQgAABKYAAAIB&google_push=AYg5qPI3kndcYYgUswpj5HBRj71tAUSm5ZZxeF4TIDFdSmDTDUNvzzYLyU-HvGUJojElZivLUERS6bw_yPoHhhSx9h...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YW0cM-D_3ic4adcHDntHQgAABKYAAAIB&google_push=AYg5qPI3kndcYYgUswpj5HBRj71tAUSm5ZZxeF4TIDFdSmDTDUNvzzYLyU-HvGUJojElZivLUERS6bw_yPoHhhSx9h...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YW0cM-D_3ic4adcHDntHQgAABKYAAAIB&google_push=AYg5qPI3kndcYYgUswpj5HBRj71tAUSm5ZZxeF4TIDFdSmDTDUNvzzYLyU-HvGUJojElZivLUERS6bw_yPoHhhSx9h...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YW0cM-D_3ic4adcHDntHQgAABKYAAAIB&google_push=AYg5qPI3kndcYYgUswpj5HBRj71tAUSm5ZZxeF4TIDFdSmDTDUNvzzYLyU-HvGUJojElZivLUERS6bw_yPoHhhSx9h...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YW0cM-D_3ic4adcHDntHQgAABKYAAAIB&google_push=AYg5qPI3kndcYYgUswpj5HBRj71tAUSm5ZZxeF4TIDFdSmDTDUNvzzYLyU-HvGUJojElZivLUERS6bw_yPoHhhSx9h...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YW0cM-D_3ic4adcHDntHQgAABKYAAAIB&google_push=AYg5qPI3kndcYYgUswpj5HBRj71tAUSm5ZZxeF4TIDFdSmDTDUNvzzYLyU-HvGUJojElZivLUERS6bw_yPoHhhSx9h...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YW0cM-D_3ic4adcHDntHQgAABKYAAAIB&google_push=AYg5qPI3kndcYYgUswpj5HBRj71tAUSm5ZZxeF4TIDFdSmDTDUNvzzYLyU-HvGUJojElZivLUERS6bw_yPoHhhSx9h...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YW0cM-D_3ic4adcHDntHQgAABKYAAAIB&google_push=AYg5qPI3kndcYYgUswpj5HBRj71tAUSm5ZZxeF4TIDFdSmDTDUNvzzYLyU-HvGUJojElZivLUERS6bw_yPoHhhSx9h...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YW0cM-D_3ic4adcHDntHQgAABKYAAAIB&google_push=AYg5qPI3kndcYYgUswpj5HBRj71tAUSm5ZZxeF4TIDFdSmDTDUNvzzYLyU-HvGUJojElZivLUERS6bw_yPoHhhSx9h...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YW0cM-D_3ic4adcHDntHQgAABKYAAAIB&google_push=AYg5qPI3kndcYYgUswpj5HBRj71tAUSm5ZZxeF4TIDFdSmDTDUNvzzYLyU-HvGUJojElZivLUERS6bw_yPoHhhSx9h...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YW0cM-D_3ic4adcHDntHQgAABKYAAAIB&google_push=AYg5qPI3kndcYYgUswpj5HBRj71tAUSm5ZZxeF4TIDFdSmDTDUNvzzYLyU-HvGUJojElZivLUERS6bw_yPoHhhSx9h...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YW0cM-D_3ic4adcHDntHQgAABKYAAAIB&google_push=AYg5qPI3kndcYYgUswpj5HBRj71tAUSm5ZZxeF4TIDFdSmDTDUNvzzYLyU-HvGUJojElZivLUERS6bw_yPoHhhSx9h...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YW0cM-D_3ic4adcHDntHQgAABKYAAAIB&google_push=AYg5qPI3kndcYYgUswpj5HBRj71tAUSm5ZZxeF4TIDFdSmDTDUNvzzYLyU-HvGUJojElZivLUERS6bw_yPoHhhSx9h...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YW0cM-D_3ic4adcHDntHQgAABKYAAAIB&google_push=AYg5qPI3kndcYYgUswpj5HBRj71tAUSm5ZZxeF4TIDFdSmDTDUNvzzYLyU-HvGUJojElZivLUERS6bw_yPoHhhSx9h...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YW0cM-D_3ic4adcHDntHQgAABKYAAAIB&google_push=AYg5qPI3kndcYYgUswpj5HBRj71tAUSm5ZZxeF4TIDFdSmDTDUNvzzYLyU-HvGUJojElZivLUERS6bw_yPoHhhSx9h...
0
0
pixel
cm.g.doubleclick.net/ Frame 6730
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEH...
  • https://sync.targeting.unrulymedia.com/csync/RX-7439088e-8f87-4a32-896d-07dbfbabcac6-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPIedFL43eX-_xx67hXAs...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPIedFL43eX-_xx67hXAs5aaJyZyTBJjhbxyq2RBA1Xc0VjqHoFuNKufEN3qr4HetzI8XnQLQIP8xnx45tCljjyz-3weHn7I1A&google_hm=A3Q5CI6Ph0oyiW0H2_urysY
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPIedFL43eX-_xx67hXAs5aaJyZyTBJjhbxyq2RBA1Xc0VjqHoFuNKufEN3qr4HetzI8XnQLQIP8xnx45tCljjyz-3weHn7I1A&google_hm=A3Q5CI6Ph0oyiW0H2_urysY
Requested by
Host: 00b60a390aded31298f0237f320d50d6.safeframe.googlesyndication.com
URL: https://00b60a390aded31298f0237f320d50d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 07:03:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPIedFL43eX-_xx67hXAs5aaJyZyTBJjhbxyq2RBA1Xc0VjqHoFuNKufEN3qr4HetzI8XnQLQIP8xnx45tCljjyz-3weHn7I1A&google_hm=A3Q5CI6Ph0oyiW0H2_urysY
date
Mon, 18 Oct 2021 07:03:15 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX7439088e8f874a32896d07dbfbabcac6003
content-type
text/html
attr
cm.g.doubleclick.net/pixel/ Frame 6730 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LTHn5hdDPRohZ6N4x-A0EWO7Ao3pVQ4kgMPiyY9LLfAxdA6hVPY6H0Q5ii-n7lX0yYasJU
Requested by
Host: 00b60a390aded31298f0237f320d50d6.safeframe.googlesyndication.com
URL: https://00b60a390aded31298f0237f320d50d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 07:03:15 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
QjHKgOpm15qTJXWLxUnNMS8wTt6682k-qtw68OFTrDs.js
pagead2.googlesyndication.com/bg/ Frame 2D65 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QjHKgOpm15qTJXWLxUnNMS8wTt6682k-qtw68OFTrDs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
4231ca80ea66d79a9325758bc549cd312f304edebaf3693eaadc3af0e153ac3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 08:40:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
80549
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13301
x-xss-protection
0
last-modified
Mon, 11 Oct 2021 11:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Mon, 17 Oct 2022 08:40:46 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F1B6 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BX22qMxxtYeCTHYHk7_UP0PW68AoAAAAAOAHgBAI&bg=!l5SllNDNAAao6lBpqOo7ACkAdvg8WkoWVJGk63LBcwQmwZgNPOXhc9KvauMe6HUYhzKhOAVEtuNHvAIAAADZUgAAAA1oAQcKABtOcjXYVdqQINuuRmD-WVgEFz-GzAHttC2lzlaZA13n_JlAsyXynHJJaPqrf7-6I2n6nr1qaLMDhAEt3TQ7KrMzMxVg7zYRgehaG5fCUoQO2KHaZDNTu6ajXu-VIAdfLQ1HvNCYkbAi4DDLI_rukN0Q_psGR7YNOJeZvO_UZfkztzkovtEMhv-WtuzNcxtsJ9tmhfgA9fbpP1kvXso8usRo0FozEOFIY-AE8EAtQqteORCtb4UBUwMpdM58bCmD-mRiuYW3UeyZbj7CdX0tENkgjxEQEcbYzYhmONvk_tnHsFV8isf3Y8Qb-Uii2aGwaopIIsVwopTwo4MTJxsbsQvV3OZwoUh-i1fsWGCe5khfvu9THliJLLV6PDFyry8xe1eEmh_nSliHujBpusYMXzbimXnnSs-RnYyliGuBo-OYpXOKB9iRX7XOuIFAiWLjgeUHA-iquGQ9Y41Hpcfev-VvPi5wNwFEVEHFnYlwBARYcVXJ1xi1goiWDRjiQj5OgZdJqVFWmdKFx0rwy5qgLYGndl0m_jUBdFcayX9V2KwJZ9qr8oQHfkj2hMhdh9XFAk5BnudQqV6xnRxM9efyvBlnDeBx7MnKMlsUJb8KV9qdS9UlgVuc2FQclxwL6sVAZnZzduX2TahhHIWs3K0z3laoBYiwlaD9VpJJh1SdC6kqtWGuO1TXQFczGjCP0IkvaTYH5hLnh3-GIBBnojBtB-OHqccgP-0NnRlXIre3pM-nph6yLLuagx9Zn-eGYszRzkDED0m_B0p_rtsSS-f2Hxm7XIgV0Fbiw6vSS9S-LwxQso8SqeJ0gBMOo4qYaoEqB5SyjuIcz_QI4amac3m0dfuyK2dI6RtOTWPyqDbjowo--ToayhJLCQ2RNYcrkp7zStPmIH_a8LCunX2btXzM1QXi_mWGbs9HUlp8tzfs-ixjKxNpTWdYgb9clVNgk-Y_VRQb5qsRqGE0O9ofC5YBeKSglK2eS-2iUhk62RoWWy3eLBeM_7bYKY60uD_JpTrOpt0YIpUUyS00YRG2XFsnFqizRC3uWocwcW_jOO0CbKE24BGJE3E8c7zKSlh_SsyVN2zWoDzQTxnNF6B6kiWTpoyqBrjbpJEofOqNQmwD5v9P8XwKx9RuoAJREOGk8YgImzjcF0VKxVKTeC4rbArEoR9zHKbBY4-ushV4Hjg
Requested by
Host: 83ac6b6e7e5aee9be4ea51bb505026ec.safeframe.googlesyndication.com
URL: https://83ac6b6e7e5aee9be4ea51bb505026ec.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 07:03:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2D65 		0
27 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B0ocqMxxtYdGaI6OR7_UPzd6SyAQAAAAAOAHgBAI&bg=!09Cl0JTNAAao6lBpqOo7ACkAdvg8WniULLl1PMwUE3lM9qARG0W-rYp2Pwr3FbKzJ40vBdp3RRKjNAIAAACMUgAAAAxoAQeZA4Br0N4-SdIuoc6zdK3Xq4wZdCxHPjH_b6HtA6SeXlDOmHiKdPTjIQFSGoW6DsocNXFX-2-jV5vCZbpYWVMclSceH-0QTzzhHfOVikcI27F-6S9e3Xe8qWa8vY4rktXroT7kQ3GacgZTIsLkVMHgOoFZS363e4fZd_KiB2YfZkW3wEZrfDKui8FA6XidZlEjBJ1NgPhnC8tscfOW0AODMx1o1UgFZbfh-0jWyQB8s_2xo5Kh59DBDJIxAt6380g8iLlyA3to48usCWPlKh44Hc663YwVtLXRFgeMsDA99P7jPrEuAGE4qFYYubV5E9i1OQrPpDHThwYVSsmUObNmKNQL7NOvvcxd2v2dk0qeW_2Y1LSXgPidgBroAUglGC10Z2ag-SmwPikL_upn5B92YdRNNS8BiIj2lnBoiHnSfoJExXWXBV6ahP9obVmy2tdnBtOvltJaDKWoRV-FiRBSji2bjhdOl5jA7buzceakzOqipTm1cVU_mJFaq-K_H13ypNCUsPzCK_30KGFw65KdddPdhHCCuYLC2wwuA3hp7KLbJOxDxsyL9LK25NrhGBTkH6bVKawtvfCi2KjRCAghBoQN2VRoYfawHhklTu-HAeYvmhG5-mPwEC_P4hHgwfu99ZFixpO90qO7DkI0lHZxuWHPqmZmjW1hvKsld7VVTIEQNwQXmi847LBfz3AM1deLtRhrlpAVpZBKVgJNGM8sTAZGjh1oAG8iFU1LK7xcdzq8Gr8uxTIQDc3c6Em8tPckSU8DHgr6pYv7AiiaObAqWXtehgdcc1xG9uBjkGdcVFqvtGxKMbVjb36mwCN9FUlCuGTR7coQbejzr26TlaKNWkEPdd3cTGCyq2-EC7k3dvgi4rPBQx_so8q_OB7x56oYs6H5JEjmd-PynuEHn5KdewJpe2e2Q7uj4oEWpdoOBHzRiZ_UG33feRQiMws0euRxcbuaB3osJqiKrBP1TIgSILq8MQRnHTSVraa5EErBYKurBftttKr_eQlP8mnDNTKqBKSUqMY36IFHGCs2ClJfjoVdbgp7I7YVyhF0DMY02Y-avHq1HGdHeOvL_GWwx9CTQGW5v6R0M61R7ZPENamTS1R0RTeAxdxuBOPbq5ppglBUMULB4BkkUe971hQZuBtY0x9Ufuux5F5kMjgpbgXL_z2DLAi3Pntiubz3Or90JPRTGQ
Requested by
Host: 00b60a390aded31298f0237f320d50d6.safeframe.googlesyndication.com
URL: https://00b60a390aded31298f0237f320d50d6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 07:03:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Enabler_01_246.js
s0.2mdn.net/879366/ Frame 6893 		116 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_246.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61697663/20210921064113908/728x090.html?e=69&leftOffset=0&topOffset=0&c=NDwX5MUOSF&t=1&renderingType=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b64291fc91dc77833930ffcead244193c5cfd9e882af312ecc89b580160c22a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61697663/20210921064113908/728x090.html?e=69&leftOffset=0&topOffset=0&c=NDwX5MUOSF&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 11:08:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71713
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40237
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 20:54:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 18 Oct 2021 11:08:03 GMT
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 6893 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61697663/20210921064113908/728x090.html?e=69&leftOffset=0&topOffset=0&c=NDwX5MUOSF&t=1&renderingType=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61697663/20210921064113908/728x090.html?e=69&leftOffset=0&topOffset=0&c=NDwX5MUOSF&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 07:03:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 18 Oct 2021 07:03:16 GMT
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame FB9F 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/9951322/1634210246367/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/9951322/1634210246367/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 17:54:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47338
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 18 Oct 2021 17:54:18 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 4E94 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsutIaCtKrCUz9IvQEVtg2ezw7cYaEs-bboYxXH9BC0vHWEifC39tZq8PFFfvJkgUho6ayBp_nIeprwuUrteFKvPJSe5u77PKa0cdCxte_4P8_w3noZyjJvcI-32Dq2VlKoYctL__URLyXyfbTi6GLOMr55r2h1f3uFHGcQMDmruNCFQUo7TCoUWXIthuVeqkfXUPzOT7i0hZ3sh-itRQ66VsN1EGAG2TX189ppGLJJ1JvEqXEIQdMLDeh-80TjLTouldg3pReaYqk0dlB0riixOe7JeWsMUwwbjCq4aRsSrWMdWmglWbmd-_X2wwmu2uHSQmXUtnHv09sQgE0proGar7A1Bi1qHskbphWpGCBwQQbz0Bz5UcOVCP2_ojD4vu4lJjRcaTTO5gTKA5spLIz2wcK8YDZRIvP7sqxSBma_OcRTC8expcpFiKV9sSR4YvDR-YqTT06TJq6QyHLaLbh1iqxeQiUwp7q6neJBViL-9m9l17xzixM60rGYZznKpm3mpUddAQtG7qkFsFWTOHH7qSAzf4kKttjukIPQR3YcZgcYwnz4kIN0puc2b3JM4vmMSQdeUTBMdEhstCshxZkq6zU4OIZriMPoxWptI-_MuxPFtUqr1u0qV4SlPaDDqSv7gSiquZY5Aeh6vDB6UZ-yIOl7lDIRtFbZ2Bje-CZoljHe0ezDhqIUKu_qep7h5BKs_2UbjiMjI_8gTmyK3-DORDBktPKqQqJjhVFv_BapQbuD-DdKGIqXf4PCim0Lu67lVCin9syCpM5B4Col4POmSQzuxFjHd_S-S9OAYuKK4xaWpra0WAb-lGYiUipWsnCp4hRxbDGDWZDH3bDV4qoUhWvnSJrkukDSjFPYRnbkeZVXU-qzZTBdroIp6lnXQ1mnIrUceMi6t4R-U0W4DVArTl8ltIOOX7Ajs79ZeExdCWj1kr3rwCUtktdtqaIHHDdEYMj3Euf-ZLdP7OKRE-z-TK9W1vSR4PeoxXWgmT-7Fjf1txL-pTqmiDFvDPBw1IS_P_ZxdDAlufqUydyTIxcjrHUBswl5zRweGf1kA_rlGoLvjGtI65jWl3ogudQm6wzbHqIXpG3opGKKoAwSM69WQnP3CoAsvExWf3d2a7nHNGUmHO5QkOuoCWCgQr2cM94PvVC0gXzS9O27EIPDm8-ksXllKYLkAAV2ZKUYHtbcRwUf641-yQRNP1Tq5U6K0Vf7qZSQb6rmGBpyHTLm44KJS9ppXPBtT3wkLXYw&sai=AMfl-YSY89G_FZpGtHrbL5hqFs5ved0BPs1XEtuOCZJRu2EDE34WxmS27aTwDRe37KIbuguYbnG9i1umWf8AjxVCx8-gDf0DNk3D4SdAt8pCntwV1QyEnzt-r09_-AeailJDzgvSDidshPkqiphmVxQZIRklFIgiMQ&sig=Cg0ArKJSzAUHtwkZ8t5FEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=453&vt=11&dtpt=358&dett=3&cstd=90&cisv=r20211013.13836&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: obankofamerica.com
URL: https://obankofamerica.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://00b60a390aded31298f0237f320d50d6.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Mon, 18 Oct 2021 07:03:16 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame 9320 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvlLQITAy5zBh-xbhNTC_tq3BqzX59dyjD31QmUXuJUrabtlmcvbyemzDyHD-efR9Nb2j9tJbwvRp0wTxvFEIozrvJV7W72N0VvwIIvYLIepMYrYpShYNi3rOrn6JySjlxESACix2yIn5JsTsWoy7UC04hRjf_hErmRhijxfxgumZomZgAJb49nHoGcEnd-5sCkFAXBGec9dFCyrNZ3u5-Rl4ownxj8nJeuzfVaTL7u9nveFoDZHPy9JfmcaGIQ_ySOF_7xV_mSJ1vh1ng1gk0i_a2c8SHrAsbJw3XxGckjkN44TfnDgXsn0w&sai=AMfl-YR2YxDF38bFKZQUR4fR3Wrq73IlAZ8gXfa9ULAmJngpw0-KpiK_4vHDcvqinbGUBVRQ9okgu0aRXyqlTywCPJPyh-0KTwKCHD__3wTzI8zkUDoszvRHhW9qwbtqvvom&sig=Cg0ArKJSzMzEjoJXIHHJEAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 18 Oct 2021 07:03:16 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 18 Oct 2021 07:03:16 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 9320 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021101201&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js?31063158
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
9b59eaf6a8178d7b92e8367fadb702572655beafa51772c05b6278871c8c9475
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 18 Oct 2021 07:03:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8653
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 6C88 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvJmasG5xmV39qbE6tI9OqIxyTDH7Ug-NPGiq5070aRoU7DHg1PZcB5RNFkc_aMSvkqTF3iqZn3axmcSm20H2qxr8Kzwtml-LDU-IIfR9jYLiR3YqcJSIeOHDZHGLpOPdqGUXI3BYJxAPXISBDqL6zcYufsh2s86vHAqk1yNTHV4kAvdty21wcerPhxprFLI1UTO3EtPmUxBxGImQPwPsKjXNmVoRk1LI8VKjd4RfiKvZOuNDWuSnaHvd6J0JpLcxXEwt-jozlx8s3TLfvMO43ILHLnlUpqWdOfBH18tSP8eSRT6H7qaDEmA5y65mwCFTEM1GlFbIKsC098z5-FrAD77rcz6wwtkLD0PjXo4yVczYksCSDpIkVMFSTwfnMPeIL7FVjk9-YCyuxwhauYkhT7Nv61i3nSRfAcNqQ9pUO6zgypRVFCLgEBdKcmVEk3tqrtGEvgM29__G-_kX5lwWt7pnbRwMJo_vN_LhnhN98ipsAvlZ9LenDeNMuc1i9u2eg5ec8vDbYb-SVTG6vvhzPUVKvOqGUg1PRcEWercry-HPI9N19At-w3JigoOt83V4ZsZb7BTCAbZpG_kMeZr-imlCb8JRZ9N7kX5TcXJA9ttnf2G5CGeI9Lh-GrNbh1BVwjOq7Qb_ufmEefMGlEixwDA-JEwjvApco6tt5hnZ0gNtL7VAkYlRuA1fE52YavHnZAwzV3FeFQdbpi9AWZIP4089bbFAP2xB42HY90CTCJLuvgMhyvnqcB2TbdiGzshKpdMGKoqn1xFANqkbtFmEUw2L0KBQ0mUSivdgAbqVBoi7Rvxqb0iF_eKdRBaSxgKCmu55_rtoreVapwVB-W6tebUUUB3colXxNyhk7Js4k0ldNG7REkVFmaPY-ef4ry3Z25yZRkAytJhjIuoNuINlDB9nqytt4lSjvTnOE01sv033NAbaP4TsrP-WelakWEJf9HJrIQQf9e4dntKgRzyLQHjrGkpBm67d_YFvJotsZd8-CjocOM4bSkj2wEFmqbvOIAhCg9_HUY-RtsRlrddMuGGXos4b0gaHBllePfkhVUm9OS5py7iwlEqQ4yN6hpiR-Lh0IpTdDfI3XYauNvLOAav-kYnY60IyUbrNlH2-vW_08Ej--AL0CxrFmg6Fn03CQA3v9eZddoP8mofGrS2pxWZbbJg7eL44UjL1XS7TwPmL9s7ZNupDnMq7LZCl45PLknXB17IY91V3Bi1RN4vAnKY45GxSygYEFvFDTy&sai=AMfl-YQfx_qb79Msoox9vKjYgMPblqxIMyUmGRZ5Hi2NS05sNdrutPjlyfcN7sdwXfwn1BJb3Q2ihMIjhrF-IiDFS54_Vh_882x9YMsEZrDQIqkvrjl4N7y7gDjtZZ6MP_Y3kEULtkT6cz_pP15p8lmqaDGua5RsiA&sig=Cg0ArKJSzBfr8H65xjUtEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=588&vt=11&dtpt=393&dett=3&cstd=192&cisv=r20211013.75818&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: obankofamerica.com
URL: https://obankofamerica.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://83ac6b6e7e5aee9be4ea51bb505026ec.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Mon, 18 Oct 2021 07:03:16 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame 3B17 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssT124ode34z9XTxoV5brw2GL0ldrY4UROfgKQnplWJ_dEBrlwYdJ3dW5njKEYogBtN7jdlmnn6n0RO0IWqVLVwijR4LPwW_nOvkfWhzeMj8YHsvUMKFcXlYfffpZT9JdOoo6rXHoCqNgilSqSG_3_fV-JXAZ3M5y9uvivrw-C8_fUcwEqboAjeti1tfxsf4U7blCeIMEQklJ0AIRNme1Tp9SqmdUVbpWREH1mhms0Ac2ZrtRNjpzOI22zHVgeMX8vXVSivueC6lhP-o9LaWqiJckwk1ViYLbMcPyvU5g4YeLF6ZWyS5Eb0wg&sai=AMfl-YQdLH-AN6T2ui65xSZUTEXKJPvj0EmLYF_bwQ5QA__pmQX4lN8Iyevtp83eCawLzg6lQsebUwqF4gNdbp6Vf91uCWyKL_8G2cN8QOI1qSaAjyANl4M1JpWV-JnKPqlw&sig=Cg0ArKJSzLK-a3qjZFGPEAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 18 Oct 2021 07:03:16 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 18 Oct 2021 07:03:16 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 3B17 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021101301&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063192
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
302226a5cf639d8b3d141d54a2f82e421a89e4282a883642bc5f29a411027f6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 18 Oct 2021 07:03:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8501
x-xss-protection
0
Volvo_Black.png
s0.2mdn.net/9951322/1634210246367/ Frame FB9F 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9951322/1634210246367/Volvo_Black.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e5be30616d437d2baf9041a6648598542ae30fed30d261b002266e5d58969685
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/9951322/1634210246367/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 10:01:45 GMT
x-content-type-options
nosniff
age
75691
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4824
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 11:17:26 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 18 Oct 2021 10:01:45 GMT
Money.png
s0.2mdn.net/9951322/1634210246367/ Frame FB9F 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9951322/1634210246367/Money.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3597332bd4c2f6fb7187e3dfd1c87d76db41393497a3d5979662e9a77729c9cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/9951322/1634210246367/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 10:01:45 GMT
x-content-type-options
nosniff
age
75691
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3024
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 11:17:26 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 18 Oct 2021 10:01:45 GMT
Service.png
s0.2mdn.net/9951322/1634210246367/ Frame FB9F 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9951322/1634210246367/Service.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7926fbda182418930ec6d094f7341cd12c4812cc1691da5d0177f7fae75c4143
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/9951322/1634210246367/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 10:01:45 GMT
x-content-type-options
nosniff
age
75691
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4958
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 11:17:26 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 18 Oct 2021 10:01:45 GMT
No_long_term.png
s0.2mdn.net/9951322/1634210246367/ Frame FB9F 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9951322/1634210246367/No_long_term.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de70cbd675a9cbb631b8380b5a02e519e3f84336a284fd409bdad8fe7e6d5de8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/9951322/1634210246367/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 10:01:45 GMT
x-content-type-options
nosniff
age
75691
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1776
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 11:17:26 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 18 Oct 2021 10:01:45 GMT
Light_version-POM_002_Low.jpg
s0.2mdn.net/9951322/1634210246367/ Frame FB9F 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9951322/1634210246367/Light_version-POM_002_Low.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc4c0cf9df4e976c9925ae093daa32de937fa65d6f681984798345de6fc1345f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/9951322/1634210246367/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 10:01:45 GMT
x-content-type-options
nosniff
age
75691
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
74922
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 11:17:26 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 18 Oct 2021 10:01:45 GMT
Light_version-POM_011_Low.jpg
s0.2mdn.net/9951322/1634210246367/ Frame FB9F 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9951322/1634210246367/Light_version-POM_011_Low.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3c0b56e0d2efcb529b2ae34b91994105bd6df935ba83c9ef6884a9f709e5565
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/9951322/1634210246367/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 10:01:45 GMT
x-content-type-options
nosniff
age
75691
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64197
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 11:17:26 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 18 Oct 2021 10:01:45 GMT
Grey_bg2.jpg
s0.2mdn.net/9951322/1634210246367/ Frame FB9F 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9951322/1634210246367/Grey_bg2.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7e536b79cd591ba2baa9affcd371c7941e8a597b23b332c6b9fee4494a621f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/9951322/1634210246367/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 10:01:45 GMT
x-content-type-options
nosniff
age
75691
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55374
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 11:17:26 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 18 Oct 2021 10:01:45 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 9320 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101201.js?31063158
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 07:03:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Mon, 18 Oct 2021 07:03:16 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 3B17 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063192
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 07:03:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Mon, 18 Oct 2021 07:03:16 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 3F24 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Sun, 17 Oct 2021 21:12:41 GMT
expires
Mon, 17 Oct 2022 21:12:41 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
35435
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 4C37 		783 B
762 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7520958e95b85ec20449739628fb761b6b3ae4e616e8c359163c33b65d00439f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-btifrrWjFNKwu/IvF74KSg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 18 Oct 2021 07:03:16 GMT
date
Mon, 18 Oct 2021 07:03:16 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-btifrrWjFNKwu/IvF74KSg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
511
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame AFB6 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Sun, 17 Oct 2021 21:12:41 GMT
expires
Mon, 17 Oct 2022 21:12:41 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
35435
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame FD5C 		783 B
745 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2aad6719c09c388e29d91958aeb0c35a8b46f0e4ec91b3320bd7ed72e2e212da
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-DSRF4Izw7Q7qRn3XjzrGxg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 18 Oct 2021 07:03:16 GMT
date
Mon, 18 Oct 2021 07:03:16 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-DSRF4Izw7Q7qRn3XjzrGxg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
515
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/getconfig/ Frame 6893 		6 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_246&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_246.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
1ac72f08948a2ab0562b6dcbabadd3f3414dfe53e47482d78c7860ea4afb84f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 18 Oct 2021 07:03:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4545
x-xss-protection
0
60005582_20210922230824469_STANDARD_728x090_LOOK-01.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 6893 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20210922230824469_STANDARD_728x090_LOOK-01.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9dd15bb32f2eccd3cfbbeb820e948a9fcde37d4d40f35495a97768cc9911e18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61697663/20210921064113908/728x090.html?e=69&leftOffset=0&topOffset=0&c=NDwX5MUOSF&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 10:01:03 GMT
x-content-type-options
nosniff
age
75733
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14856
x-xss-protection
0
last-modified
Thu, 23 Sep 2021 06:08:24 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 18 Oct 2021 10:01:03 GMT
60005582_20210922230828996_STANDARD_728x090_LOOK-02.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 6893 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20210922230828996_STANDARD_728x090_LOOK-02.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4bc1b05f98442359892e0177a892f071cc0ae1d145801c8288e0aab7b067c498
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61697663/20210921064113908/728x090.html?e=69&leftOffset=0&topOffset=0&c=NDwX5MUOSF&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 07:01:47 GMT
x-content-type-options
nosniff
age
89
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15037
x-xss-protection
0
last-modified
Thu, 23 Sep 2021 06:08:29 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 19 Oct 2021 07:01:47 GMT
60005582_20210922230833166_STANDARD_728x090_LOOK-03.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 6893 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20210922230833166_STANDARD_728x090_LOOK-03.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf43029467c206ba5c103fa6a010a613fbad363e35524b16b2e2815592fd82bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61697663/20210921064113908/728x090.html?e=69&leftOffset=0&topOffset=0&c=NDwX5MUOSF&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 18:14:12 GMT
x-content-type-options
nosniff
age
46144
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13858
x-xss-protection
0
last-modified
Thu, 23 Sep 2021 06:08:33 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 18 Oct 2021 18:14:12 GMT
postview.gif
portal.o2online.de/nws/img/ Frame 6893 		43 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14112_PV&mediacode=25667676_4307561_303197273_146033526_-0&ref=25667676_4307561_303197273_146033526_-0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
82.113.101.132 Hanau, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS
portal.o2online.de
Software
Apache /
Resource Hash
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Mon, 18 Oct 2021 07:03:16 GMT
Last-Modified
Wed, 26 Aug 2020 10:11:24 GMT
Server
Apache
ETag
"2b-5adc50abeeb00"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection
close
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 6893 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_246.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 07:03:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Mon, 18 Oct 2021 07:03:16 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 4C37 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021101201&jk=824056060162544&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame FD5C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021101301&jk=1392327008043604&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
3NpV0t_ssl6JniOQZDZq0-jr2lBMmb0RSXUDLe8J8DM.js
pagead2.googlesyndication.com/bg/ Frame 3F24 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/3NpV0t_ssl6JniOQZDZq0-jr2lBMmb0RSXUDLe8J8DM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
dcda55d2dfecb25e899e239064366ad3e8ebda504c99bd114975032def09f033
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 21:12:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
35435
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13493
x-xss-protection
0
last-modified
Mon, 11 Oct 2021 11:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Mon, 17 Oct 2022 21:12:41 GMT
3NpV0t_ssl6JniOQZDZq0-jr2lBMmb0RSXUDLe8J8DM.js
pagead2.googlesyndication.com/bg/ Frame AFB6 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/3NpV0t_ssl6JniOQZDZq0-jr2lBMmb0RSXUDLe8J8DM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
dcda55d2dfecb25e899e239064366ad3e8ebda504c99bd114975032def09f033
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 21:12:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
35435
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13493
x-xss-protection
0
last-modified
Mon, 11 Oct 2021 11:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Mon, 17 Oct 2022 21:12:41 GMT
3NpV0t_ssl6JniOQZDZq0-jr2lBMmb0RSXUDLe8J8DM.js
pagead2.googlesyndication.com/bg/ Frame 24F5 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/3NpV0t_ssl6JniOQZDZq0-jr2lBMmb0RSXUDLe8J8DM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
dcda55d2dfecb25e899e239064366ad3e8ebda504c99bd114975032def09f033
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 21:12:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
35435
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13493
x-xss-protection
0
last-modified
Mon, 11 Oct 2021 11:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Mon, 17 Oct 2022 21:12:41 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 5938 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvnBsnnHMEf3wjGrtdeaizh97JyJcQWYFMi0RO6BodfNPR2KEy2vaguOgOVuCDArgbLX97kdRkb3P4hnmlqunVw3rp_HXQdRvckA8mj8JB1B21UFKpS&sig=Cg0ArKJSzOzfYMeYyaPnEAE&id=lidar2&mcvt=1030&p=0,1,250,981&asp=204,311,454,1291&mtos=1030,1030,1030,1030,1030&tos=1030,0,0,0,0&v=20211013&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=19&adk=1274268220&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1634540594572&rpt=730&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 07:03:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3B17 		0
27 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021101301&jk=1392327008043604&bg=!AAOlA0fNAAao6lBpqOo7ACkAdvg8WuXp70-v-W8xLvoq9PGNZIQxPP0PKJs0yN6QuXFnKLlCxPfKegIAAADtUgAAABNoAQeZAu1saxgfNxN_ibbsy_CGhN09EvRj7iZTjU48Wlr57X5ta0pOnKUl46xT_dYYQcCvmbFrazhcV77PTyzZldGKMgTcwO8q71Ht5-9ET6m1wKRlzxkDCoN21O68T9Sx9duozTi9t2hOuqhG33Ktu5AaCZfA5_T2pqogYbqEjVSejpcnQncWrbrmogRUfOiOOfeMsRft74gqpsrZW565sB66OnETd9fesdvRnZY1BZ3sARsdLnQEN55Dz2MSh-u8iBziSIDD-0fdnJl8poM1a5e4i9JJlb4-Ig-0XOPy03cBtWxE4Ll5CXRAwPaxAgoc7qUvIvWCxxVJl6lKKoH1BY-aQ9ndR7HxwqctEzxKSfivv8eNLOwsZg1VcTxEssJx2ugot1bm4ueU_m-4h4cZo2UpzmRUsY4z1B922tsx5Kgf-CAqCBy_JTfVyvjetdnv1WYcH1ttz5EIXpgFFHY-Ux-S6vbL0wVriEFz4Co7sdgrz2raRz8Z-nnSzmFaUgf15rqLpoxqFCRRKTaQiV5XxarP1OqPyIfp1XwL-ENC0K_KyJfjau2EHi9F4B4o33bzWxtn9IqmJvynF3FwHYDrVXgZ7c2cGQ4yBKYDYws0wJiAE-L1k5lwblq9_L9S3fUnYHK_dL9GRLpWsX6nIObTlypA_eb9n7ygjyPkLTmtpFFHasDkPhnfJjSeidLwXN6IkA5z6Lptqf4tJAKp2lc-Gb7cDomFXy3ekPAXwj6bpHZkMMks101dfaegqpnThybMP5sHvP_pCO9L03VOcGKg5nJBewXeKEF-C80oRUUAna9E29WJf94x23GqJwLhv9Mc_ZetMoHdlMRP4pG1bg45mSKYXrG0_BZslx8vXfXJDzEh93SZeIVzkmXK5958m489Ytac8oKsTc2k3np_Ewzm580LVn3PKi_dQQA3nlCCSEFysGqIYaFc4_-0t98G61wDPX56wcF0TWRQErtTUbl0ymMR1V6hMksA2Y1k8ecoG9x_kA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 07:03:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9320 		0
27 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021101201&jk=824056060162544&bg=!9fal9rLNAAao6lBpqOo7ACkAdvg8Wjevy-iYjaSPWUVhmxgp1aHpIruSWXTV9nHA0Q3L_Eh6DtzAIAIAAAEhUgAAAAxoAQeZAvh_IrjCFLMhwJEOza5RarXZ0xgxsiIN-KAMpXzECFdmrTPUk1yDGKLsG07JHmmifzV0UkNIhN12caRLfqX1zi6sVp_yb569SX7mXe51zIEqJIq9rRiLcEatj5wnUIZuYrMs51BYP7NIp5W8Th96001iiC-WuoW0joE7p0LmkPIX1dlFaSOjwxHbF3B4onWVZLLgvO0zfSgEZdfgS0GcdFRtZY_WG7hH-8VyOdk7tOEIQvXh_hVR6VRGoauQUMc8cwEXER-BFE5R5o9toAFMYZl4vMU6YWFlMyeCChGvmrOmIprqja5-v69tAke51q55ZU3h2UESzNxitMsjgzfhdpY2-P7PpD6UB_-ul7X3_h8-ILbziTvF2ULz4mYRf0hmVf_IcA2JkJvOandqbJbY9JUp74QQ3eM0hnCw6bsCVUm5P4ei21JrrG-stuuXJkyeOdJORlCoK__Dur7RyQ1oSQtl4u2TPnR44FD_Z8D6fdzTIey5dbzamHo7XG3AoFkpOH0GzIurO9fy7nSmFxyC39Otvi0ySoZBNYmSfNlpGfWWEJloReM48e6oGDUGp0-zM22JQYwlMr-V892YClWm9x957RHQ-S4FA8V0riMSQ26YjBLxek48Ac1hsZi-T74saJ6lujzPyjUIbDMMwTLkEkXDrIZwRVg6Ds4VgK7wce5re4Bbn6ao2rlqXrnaW7aYZigSL5zixjZpVm0sTVxK-uo1aCM37STxQ556vZnZAoo-eNDazc5s3-uKsOs4Nrjb31-tw38J0jEY91xFIwlzB9xjNy8ziKkbggO16NM1w1hVpKuLQ3tGq8rv9OmpnnY0tZ-SWA_trMx7u6iq8pzfFNUtzFJ7ERARaFPrxnH-HTdnSltckcVC6k8gtuFE7si9fIVyM_E0GJTLIzihfpf0ZixoXlUIJPtmlNGucK4j-QVM6Qjd0muw1F4LIPMPN2wq7ozeKkqkImA6IH9kIy2DbS_G6wJ15gKYbR_vYK-7n3WtJh-2SnW5C7pY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 07:03:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
videobanner-desktop-seat-mo-125.mp4
www.motofichas.com/videos/ Frame 5938 		839 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://www.motofichas.com/videos/videobanner-desktop-seat-mo-125.mp4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.98.176.31 Arganda, Spain, ASN42612 (DINAHOSTING-AS, ES),
Reverse DNS
vl22333.dinaserver.com
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range
bytes=196608-

Response headers

date
Mon, 18 Oct 2021 07:03:16 GMT
x-content-type-options
nosniff
Content-Range
bytes 196608-1080557/1080558
strict-transport-security
max-age=31536000; includeSubDomains; preload
Content-Length
883950
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 01 Oct 2021 10:03:53 GMT
server
Apache
x-frame-options
sameorigin
expect-ct
enforce, max-age=21600
vary
Accept-Encoding
content-type
video/mp4
cache-control
max-age=31536000
accept-ranges
bytes
expires
Tue, 18 Oct 2022 07:03:16 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 6C88 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu0ljM_a_FxRszDNtL1i_R6sLULydPZSbYhb7WTJlB6e-XABnee7gh0E9Nw-jCz845ybPvaJrEie7Am5sBKRMQ6cN3vVhpV2U__LtcEiRQS_tJhOpPY_Q&sai=AMfl-YT-InxfAOBDEfB_JGrGQLmNtx-GYFfe_Rp108vfV1R687_92Z-aOQn90cH0ZT7AS5WJk-Y-SPpGcZwxwf83sCOWE3zNfg6uvFA&sig=Cg0ArKJSzKK8GtGEScldEAE&cid=CAASEuRosqKbcLGqtkAYMGup01Lr4g&id=lidar2&mcvt=1000&p=0,0,250,970&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211013&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1751143830&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1634540595419&rpt=384&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://83ac6b6e7e5aee9be4ea51bb505026ec.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 07:03:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ Frame 76F4 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063159
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 18 Oct 2021 07:03:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 76F4 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063159
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 18 Oct 2021 07:03:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 76F4 		15 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4100732491722048&correlator=752412842015178&output=ldjh&impl=fif&eid=31063083%2C31063109%2C31063159%2C31063200%2C31063213&vrg=2021101301&ptt=17&sc=1&sfv=1-0-38&ecs=20211018&iu_parts=22315401138%3A121029794%2CMOTOFICHAS%2CMOTOFICHAS_MX_DK-MW_300x600_DISPLAY&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600&eri=4&cdm=d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com&bc=31&abxe=1&dt=1634540597090&dlt=1634540594897&idt=2169&ea=0&frm=24&biw=-12245933&bih=-12245933&isw=300&ish=600&oid=2&adxs=0&adys=0&adks=1962000624&ucis=mbw1f3hm5okl&ifi=1&ifk=562891030&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.motofichas.com.mx%2F&loc=https%3A%2F%2Fd652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&top=obankofamerica.com&vis=1&dmc=8&scr_x=-12245933&scr_y=-12245933&psz=0x0&msz=300x0&ga_vid=999295592.1634540597&ga_sid=1634540597&ga_hid=457594869&ga_fc=false&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063159
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
d4db45736fa52a62f53c696debe6cd984bce783886b701746f281437786bbaba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 07:03:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8693
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
f13d6db1c689e54b2934b3feb880359c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6312 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f13d6db1c689e54b2934b3feb880359c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063159
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
f13d6db1c689e54b2934b3feb880359c.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 18 Oct 2021 07:03:17 GMT
expires
Tue, 18 Oct 2022 07:03:17 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.de/adsid/ Frame 2E22 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063159
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 18 Oct 2021 07:03:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 2E22 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063159
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 18 Oct 2021 07:03:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 2E22 		61 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2698346140837667&correlator=1131532229611520&output=ldjh&impl=fif&eid=31063159%2C31063127&vrg=2021101301&ptt=17&sc=1&sfv=1-0-38&ecs=20211018&iu_parts=22315401138%3A121029794%2CMOTOFICHAS%2CMOTOFICHAS_DK-MW_300x600_DISPLAY&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600&eri=4&cdm=d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com&bc=31&abxe=1&dt=1634540597139&dlt=1634540594918&idt=2201&ea=0&frm=24&biw=-12245933&bih=-12245933&isw=300&ish=600&oid=2&adxs=0&adys=0&adks=3998264630&ucis=jsctuo7qonkd&ifi=1&ifk=562891030&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.motofichas.com%2F&loc=https%3A%2F%2Fd652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&top=obankofamerica.com&vis=1&dmc=8&scr_x=-12245933&scr_y=-12245933&psz=0x0&msz=300x0&ga_vid=453312334.1634540597&ga_sid=1634540597&ga_hid=958696121&ga_fc=false&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063159
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
028967ce63f1dc502cbc50fce6c1d765d5b8ba579cedf67440d26613b72f6603
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 07:03:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28952
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
53ab8df00057ea206686f649674cc05e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D04F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://53ab8df00057ea206686f649674cc05e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063159
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
53ab8df00057ea206686f649674cc05e.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 18 Oct 2021 07:03:17 GMT
expires
Tue, 18 Oct 2022 07:03:17 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
activeview
pagead2.googlesyndication.com/pcs/ Frame 3B17 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuYJI3KwjwY2uhqpMu9P8XhQ51ATxNrq6p4VBLFvqChoGsPICtOl962_EDB44AQ7Uhd3qpDi4jqUrf5QFxxPJ6GRlhINRn7XXWzwYaaj9yNYvG15Tlo&sig=Cg0ArKJSzPYygDYiPlSdEAE&id=lidar2&mcvt=1015&p=0,0,250,980&asp=942,254,1192,1234&mtos=1015,1015,1015,1015,1015&tos=1015,0,0,0,0&v=20211013&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=19&adk=2871994391&rs=4&la=1&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1634540594609&rpt=1528&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 07:03:17 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 76F4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuV7_TWS_n6zhrs6QeTpndujt_UjHayiVuhnRMXLHTW4RHpi9GfUM2ZvJSahqzuTMvnuhplQV8Fah7KSygYMu35a1npUNvdiSYX5OnN50uC4ViFESNtcrK4VT6w9-ILMvyaYA5RdyHCQfKQfIRgXo2GIlebGi_5IprxyXof-_Ju4hVZzkbVM9wF2hqkVVqMxIGumvcKRM5KlxSb0VMk3oGnNk_VptVTHrITjt1RMWsQ5nIx57BlFs6RYbGnjlcllJPv01mLDPFn5KcEqokETh7cg0Snvn1MOkEExXnFEc8nsOlDRpvZfSE36g&sai=AMfl-YRcy-CeiRnaTiXI55ici51DHu5nbwpNfHBNYrzLcuMP4aHADrutex5cXaJYGN2X6BCMcO6wbA3LbGVXbvYMfzxENIqqNl6maie9l14xjwhXDRwsnRkSBt6NElxT4iog&sig=Cg0ArKJSzAuE5esDeX9mEAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 18 Oct 2021 07:03:17 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 18 Oct 2021 07:03:17 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 2E22 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvCKKXitJfUCU7S6O4-vpyawswhhu6kodYEg3tey3CgmacsTRwVaQEGgtBnSmL5MKUynqWT86vcDOrdjXiAHpj_my7A2jzuU2-uyOo1v7uhwyYwDjqiJIwY2Rk1BatUi9gnHsSZQAzpmou0sN81PskewJ3SqadbqTzzB2MzfpV8ui5L2q9ejhyUb2thpELMqV9_mNEkUbyWsTfKs4zy0me6m14UMxqs_dfnfgqZL9uWDKQBtTy8XqCbWusCpTM2OZXrpwr0KPKWTjJ_p84df-zpYsQqr6_wD4zDLuwkE_LkwXgfN7DQjncjqQ&sai=AMfl-YS0ErWCSreu-FEBopBB79XfWXcxYaXf1RWtvTG2R73Xq_E7EGmHXGPlI-B9C4k6yl3ax13jhWPxYcVA4maPgGVvHvdp5o6iIxPsQ9sLMkUdMc12TF9xiXN1CCPjX0D2&sig=Cg0ArKJSzIeXbbpvbLqfEAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 18 Oct 2021 07:03:17 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 18 Oct 2021 07:03:17 GMT
container.html
f13d6db1c689e54b2934b3feb880359c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 73AE 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f13d6db1c689e54b2934b3feb880359c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063159
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
f13d6db1c689e54b2934b3feb880359c.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 18 Oct 2021 07:03:17 GMT
expires
Tue, 18 Oct 2022 07:03:17 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/getconfig/ Frame 76F4 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021101301&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063159
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
8aa688232baf7da85a88dbd33964b3b0efe766d8754c32da59e1551bd4b6be05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 18 Oct 2021 07:03:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8618
x-xss-protection
0
container.html
53ab8df00057ea206686f649674cc05e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D409 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://53ab8df00057ea206686f649674cc05e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063159
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
53ab8df00057ea206686f649674cc05e.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 18 Oct 2021 07:03:17 GMT
expires
Tue, 18 Oct 2022 07:03:17 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/getconfig/ Frame 2E22 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021101301&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063159
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
860642fdc6b287a294f65d054f666b1fbd3dea4bf9f43144a8c27d3784c00e22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 18 Oct 2021 07:03:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8565
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 76F4 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063159
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 07:03:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Mon, 18 Oct 2021 07:03:17 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame B1E4 		640 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjt3eioATAB&v=APEucNVc8gDB5ZypNcsASzfEKZE84lJa81tH2Y8vgegloktLlCce4GCdUL4joBDGC9ygif2ZZynoqZN4Ut0gKLV6WDJus-jKfJW39h0xeF--mx244cZdzYPZPmFuUFRSM-xKt5jEaHSX8K89ma7BuAIkVbhEowd5qvsvRy6KRcNPkE8V8SXofxs
Requested by
Host: f13d6db1c689e54b2934b3feb880359c.safeframe.googlesyndication.com
URL: https://f13d6db1c689e54b2934b3feb880359c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CPvjgQEQ_aOOARjt3eioATAB&v=APEucNVc8gDB5ZypNcsASzfEKZE84lJa81tH2Y8vgegloktLlCce4GCdUL4joBDGC9ygif2ZZynoqZN4Ut0gKLV6WDJus-jKfJW39h0xeF--mx244cZdzYPZPmFuUFRSM-xKt5jEaHSX8K89ma7BuAIkVbhEowd5qvsvRy6KRcNPkE8V8SXofxs
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://f13d6db1c689e54b2934b3feb880359c.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUmDoamMcuKkNE3MfS1rwJzFe2mOmjXAMfAGQ2f5RvdzEQvAh4sPdZAiKbHhgz0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://f13d6db1c689e54b2934b3feb880359c.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 18 Oct 2021 07:03:17 GMT
server
cafe
cache-control
private
content-length
295
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 73AE 		75 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BxWnyfm436xuOQWP_wPc-ov9qoXVIcK93EGXuzl1STw0w2pmNbMu7jnGAruq4jzUYxC_UJ0XEpEtEryll4g5QQXUICsZo5mBBlgoz4ZOV82ds7sJHH3V8XAQTVWUvW7D8EXT3S9OtoE6rs4jCDPGz91zCnTw&dbm_d=AKAmf-DOkN6XyYOc4P9CBGPx9agXgPvwi1RVrtUZW4u0VRJ0JUaP9efIivmR1xClt5VVtXIiwSfk8MjnGFNPQ8qzSykB4VFA6uPGFCQq8qbV_9QzazMTdpg5cpMoY77MHMYeaqKt30LwdLQcnsBeQN8NsjUtfSIygt9UaHY8VsMK7gubhoj0mLyPVE0mUWZl28SOXlLTk3llwYvMeLmzzaQgTrASA7sbedsUPqFdtBbM6cbI1E8naOIqBpvqb-lMM6CDyIwMOIoQVFufXt-5O86qhJ_EtexR7wAamlY5canujOKK86-g70QcajC4ajDLaeA2eX0PxOJ_FqGBDsoTVPm1RJhs7Z4RXwH_IcP-6MTNSNyIpfWdfrwYRBLZ2rHjloEl8NX3_Uemhvqw8AtsUN2_slxcRZNYuIGnVZnq6rr3t-jLrSMy4w3K638MOLPpVbLutmEgCP4_3OV7v1rdfX41PFu1I9GKu-5dyKcbybFi044UdRQZ56GxBfwtu_sGsJ_HGbsJuLONhMisUHQP6Z8cwxtDQ5jBBgTxDAivmRVWrfki3dfQDkqqlD24kMalTTad-GiKZlZ2_mc0xQGCoPVTTfWGjTeTVbG4PFgJo0uPX8dAtWu8d3ugJxPRXO8i0iNDJmuK4J9t1aA-lSrPj3C3IhA49ijzWhJbmN34Xe8sgY9WqQxEk0BZAslb5IQy91iTe_QfatWT3kpLizO6vsbzi1pvvWrpuJ1RXq4BzMucNyLw5y5v7JY8ViZdcsr5UNznGngWvvwuyzQGUPgdMBsvPUzyN4BVr_ZTR-aLoDpwBSH7KdRoZtgjht_Uhm7f8X_lUGmPUJCA2qQfB8ir44ARWSCdyGdeEXIwDs2jamOviiNoiklyJLg8X429XZpdTJ3mbk9h7Rwgf0F9mUL2ZeTs-EvCIVjM-jhuL8VoXfhcG7jC6ixt0I8jxu6jyeMVU8YdMP0QIW1L5sm4kIeYOdWEcCHQM9BwPDag1o2xBSZHhatedAdtCWxw6wMOXkVjAcmhNtEJL9hgyEdmabwAyF2lcUZj6GBJ2vGy6r9av8XAN4j4fJDZSajprEXIEgyRKJnmJMwh-1A8XOI0Qrxor5sZhfLYqx4bu4LUYTUp3rN_TT0HGOPCoPYtgOF6IFf6ZQXk1Uukh0gvjTfXRZhlIZvOIanNnO7iBXg8PdsF7yVsUrJdClVV6RXeVkkHsEPYVftdjqawQS8KsUsmh6gzYucWS_1M5gJnJxKRVw-xGUuYnOdQ4Nm_sPcx-vF_PIjvpFC9EciAZLqFIlQPzmq6IJbBA6eZQ0SOs11okaxu8JMmFAKanlsbz9L8fBul-7rRz6UlnEjxRi1sub-P5x4l2nh3dSeWRro2ddhx-R1jz2O_ocaRN-1cd3L5JlsM1elokvveAJqUCJeu1Ny7tVN3ddhbY_2TSpw9VZwGOzVJsSAnIfpvM0aqTCkdFIGC4MuQAQGJWjvxA92Ngp9b8NdwPacr6VPplCI0qSAqC1O5PPoVxpeJceaINjnWcFkGUN5Y2Voudy4eps-Ob_6FwrtS9qTatyW_xBiikXRzbuAbreaPU4HfIVvct3VPbBjIAhw0yMZb5g_BYngRHhdkxZvtdCp-M8fcR94mNXaF3ZLRYsftf5xzRXH1jNOz_wMHGqtvQVSQQreRPf8_1cPJObd5gniyhTePhfeDV1jIGRElFSQ7A5pqR4wZBldgK8Jq-OzwBmB3QXZY4UYnustR-dnpNo0cWFLj3ys-0Li-XnWkb0bTWxvJ95qJ1eWGndGRF0oNdUFqHNUPVMuXq2opUH7jmTCE0eM6RxxeazFShfxmbeIzO0QbO4_igQw_DbG8cWadKi6T8Go5Q8tF_0cZGysVvLoULwQ5MAg6y24wAJDmyVMT3iM7MIsKIQKhlMwZI3vmWa_bDW0Rkab2Lcvp7DghyXVzVAJWmOTgzBrrdfO3WRcM5J_qB6FegYIof-hJhWHad6yBBCf-LweeZewgmeKxXke7qLG_qzoneEBdwwCD9TrMjqKh06PnLetCNn3U6oDu1Jyo9jWup7XIlD9UqKEZ4B8rtWsuq6SRr_WER0F1Y24FVg8M0jeaZkOs3Jft__Pb3ACMRd8RL0CBnQH2eH_RBcVN5ISAImyQCoKt3-MfGyB1KuNbG3VImd7uZFJTrTDdIV-EcGu0htKNGTvRdMZ473H-m0UdZIzaTJSltx0vGPC3CbQ6sKhhvJoiIBcZ6blUbw-Honcx9YEYwv95sy1c6JzhCMUmXEmOj5IFaX737tGhjGIq3pFOzMz3pKvnyZmd6O9vHd3eCCT4edetw9DPP4cd0oS0xfTHqvBY8VbW4X3JrsyTqT21yvoiW3Cdw4zTbkYl9FMshpIh9dTre6U0nnOQtta6q-c8-obLycqVf5d6XjF5rerMM3YRk0AajknouSZ8ZrgPb_c9MDG8RfeW3vyEv2h9ylkxhY19OSC-VRIAp4dN8a2QLXjN1bjXgznakaf0UoIbZHpxipNu7yUzdJeE7wSqsSdsb3gIqZ6ICMIFhbdp0U9oz1l1yYmsa9F0mYOpoIwUXR2grRT_FqqKeNw-eJjK36jiHJ8LRU6c8xZFeZGyWQLOqFvX2EIdSGPsz05Ep_n60hfwNrxjd6FfJefq60FIcQWO7GSnsZuPPL4-lrubgjN6KplJOyd3xt0c7g5oE3BPy3kZs7ilflN-iEF1XlFuazzoGRyPhcpuwrRsifJ1nl0HBPxg85Ho-4LGj6fUx4HN8Sn_P9z28SOG9tPf2SSI4XOd3q1IONjvgpZj6WpGOAKCkBs25IctCfmRoRYkhWM_I72KxVcZZwjUxi0Stz2dvxGzq1uS8EQ3ACtfnK5tIpKfjIIrIT-40xlNmrCdGqXwM3NwQLIXt3nWZEWNtgEnj45RFmubIwZpz7gU1yQHrKq1ErU0TWoqZBy0PoViPLeWJ-tc&cid=CAASEuRojtXEnWzzSBqYBYQXhta5Vg&rfl=2%2Chttps%253A%252F%252Fobankofamerica.com%242%2Chttps%253A%252F%252Fd652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com%252F%240
Requested by
Host: obankofamerica.com
URL: https://obankofamerica.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a50b13170a8b0fdf43d976275c8529936532a6a3cc39cdf994c7380317df2890
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f13d6db1c689e54b2934b3feb880359c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 07:03:17 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29573
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 73AE 		42 B
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DhqhX-dvXiBkSXWCQ-1oymRXshTFhUhMhRUuHi3eqcb34AJfTMjiCNHu5NRhGmnLUWwSC01mtsqfgfLe1odCdJ8qqzkkLwXGLQOj0J9MuEEJDfobg
Requested by
Host: f13d6db1c689e54b2934b3feb880359c.safeframe.googlesyndication.com
URL: https://f13d6db1c689e54b2934b3feb880359c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f13d6db1c689e54b2934b3feb880359c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 07:03:17 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/ Frame 73AE 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/window_focus_fy2019.js
Requested by
Host: f13d6db1c689e54b2934b3feb880359c.safeframe.googlesyndication.com
URL: https://f13d6db1c689e54b2934b3feb880359c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f13d6db1c689e54b2934b3feb880359c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 06:52:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
632
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 Nov 2021 06:52:45 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 73AE 		0
0
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/ Frame 73AE 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: f13d6db1c689e54b2934b3feb880359c.safeframe.googlesyndication.com
URL: https://f13d6db1c689e54b2934b3feb880359c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f13d6db1c689e54b2934b3feb880359c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 06:10:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3175
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6281
x-xss-protection
0
server
cafe
etag
18349783599053866072
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 Nov 2021 06:10:22 GMT
l
www.google.com/ads/measurement/ Frame 73AE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR0Fwqq1erktPm5nB-aA_Nz3XLg5L9sW8agSjlunVM5CYbLjM0zBFqCCC80-8sRqoGsGrdM98D4jblyaUP-DuRUJRPreg
Requested by
Host: f13d6db1c689e54b2934b3feb880359c.safeframe.googlesyndication.com
URL: https://f13d6db1c689e54b2934b3feb880359c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f13d6db1c689e54b2934b3feb880359c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame C7D1 		640 B
359 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMj-qgIQgJyQvwIYuqm0twEwAQ&v=APEucNVwzDhzfwpuA5EFEAEzLfKaWICeVxVKssNtL5jCu95nIRDIMg5s-I3C8DQ2WD3neSF88bAma-jbqomSAIVyr6NEH7eII79XvamfN0UvXdwp0yXZ6728qR8dASe59BSwdmk3bDMd8W_xNQKsXUrJ2zVRtzqoE9H26tvPIQdNYGvfjvJVW0c
Requested by
Host: 53ab8df00057ea206686f649674cc05e.safeframe.googlesyndication.com
URL: https://53ab8df00057ea206686f649674cc05e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CMj-qgIQgJyQvwIYuqm0twEwAQ&v=APEucNVwzDhzfwpuA5EFEAEzLfKaWICeVxVKssNtL5jCu95nIRDIMg5s-I3C8DQ2WD3neSF88bAma-jbqomSAIVyr6NEH7eII79XvamfN0UvXdwp0yXZ6728qR8dASe59BSwdmk3bDMd8W_xNQKsXUrJ2zVRtzqoE9H26tvPIQdNYGvfjvJVW0c
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://53ab8df00057ea206686f649674cc05e.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUmDoamMcuKkNE3MfS1rwJzFe2mOmjXAMfAGQ2f5RvdzEQvAh4sPdZAiKbHhgz0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://53ab8df00057ea206686f649674cc05e.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 18 Oct 2021 07:03:17 GMT
server
cafe
cache-control
private
content-length
295
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
abg_lite_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20211013/r20110914/ Frame D409 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211013/r20110914/abg_lite_fy2019.js
Requested by
Host: obankofamerica.com
URL: https://obankofamerica.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
b2ec3db0c3ffe01385ebd2fa36b83708e505fada5609f9859a8e04a9cbdcaefd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://53ab8df00057ea206686f649674cc05e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 07:00:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
154
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7691
x-xss-protection
0
server
cafe
etag
14402072889669646931
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 Nov 2021 07:00:43 GMT
omrhp_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20211013/r20110914/elements/html/ Frame D409 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211013/r20110914/elements/html/omrhp_fy2019.js
Requested by
Host: obankofamerica.com
URL: https://obankofamerica.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
fb9268e99659f17a183de7aa0d4e27453f96c159a7ba99d6482522f8f72d1009
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://53ab8df00057ea206686f649674cc05e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 06:55:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
487
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2631
x-xss-protection
0
server
cafe
etag
10983085961369067521
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 Nov 2021 06:55:10 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame D409 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss4kH7iz4Fdc8hq2ACVEtODsQ7UURikECMUwYSC-qz0Va2XSIg7OjKRPJRTNfVN6SmpagQdfYp9U1kkv9wreCizF76eL6_8KQNO1jrVOYyzmpDHEBNvpR-jf3VVtCjU9yP783BZuF9sPothEvDq-tuVFMBJt2rqHR22QBwREYe3Ol7hJ65w5CnQGoRxDjWVH4XjFx9Y3I5DkdXnWAos2FWkPYVJlCAFtHQCtMLQcRGqQhFm3TBn5qHZcuK4TDnH8i2-9S-c-g2E8AYI8KAhXC1XhqcXGoXC23HQnRYsimNcdJ4W2W2EZWz5uLgUeE02QzmXk_ShN93rASlgor4xD1KkP2arzK7UNq6b55B-06bfYI5yhDZ1vCxAPqakoR7VNbOqTppsVGWCvc94WHfJ5DcaL0ucG6uaT9RkBWMtMdzXsQze00nxIwb0h7NJ-wOc3hKJXa50Ep9SVNfvwr-8eLfb_8Cg7Jcon5CJ2rYQYGEwqKGkqJbFZ21WVlerw94QKIhSKLLd6HqyuKBO_Pc3HGQQGoqy6nfGiD5Ofq30LVUESMHn8yYPUa8UR4LBFmPqe61Q2KNYVwIiP3ads3JyxHOIa9QtFtT5QhArJq2r1T4MVrgi6v_stazrQrrv7JHg9SULW469DqEWXi_tXTsl7VduQ_5phrA9F3FTtDcccj4Ed1Y3RhsmwZFwy9FSknkkWLHAZmGGbzNGJYfJ1jOdHJwzTSG918D7NMmgtFGsR-TNfIwOPJHGRRjEfx5pCVghQb5fdqHwe0XMqTlcr_ltZqBzACxkHXh-kx579Z9zC4fxKO1YvXFR_BSN1P6p6hloiYsatu4VQxWkajjeXfhlKPOAiGkQdm8ObWQRyfiraa4YeZwb8uNUQ_6GXfLyvofUV0EpnwgSJEdwODjN2fn3g-xZ_DuKVTgR1w1q0WNwT1w55_aluJg6Wxs_0seHgEdKfGccYgkhZ5uMmYPfcMaQi0i6LUY_g07SGo2PVqMjfrhq07R9wALd-MEd0F_5x2VClyWpBVmmz5WviUgZ5V-X2nKp2zX2RaUcSC5lSgXOi942Vyil1j-MMsWCpHHAIO6MCrk6fL5iu81d_Ww_yvgn2mBd-jpo01VT09POU6HtsBVHQnmORQ0Qd_m8HvSwSB5XQhhbBnOQSLxGUVim3IegZSTCgy2oym1WGA&sai=AMfl-YSpZbOOZPDn1lS0FeJcY8l7iU3CxVDTkAVEylg1tRQludzVio4GHlSLAkme61ri8Xtr4gHFx3JPQGRO9DIReCdXAmeQSWFJK29u5YLHSd80FgxA7J3GawA2GkgiaSftLiDbYlbBWlXYcY3hZm7IEvubt-95XgtWs9qJA_2R4te5GxR6p1gVCwVxEWfB4UtTbo4fa-BOzVjpHWrWhFu5A1U1QQ&sig=Cg0ArKJSzLHnMqeSVP2KEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20211013.79064&adurl=
Requested by
Host: obankofamerica.com
URL: https://obankofamerica.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://53ab8df00057ea206686f649674cc05e.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Mon, 18 Oct 2021 07:03:17 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame D409 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: obankofamerica.com
URL: https://obankofamerica.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://53ab8df00057ea206686f649674cc05e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 21:12:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35436
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Mon, 17 Oct 2022 21:12:41 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D409 		42 B
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DN_ITrfp7tn5I-SSnzXXtLsv82NAYi6nvBvqv-eO4_BmTFWQOgw9w5e8PB2uq2H2Q0K5cCQ4Pekc8Enmr1nvkEKidB-fGYiyKT1eO6XHEh3Eul34Y
Requested by
Host: 53ab8df00057ea206686f649674cc05e.safeframe.googlesyndication.com
URL: https://53ab8df00057ea206686f649674cc05e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://53ab8df00057ea206686f649674cc05e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 07:03:17 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/ Frame D409 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/window_focus_fy2019.js
Requested by
Host: 53ab8df00057ea206686f649674cc05e.safeframe.googlesyndication.com
URL: https://53ab8df00057ea206686f649674cc05e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://53ab8df00057ea206686f649674cc05e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 06:52:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
632
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1426
x-xss-protection
0
server
cafe
etag
18061233391346882222
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 Nov 2021 06:52:45 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D409 		0
0
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/ Frame D409 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211013/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 53ab8df00057ea206686f649674cc05e.safeframe.googlesyndication.com
URL: https://53ab8df00057ea206686f649674cc05e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://53ab8df00057ea206686f649674cc05e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 06:10:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3175
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6281
x-xss-protection
0
server
cafe
etag
18349783599053866072
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 Nov 2021 06:10:22 GMT
3371033711090676462
s0.2mdn.net/simgad/ Frame D409 		348 KB
349 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/3371033711090676462
Requested by
Host: 53ab8df00057ea206686f649674cc05e.safeframe.googlesyndication.com
URL: https://53ab8df00057ea206686f649674cc05e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d54a37d8c9dbe2e7db0d87c588c9b3e23735cf1cb0eb9275f7b1c3579980241d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://53ab8df00057ea206686f649674cc05e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 12 Oct 2021 14:51:35 GMT
x-content-type-options
nosniff
age
490302
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
356642
x-xss-protection
0
last-modified
Tue, 12 Oct 2021 08:59:26 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 12 Oct 2022 14:51:35 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 2E22 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021101301.js?31063159
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 07:03:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Mon, 18 Oct 2021 07:03:17 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 4E9E 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Sun, 17 Oct 2021 21:12:41 GMT
expires
Mon, 17 Oct 2022 21:12:41 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
35436
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 7E1C 		783 B
763 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
620832384db769005621cf062865aa207cddac3e6b8989de4fd6b6906e4a7e21
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-qnVoqymdfXM6+lEA0ENowA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 18 Oct 2021 07:03:17 GMT
date
Mon, 18 Oct 2021 07:03:17 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-qnVoqymdfXM6+lEA0ENowA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sd
us-u.openx.net/w/1.0/ Frame B1E4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENK2Rt4JHiXBiCcRJ-vrS1g&google_cver=1
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESENK2Rt4JHiXBiCcRJ-vrS1g&google_cver=1
43 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESENK2Rt4JHiXBiCcRJ-vrS1g&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjt3eioATAB&v=APEucNVc8gDB5ZypNcsASzfEKZE84lJa81tH2Y8vgegloktLlCce4GCdUL4joBDGC9ygif2ZZynoqZN4Ut0gKLV6WDJus-jKfJW39h0xeF--mx244cZdzYPZPmFuUFRSM-xKt5jEaHSX8K89ma7BuAIkVbhEowd5qvsvRy6KRcNPkE8V8SXofxs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 -, , ASN (),
Reverse DNS
Software
OXGW/16.217.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 07:03:17 GMT
via
1.1 google
server
OXGW/16.217.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESENK2Rt4JHiXBiCcRJ-vrS1g&google_cver=1
date
Mon, 18 Oct 2021 07:03:17 GMT
via
1.1 google
server
OXGW/16.217.0
alt-svc
clear
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
pixel
cm.g.doubleclick.net/ Frame B1E4
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzJkZGIzMjUtZGNmZC0yOWNmLWNkYmUtNjAyYjIwMzFjYjY2
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzJkZGIzMjUtZGNmZC0yOWNmLWNkYmUtNjAyYjIwMzFjYjY2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjt3eioATAB&v=APEucNVc8gDB5ZypNcsASzfEKZE84lJa81tH2Y8vgegloktLlCce4GCdUL4joBDGC9ygif2ZZynoqZN4Ut0gKLV6WDJus-jKfJW39h0xeF--mx244cZdzYPZPmFuUFRSM-xKt5jEaHSX8K89ma7BuAIkVbhEowd5qvsvRy6KRcNPkE8V8SXofxs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 07:03:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 18 Oct 2021 07:03:17 GMT
content-encoding
gzip
server
OXGW/16.217.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzJkZGIzMjUtZGNmZC0yOWNmLWNkYmUtNjAyYjIwMzFjYjY2
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
um
sync.teads.tv/ Frame B1E4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEFTAE9A6KXURwVV653el4mY&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEFTAE9A6KXURwVV653el4mY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjt3eioATAB&v=APEucNVc8gDB5ZypNcsASzfEKZE84lJa81tH2Y8vgegloktLlCce4GCdUL4joBDGC9ygif2ZZynoqZN4Ut0gKLV6WDJus-jKfJW39h0xeF--mx244cZdzYPZPmFuUFRSM-xKt5jEaHSX8K89ma7BuAIkVbhEowd5qvsvRy6KRcNPkE8V8SXofxs
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 -, , ASN (),
Reverse DNS
Software
akka-http/10.2.6 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 07:03:17 GMT
cache-control
max-age=0, no-cache, no-store
expires
Mon, 18 Oct 2021 07:03:17 GMT
server
akka-http/10.2.6
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 18 Oct 2021 07:03:17 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEFTAE9A6KXURwVV653el4mY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame B1E4 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjt3eioATAB&v=APEucNVc8gDB5ZypNcsASzfEKZE84lJa81tH2Y8vgegloktLlCce4GCdUL4joBDGC9ygif2ZZynoqZN4Ut0gKLV6WDJus-jKfJW39h0xeF--mx244cZdzYPZPmFuUFRSM-xKt5jEaHSX8K89ma7BuAIkVbhEowd5qvsvRy6KRcNPkE8V8SXofxs
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 -, , ASN (),
Reverse DNS
Software
akka-http/10.2.6 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 07:03:17 GMT
cache-control
max-age=0, no-cache, no-store
expires
Mon, 18 Oct 2021 07:03:17 GMT
server
akka-http/10.2.6
content-length
23
content-type
image/gif
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame B657 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://53ab8df00057ea206686f649674cc05e.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://53ab8df00057ea206686f649674cc05e.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Sun, 17 Oct 2021 21:12:41 GMT
expires
Mon, 17 Oct 2022 21:12:41 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
35436
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 2E3C 		1 KB
756 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 53ab8df00057ea206686f649674cc05e.safeframe.googlesyndication.com
URL: https://53ab8df00057ea206686f649674cc05e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://53ab8df00057ea206686f649674cc05e.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://53ab8df00057ea206686f649674cc05e.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sun, 17 Oct 2021 21:06:15 GMT
expires
Mon, 18 Oct 2021 21:06:15 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
35822
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
html_inpage_rendering_lib_200_273.js
s0.2mdn.net/879366/ Frame 73AE 		169 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_273.js
Requested by
Host: obankofamerica.com
URL: https://obankofamerica.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2cff7ab03cb4e476b49ea05511c6cfcc71af6d5ed20d40e9b40ee31062149e77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f13d6db1c689e54b2934b3feb880359c.safeframe.googlesyndication.com/
Origin
https://f13d6db1c689e54b2934b3feb880359c.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 07:15:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85696
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
59842
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 20:54:49 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 18 Oct 2021 07:15:01 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20211013/r20110914/elements/html/ Frame 73AE 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211013/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BxWnyfm436xuOQWP_wPc-ov9qoXVIcK93EGXuzl1STw0w2pmNbMu7jnGAruq4jzUYxC_UJ0XEpEtEryll4g5QQXUICsZo5mBBlgoz4ZOV82ds7sJHH3V8XAQTVWUvW7D8EXT3S9OtoE6rs4jCDPGz91zCnTw&dbm_d=AKAmf-DOkN6XyYOc4P9CBGPx9agXgPvwi1RVrtUZW4u0VRJ0JUaP9efIivmR1xClt5VVtXIiwSfk8MjnGFNPQ8qzSykB4VFA6uPGFCQq8qbV_9QzazMTdpg5cpMoY77MHMYeaqKt30LwdLQcnsBeQN8NsjUtfSIygt9UaHY8VsMK7gubhoj0mLyPVE0mUWZl28SOXlLTk3llwYvMeLmzzaQgTrASA7sbedsUPqFdtBbM6cbI1E8naOIqBpvqb-lMM6CDyIwMOIoQVFufXt-5O86qhJ_EtexR7wAamlY5canujOKK86-g70QcajC4ajDLaeA2eX0PxOJ_FqGBDsoTVPm1RJhs7Z4RXwH_IcP-6MTNSNyIpfWdfrwYRBLZ2rHjloEl8NX3_Uemhvqw8AtsUN2_slxcRZNYuIGnVZnq6rr3t-jLrSMy4w3K638MOLPpVbLutmEgCP4_3OV7v1rdfX41PFu1I9GKu-5dyKcbybFi044UdRQZ56GxBfwtu_sGsJ_HGbsJuLONhMisUHQP6Z8cwxtDQ5jBBgTxDAivmRVWrfki3dfQDkqqlD24kMalTTad-GiKZlZ2_mc0xQGCoPVTTfWGjTeTVbG4PFgJo0uPX8dAtWu8d3ugJxPRXO8i0iNDJmuK4J9t1aA-lSrPj3C3IhA49ijzWhJbmN34Xe8sgY9WqQxEk0BZAslb5IQy91iTe_QfatWT3kpLizO6vsbzi1pvvWrpuJ1RXq4BzMucNyLw5y5v7JY8ViZdcsr5UNznGngWvvwuyzQGUPgdMBsvPUzyN4BVr_ZTR-aLoDpwBSH7KdRoZtgjht_Uhm7f8X_lUGmPUJCA2qQfB8ir44ARWSCdyGdeEXIwDs2jamOviiNoiklyJLg8X429XZpdTJ3mbk9h7Rwgf0F9mUL2ZeTs-EvCIVjM-jhuL8VoXfhcG7jC6ixt0I8jxu6jyeMVU8YdMP0QIW1L5sm4kIeYOdWEcCHQM9BwPDag1o2xBSZHhatedAdtCWxw6wMOXkVjAcmhNtEJL9hgyEdmabwAyF2lcUZj6GBJ2vGy6r9av8XAN4j4fJDZSajprEXIEgyRKJnmJMwh-1A8XOI0Qrxor5sZhfLYqx4bu4LUYTUp3rN_TT0HGOPCoPYtgOF6IFf6ZQXk1Uukh0gvjTfXRZhlIZvOIanNnO7iBXg8PdsF7yVsUrJdClVV6RXeVkkHsEPYVftdjqawQS8KsUsmh6gzYucWS_1M5gJnJxKRVw-xGUuYnOdQ4Nm_sPcx-vF_PIjvpFC9EciAZLqFIlQPzmq6IJbBA6eZQ0SOs11okaxu8JMmFAKanlsbz9L8fBul-7rRz6UlnEjxRi1sub-P5x4l2nh3dSeWRro2ddhx-R1jz2O_ocaRN-1cd3L5JlsM1elokvveAJqUCJeu1Ny7tVN3ddhbY_2TSpw9VZwGOzVJsSAnIfpvM0aqTCkdFIGC4MuQAQGJWjvxA92Ngp9b8NdwPacr6VPplCI0qSAqC1O5PPoVxpeJceaINjnWcFkGUN5Y2Voudy4eps-Ob_6FwrtS9qTatyW_xBiikXRzbuAbreaPU4HfIVvct3VPbBjIAhw0yMZb5g_BYngRHhdkxZvtdCp-M8fcR94mNXaF3ZLRYsftf5xzRXH1jNOz_wMHGqtvQVSQQreRPf8_1cPJObd5gniyhTePhfeDV1jIGRElFSQ7A5pqR4wZBldgK8Jq-OzwBmB3QXZY4UYnustR-dnpNo0cWFLj3ys-0Li-XnWkb0bTWxvJ95qJ1eWGndGRF0oNdUFqHNUPVMuXq2opUH7jmTCE0eM6RxxeazFShfxmbeIzO0QbO4_igQw_DbG8cWadKi6T8Go5Q8tF_0cZGysVvLoULwQ5MAg6y24wAJDmyVMT3iM7MIsKIQKhlMwZI3vmWa_bDW0Rkab2Lcvp7DghyXVzVAJWmOTgzBrrdfO3WRcM5J_qB6FegYIof-hJhWHad6yBBCf-LweeZewgmeKxXke7qLG_qzoneEBdwwCD9TrMjqKh06PnLetCNn3U6oDu1Jyo9jWup7XIlD9UqKEZ4B8rtWsuq6SRr_WER0F1Y24FVg8M0jeaZkOs3Jft__Pb3ACMRd8RL0CBnQH2eH_RBcVN5ISAImyQCoKt3-MfGyB1KuNbG3VImd7uZFJTrTDdIV-EcGu0htKNGTvRdMZ473H-m0UdZIzaTJSltx0vGPC3CbQ6sKhhvJoiIBcZ6blUbw-Honcx9YEYwv95sy1c6JzhCMUmXEmOj5IFaX737tGhjGIq3pFOzMz3pKvnyZmd6O9vHd3eCCT4edetw9DPP4cd0oS0xfTHqvBY8VbW4X3JrsyTqT21yvoiW3Cdw4zTbkYl9FMshpIh9dTre6U0nnOQtta6q-c8-obLycqVf5d6XjF5rerMM3YRk0AajknouSZ8ZrgPb_c9MDG8RfeW3vyEv2h9ylkxhY19OSC-VRIAp4dN8a2QLXjN1bjXgznakaf0UoIbZHpxipNu7yUzdJeE7wSqsSdsb3gIqZ6ICMIFhbdp0U9oz1l1yYmsa9F0mYOpoIwUXR2grRT_FqqKeNw-eJjK36jiHJ8LRU6c8xZFeZGyWQLOqFvX2EIdSGPsz05Ep_n60hfwNrxjd6FfJefq60FIcQWO7GSnsZuPPL4-lrubgjN6KplJOyd3xt0c7g5oE3BPy3kZs7ilflN-iEF1XlFuazzoGRyPhcpuwrRsifJ1nl0HBPxg85Ho-4LGj6fUx4HN8Sn_P9z28SOG9tPf2SSI4XOd3q1IONjvgpZj6WpGOAKCkBs25IctCfmRoRYkhWM_I72KxVcZZwjUxi0Stz2dvxGzq1uS8EQ3ACtfnK5tIpKfjIIrIT-40xlNmrCdGqXwM3NwQLIXt3nWZEWNtgEnj45RFmubIwZpz7gU1yQHrKq1ErU0TWoqZBy0PoViPLeWJ-tc&cid=CAASEuRojtXEnWzzSBqYBYQXhta5Vg&rfl=2%2Chttps%253A%252F%252Fobankofamerica.com%242%2Chttps%253A%252F%252Fd652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
67cf5c21bfc71ee46210832792237e4a6ccd99e5c7bc198b046a38c9167fd0ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f13d6db1c689e54b2934b3feb880359c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 06:52:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
652
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3128
x-xss-protection
0
server
cafe
etag
3658073882064373855
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 Nov 2021 06:52:25 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20211013/r20110914/ Frame 73AE 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211013/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BxWnyfm436xuOQWP_wPc-ov9qoXVIcK93EGXuzl1STw0w2pmNbMu7jnGAruq4jzUYxC_UJ0XEpEtEryll4g5QQXUICsZo5mBBlgoz4ZOV82ds7sJHH3V8XAQTVWUvW7D8EXT3S9OtoE6rs4jCDPGz91zCnTw&dbm_d=AKAmf-DOkN6XyYOc4P9CBGPx9agXgPvwi1RVrtUZW4u0VRJ0JUaP9efIivmR1xClt5VVtXIiwSfk8MjnGFNPQ8qzSykB4VFA6uPGFCQq8qbV_9QzazMTdpg5cpMoY77MHMYeaqKt30LwdLQcnsBeQN8NsjUtfSIygt9UaHY8VsMK7gubhoj0mLyPVE0mUWZl28SOXlLTk3llwYvMeLmzzaQgTrASA7sbedsUPqFdtBbM6cbI1E8naOIqBpvqb-lMM6CDyIwMOIoQVFufXt-5O86qhJ_EtexR7wAamlY5canujOKK86-g70QcajC4ajDLaeA2eX0PxOJ_FqGBDsoTVPm1RJhs7Z4RXwH_IcP-6MTNSNyIpfWdfrwYRBLZ2rHjloEl8NX3_Uemhvqw8AtsUN2_slxcRZNYuIGnVZnq6rr3t-jLrSMy4w3K638MOLPpVbLutmEgCP4_3OV7v1rdfX41PFu1I9GKu-5dyKcbybFi044UdRQZ56GxBfwtu_sGsJ_HGbsJuLONhMisUHQP6Z8cwxtDQ5jBBgTxDAivmRVWrfki3dfQDkqqlD24kMalTTad-GiKZlZ2_mc0xQGCoPVTTfWGjTeTVbG4PFgJo0uPX8dAtWu8d3ugJxPRXO8i0iNDJmuK4J9t1aA-lSrPj3C3IhA49ijzWhJbmN34Xe8sgY9WqQxEk0BZAslb5IQy91iTe_QfatWT3kpLizO6vsbzi1pvvWrpuJ1RXq4BzMucNyLw5y5v7JY8ViZdcsr5UNznGngWvvwuyzQGUPgdMBsvPUzyN4BVr_ZTR-aLoDpwBSH7KdRoZtgjht_Uhm7f8X_lUGmPUJCA2qQfB8ir44ARWSCdyGdeEXIwDs2jamOviiNoiklyJLg8X429XZpdTJ3mbk9h7Rwgf0F9mUL2ZeTs-EvCIVjM-jhuL8VoXfhcG7jC6ixt0I8jxu6jyeMVU8YdMP0QIW1L5sm4kIeYOdWEcCHQM9BwPDag1o2xBSZHhatedAdtCWxw6wMOXkVjAcmhNtEJL9hgyEdmabwAyF2lcUZj6GBJ2vGy6r9av8XAN4j4fJDZSajprEXIEgyRKJnmJMwh-1A8XOI0Qrxor5sZhfLYqx4bu4LUYTUp3rN_TT0HGOPCoPYtgOF6IFf6ZQXk1Uukh0gvjTfXRZhlIZvOIanNnO7iBXg8PdsF7yVsUrJdClVV6RXeVkkHsEPYVftdjqawQS8KsUsmh6gzYucWS_1M5gJnJxKRVw-xGUuYnOdQ4Nm_sPcx-vF_PIjvpFC9EciAZLqFIlQPzmq6IJbBA6eZQ0SOs11okaxu8JMmFAKanlsbz9L8fBul-7rRz6UlnEjxRi1sub-P5x4l2nh3dSeWRro2ddhx-R1jz2O_ocaRN-1cd3L5JlsM1elokvveAJqUCJeu1Ny7tVN3ddhbY_2TSpw9VZwGOzVJsSAnIfpvM0aqTCkdFIGC4MuQAQGJWjvxA92Ngp9b8NdwPacr6VPplCI0qSAqC1O5PPoVxpeJceaINjnWcFkGUN5Y2Voudy4eps-Ob_6FwrtS9qTatyW_xBiikXRzbuAbreaPU4HfIVvct3VPbBjIAhw0yMZb5g_BYngRHhdkxZvtdCp-M8fcR94mNXaF3ZLRYsftf5xzRXH1jNOz_wMHGqtvQVSQQreRPf8_1cPJObd5gniyhTePhfeDV1jIGRElFSQ7A5pqR4wZBldgK8Jq-OzwBmB3QXZY4UYnustR-dnpNo0cWFLj3ys-0Li-XnWkb0bTWxvJ95qJ1eWGndGRF0oNdUFqHNUPVMuXq2opUH7jmTCE0eM6RxxeazFShfxmbeIzO0QbO4_igQw_DbG8cWadKi6T8Go5Q8tF_0cZGysVvLoULwQ5MAg6y24wAJDmyVMT3iM7MIsKIQKhlMwZI3vmWa_bDW0Rkab2Lcvp7DghyXVzVAJWmOTgzBrrdfO3WRcM5J_qB6FegYIof-hJhWHad6yBBCf-LweeZewgmeKxXke7qLG_qzoneEBdwwCD9TrMjqKh06PnLetCNn3U6oDu1Jyo9jWup7XIlD9UqKEZ4B8rtWsuq6SRr_WER0F1Y24FVg8M0jeaZkOs3Jft__Pb3ACMRd8RL0CBnQH2eH_RBcVN5ISAImyQCoKt3-MfGyB1KuNbG3VImd7uZFJTrTDdIV-EcGu0htKNGTvRdMZ473H-m0UdZIzaTJSltx0vGPC3CbQ6sKhhvJoiIBcZ6blUbw-Honcx9YEYwv95sy1c6JzhCMUmXEmOj5IFaX737tGhjGIq3pFOzMz3pKvnyZmd6O9vHd3eCCT4edetw9DPP4cd0oS0xfTHqvBY8VbW4X3JrsyTqT21yvoiW3Cdw4zTbkYl9FMshpIh9dTre6U0nnOQtta6q-c8-obLycqVf5d6XjF5rerMM3YRk0AajknouSZ8ZrgPb_c9MDG8RfeW3vyEv2h9ylkxhY19OSC-VRIAp4dN8a2QLXjN1bjXgznakaf0UoIbZHpxipNu7yUzdJeE7wSqsSdsb3gIqZ6ICMIFhbdp0U9oz1l1yYmsa9F0mYOpoIwUXR2grRT_FqqKeNw-eJjK36jiHJ8LRU6c8xZFeZGyWQLOqFvX2EIdSGPsz05Ep_n60hfwNrxjd6FfJefq60FIcQWO7GSnsZuPPL4-lrubgjN6KplJOyd3xt0c7g5oE3BPy3kZs7ilflN-iEF1XlFuazzoGRyPhcpuwrRsifJ1nl0HBPxg85Ho-4LGj6fUx4HN8Sn_P9z28SOG9tPf2SSI4XOd3q1IONjvgpZj6WpGOAKCkBs25IctCfmRoRYkhWM_I72KxVcZZwjUxi0Stz2dvxGzq1uS8EQ3ACtfnK5tIpKfjIIrIT-40xlNmrCdGqXwM3NwQLIXt3nWZEWNtgEnj45RFmubIwZpz7gU1yQHrKq1ErU0TWoqZBy0PoViPLeWJ-tc&cid=CAASEuRojtXEnWzzSBqYBYQXhta5Vg&rfl=2%2Chttps%253A%252F%252Fobankofamerica.com%242%2Chttps%253A%252F%252Fd652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
599ad71fae7cb8d014f7c2d29b8450bc7c34f8e32d49fa103716becef8ae9964
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f13d6db1c689e54b2934b3feb880359c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 07:02:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9283
x-xss-protection
0
server
cafe
etag
1044373809082006429
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 Nov 2021 07:02:31 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame E9E5 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Sun, 17 Oct 2021 21:12:41 GMT
expires
Mon, 17 Oct 2022 21:12:41 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
35436
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 122D 		783 B
738 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ac9745f4653cfac1fb1a014a705223094282296614fa651a1d901da02a0b0846
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-g1GGz22CmdXQAZeAS8wepQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 18 Oct 2021 07:03:17 GMT
date
Mon, 18 Oct 2021 07:03:17 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-g1GGz22CmdXQAZeAS8wepQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sd
us-u.openx.net/w/1.0/ Frame C7D1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENK2Rt4JHiXBiCcRJ-vrS1g&google_cver=1
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESENK2Rt4JHiXBiCcRJ-vrS1g&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESENK2Rt4JHiXBiCcRJ-vrS1g&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMj-qgIQgJyQvwIYuqm0twEwAQ&v=APEucNVwzDhzfwpuA5EFEAEzLfKaWICeVxVKssNtL5jCu95nIRDIMg5s-I3C8DQ2WD3neSF88bAma-jbqomSAIVyr6NEH7eII79XvamfN0UvXdwp0yXZ6728qR8dASe59BSwdmk3bDMd8W_xNQKsXUrJ2zVRtzqoE9H26tvPIQdNYGvfjvJVW0c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 -, , ASN (),
Reverse DNS
Software
OXGW/16.217.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 07:03:17 GMT
via
1.1 google
server
OXGW/16.217.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESENK2Rt4JHiXBiCcRJ-vrS1g&google_cver=1
date
Mon, 18 Oct 2021 07:03:17 GMT
via
1.1 google
server
OXGW/16.217.0
alt-svc
clear
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
pixel
cm.g.doubleclick.net/ Frame C7D1
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzJkZGIzMjUtZGNmZC0yOWNmLWNkYmUtNjAyYjIwMzFjYjY2
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzJkZGIzMjUtZGNmZC0yOWNmLWNkYmUtNjAyYjIwMzFjYjY2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMj-qgIQgJyQvwIYuqm0twEwAQ&v=APEucNVwzDhzfwpuA5EFEAEzLfKaWICeVxVKssNtL5jCu95nIRDIMg5s-I3C8DQ2WD3neSF88bAma-jbqomSAIVyr6NEH7eII79XvamfN0UvXdwp0yXZ6728qR8dASe59BSwdmk3bDMd8W_xNQKsXUrJ2zVRtzqoE9H26tvPIQdNYGvfjvJVW0c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 07:03:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 18 Oct 2021 07:03:17 GMT
content-encoding
gzip
server
OXGW/16.217.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzJkZGIzMjUtZGNmZC0yOWNmLWNkYmUtNjAyYjIwMzFjYjY2
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
um
sync.teads.tv/ Frame C7D1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEFTAE9A6KXURwVV653el4mY&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEFTAE9A6KXURwVV653el4mY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMj-qgIQgJyQvwIYuqm0twEwAQ&v=APEucNVwzDhzfwpuA5EFEAEzLfKaWICeVxVKssNtL5jCu95nIRDIMg5s-I3C8DQ2WD3neSF88bAma-jbqomSAIVyr6NEH7eII79XvamfN0UvXdwp0yXZ6728qR8dASe59BSwdmk3bDMd8W_xNQKsXUrJ2zVRtzqoE9H26tvPIQdNYGvfjvJVW0c
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 -, , ASN (),
Reverse DNS
Software
akka-http/10.2.6 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 07:03:17 GMT
cache-control
max-age=0, no-cache, no-store
expires
Mon, 18 Oct 2021 07:03:17 GMT
server
akka-http/10.2.6
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 18 Oct 2021 07:03:17 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEFTAE9A6KXURwVV653el4mY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame C7D1 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMj-qgIQgJyQvwIYuqm0twEwAQ&v=APEucNVwzDhzfwpuA5EFEAEzLfKaWICeVxVKssNtL5jCu95nIRDIMg5s-I3C8DQ2WD3neSF88bAma-jbqomSAIVyr6NEH7eII79XvamfN0UvXdwp0yXZ6728qR8dASe59BSwdmk3bDMd8W_xNQKsXUrJ2zVRtzqoE9H26tvPIQdNYGvfjvJVW0c
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 -, , ASN (),
Reverse DNS
Software
akka-http/10.2.6 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 07:03:17 GMT
cache-control
max-age=0, no-cache, no-store
expires
Mon, 18 Oct 2021 07:03:17 GMT
server
akka-http/10.2.6
content-length
23
content-type
image/gif
view
googleads4.g.doubleclick.net/pcs/ Frame D409 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss4kH7iz4Fdc8hq2ACVEtODsQ7UURikECMUwYSC-qz0Va2XSIg7OjKRPJRTNfVN6SmpagQdfYp9U1kkv9wreCizF76eL6_8KQNO1jrVOYyzmpDHEBNvpR-jf3VVtCjU9yP783BZuF9sPothEvDq-tuVFMBJt2rqHR22QBwREYe3Ol7hJ65w5CnQGoRxDjWVH4XjFx9Y3I5DkdXnWAos2FWkPYVJlCAFtHQCtMLQcRGqQhFm3TBn5qHZcuK4TDnH8i2-9S-c-g2E8AYI8KAhXC1XhqcXGoXC23HQnRYsimNcdJ4W2W2EZWz5uLgUeE02QzmXk_ShN93rASlgor4xD1KkP2arzK7UNq6b55B-06bfYI5yhDZ1vCxAPqakoR7VNbOqTppsVGWCvc94WHfJ5DcaL0ucG6uaT9RkBWMtMdzXsQze00nxIwb0h7NJ-wOc3hKJXa50Ep9SVNfvwr-8eLfb_8Cg7Jcon5CJ2rYQYGEwqKGkqJbFZ21WVlerw94QKIhSKLLd6HqyuKBO_Pc3HGQQGoqy6nfGiD5Ofq30LVUESMHn8yYPUa8UR4LBFmPqe61Q2KNYVwIiP3ads3JyxHOIa9QtFtT5QhArJq2r1T4MVrgi6v_stazrQrrv7JHg9SULW469DqEWXi_tXTsl7VduQ_5phrA9F3FTtDcccj4Ed1Y3RhsmwZFwy9FSknkkWLHAZmGGbzNGJYfJ1jOdHJwzTSG918D7NMmgtFGsR-TNfIwOPJHGRRjEfx5pCVghQb5fdqHwe0XMqTlcr_ltZqBzACxkHXh-kx579Z9zC4fxKO1YvXFR_BSN1P6p6hloiYsatu4VQxWkajjeXfhlKPOAiGkQdm8ObWQRyfiraa4YeZwb8uNUQ_6GXfLyvofUV0EpnwgSJEdwODjN2fn3g-xZ_DuKVTgR1w1q0WNwT1w55_aluJg6Wxs_0seHgEdKfGccYgkhZ5uMmYPfcMaQi0i6LUY_g07SGo2PVqMjfrhq07R9wALd-MEd0F_5x2VClyWpBVmmz5WviUgZ5V-X2nKp2zX2RaUcSC5lSgXOi942Vyil1j-MMsWCpHHAIO6MCrk6fL5iu81d_Ww_yvgn2mBd-jpo01VT09POU6HtsBVHQnmORQ0Qd_m8HvSwSB5XQhhbBnOQSLxGUVim3IegZSTCgy2oym1WGA&sai=AMfl-YSpZbOOZPDn1lS0FeJcY8l7iU3CxVDTkAVEylg1tRQludzVio4GHlSLAkme61ri8Xtr4gHFx3JPQGRO9DIReCdXAmeQSWFJK29u5YLHSd80FgxA7J3GawA2GkgiaSftLiDbYlbBWlXYcY3hZm7IEvubt-95XgtWs9qJA_2R4te5GxR6p1gVCwVxEWfB4UtTbo4fa-BOzVjpHWrWhFu5A1U1QQ&sig=Cg0ArKJSzLHnMqeSVP2KEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=77&vt=11&dtpt=76&dett=2&cstd=0&cisv=r20211013.79064&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: obankofamerica.com
URL: https://obankofamerica.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://53ab8df00057ea206686f649674cc05e.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Mon, 18 Oct 2021 07:03:17 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
300x600.html
s0.2mdn.net/ads/richmedia/studio/pv2/61692970/20210607074802688/ Frame 3B99 		42 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61692970/20210607074802688/300x600.html?e=69&leftOffset=0&topOffset=0&c=NF79w6lVYu&t=1&renderingType=2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_273.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
45c432c16a068645114767942ab1d37d492d21e4407927dd39e380ed912c944f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/ads/richmedia/studio/pv2/61692970/20210607074802688/300x600.html?e=69&leftOffset=0&topOffset=0&c=NF79w6lVYu&t=1&renderingType=2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://f13d6db1c689e54b2934b3feb880359c.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://f13d6db1c689e54b2934b3feb880359c.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin
*
content-length
10103
date
Mon, 18 Oct 2021 07:03:17 GMT
expires
Tue, 19 Oct 2021 07:03:17 GMT
cache-control
public, max-age=86400
last-modified
Mon, 07 Jun 2021 14:48:02 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 73AE 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuS-rayUZMpQ72jxpOZZBhZ3AfIzF05JV6DNVJR4KwuP7LQSShJBh0DicDZIDO2HWfbogaPb-i5qjnIgFvf061m19lVuSm4iKfuEalGZUt29gJxeGYJHxoOV9f_xv3x5UjhJ5c0upoWAmgwgh2S3pWYcozpCzKm5JVsjQebbO2aT3B28-UgpvXC5r1KDfHZ43IoxYp0YV4sjQW03Y0CylmT4hePwntz21eKMaEVqjucypM58X0GupEHMNsa6pSoI1u34aPTASbZFRoZFr2qPlDBz0Vc1ClokxQWQs1CaoNVqg7OSDFhRbwbsQ09zG48ff0sMCwVJFGwLkPOF5jraeBg6F4vDNaE1duhGnuEBeWa_6rlS5NjNHjsjn9vKMDm5tGzi0pc5tChklycLrczbMRQNoFwT4TX3gpj23CVGlgngyYsQS6fJUIHgtLXfTg3z9Vb8F8-szWmYslVUXvJwPTd1M9cuJL0N5C_A_wb_WLmbe-uKgobKP8L2Q32CFWXh1wvgn_OAQcv3KQVf1_Q5nJiOvZuebY8QNmIrDTgtuFIl5DN-wmJJqoCcTO4BqUo8jGqhUtVDeejriBQ9mSqNnY-YBqCkcpa7jVtTNH7FxERlF7AZp-rDw0H3Ol1tngQMfwzhT28L6wm06PzY_OQXHh3JCNL88x8aFqbBYl1S8dfPmTdSHpYCNhaIixgnSPcVYtwvX3oH4M6tlV6psBK2UJeucReHWFRrXJFp3kzZicQf7qac4LRMinE8PMOSMiNyF3681l9vk7lQ3D-FrwouLFrf-27aZb-qN2VgnNF_Br0b40kNdMWXPG6Tv0XTy_1pR1wCgC8nfw-B9R1b3jA26JiLniFkVmMd6Rd-DlpLzrAZpZvaCEPavxjheCPc9JwBY19ZKuhavflnonUSkuhBhReaykCzgn0sDpb-UudEBdONMONmG6hN8kVY5xnHFRwYRRMASuv7Wse9sZQNXB2YliZW4XPQuaGQGwk6NXLEktY8w-MUM1WiCry24zcRaW7vXXeHH5o2g8b1RoHTKCf3hFl2gesxlQzkJnUtKbbUOjVgE3fqwxyvLgowdq0YRNY6-aHCwfIqvSgvAzVi-L3Mm0qdi4jxNkH9wyOkJbHFdMQGe4q_UC4sp0mAgOHoVGSW_QcK49px86ffcQztUdfYQeX9lynOS0E4xpgPuaNNFYPLI5sYZEMe419GJMTqZf-N-wVtICJhuCO_GkROWLwF7T9gdpcwlKHwFrcdnVm&sai=AMfl-YT7tzvWCB8hNnEGJ3CJHVLiuQPNJYJymC47icEYYxe615XOuqGiDGS3mReTwz0rtoyziadjBl-rBgYJ88JDkd8x-TMEzP-p8Cz7nK_sRAPCjd1btXKx9BekBMv8okLdMdCM-1kbKpT1fcP9WOLvpTCXmJkSEg&sig=Cg0ArKJSzHOSXLrNiA5xEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=79&cbvp=1&cstd=75&cisv=r20211013.93378&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: obankofamerica.com
URL: https://obankofamerica.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f13d6db1c689e54b2934b3feb880359c.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Mon, 18 Oct 2021 07:03:17 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 73AE 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: f13d6db1c689e54b2934b3feb880359c.safeframe.googlesyndication.com
URL: https://f13d6db1c689e54b2934b3feb880359c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://f13d6db1c689e54b2934b3feb880359c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 21:12:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35436
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Mon, 17 Oct 2022 21:12:41 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 74EA 		1 KB
756 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: f13d6db1c689e54b2934b3feb880359c.safeframe.googlesyndication.com
URL: https://f13d6db1c689e54b2934b3feb880359c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://f13d6db1c689e54b2934b3feb880359c.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://f13d6db1c689e54b2934b3feb880359c.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sun, 17 Oct 2021 21:06:15 GMT
expires
Mon, 18 Oct 2021 21:06:15 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
35822
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/pagead/ Frame 7E1C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021101301&jk=4100732491722048&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame 2E3C
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFf_WVbbvThPjsX4lJiboVY&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFf_WVbbvThPjsX4lJiboVY&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OGx3bUtZTG0xTUNtRzE1&google_gid=CAESEFf_WVbbvThPjsX4lJiboVY&google_cver=1&google_push=AYg5qPLT82lMeUYx2gYTdAeb1FTdLdLuzatM0wMuFjEw-31...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OGx3bUtZTG0xTUNtRzE1&google_gid=CAESEFf_WVbbvThPjsX4lJiboVY&google_cver=1&google_push=AYg5qPLT82lMeUYx2gYTdAeb1FTdLdLuzatM0wMuFjEw-31Wk1WKtctg0Fa9bhbSpmIN1Nk7vBZZWFbEjdcXFHpeY7Ax5U2RcauO
Requested by
Host: 53ab8df00057ea206686f649674cc05e.safeframe.googlesyndication.com
URL: https://53ab8df00057ea206686f649674cc05e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 07:03:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 18 Oct 2021 07:03:17 GMT
Server
PingMatch/v2.0.30-689-g30920c0#rel-ec2-master i-07db4e5334900ea3f@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OGx3bUtZTG0xTUNtRzE1&google_gid=CAESEFf_WVbbvThPjsX4lJiboVY&google_cver=1&google_push=AYg5qPLT82lMeUYx2gYTdAeb1FTdLdLuzatM0wMuFjEw-31Wk1WKtctg0Fa9bhbSpmIN1Nk7vBZZWFbEjdcXFHpeY7Ax5U2RcauO
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2E3C
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEEAjpRDmTeSqK0Nh0PQ_0AM&google_cver=1&google_push=AYg5qPIAgDQitXky3F_gEI2ySCUk-DqneDFWyW2CcLAuewDplw2KnlIR-rWjKkyQZplWSugPFXEG-nH48HDwVhJr2q1K6Jcq1Yzp
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=19F7C0FEC7BD4137A766311269102BBF&google_push=AYg5qPIAgDQitXky3F_gEI2ySCUk-DqneDFWyW2CcLAuewDplw2KnlIR-rWjKkyQZplWSugPFXEG-nH48HDwVhJ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=19F7C0FEC7BD4137A766311269102BBF&google_push=AYg5qPIAgDQitXky3F_gEI2ySCUk-DqneDFWyW2CcLAuewDplw2KnlIR-rWjKkyQZplWSugPFXEG-nH48HDwVhJr2q1K6Jcq1Yzp
Requested by
Host: 53ab8df00057ea206686f649674cc05e.safeframe.googlesyndication.com
URL: https://53ab8df00057ea206686f649674cc05e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 07:03:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 18 Oct 2021 07:03:17 GMT
x-content-type-options
nosniff
server
openresty
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=19F7C0FEC7BD4137A766311269102BBF&google_push=AYg5qPIAgDQitXky3F_gEI2ySCUk-DqneDFWyW2CcLAuewDplw2KnlIR-rWjKkyQZplWSugPFXEG-nH48HDwVhJr2q1K6Jcq1Yzp
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 17 Oct 2021 07:03:17 GMT
pixel
cm.g.doubleclick.net/ Frame 2E3C
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEN92wggEFnZ6oGpERvg1Kbo&google_cver=1&google_push=AYg5qPIL7vUklm3lvTIETI_Thdb9SdgwIynz-7fAVJIOY3JDBt4frqiMHhkLxNx_3r4XEGsZi8jkne6-...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTEzNTY2ODM1NzY2MzYyNTM4&google_push=AYg5qPIL7vUklm3lvTIETI_Thdb9SdgwIynz-7fAVJIOY3JDBt4frqiMHhkLxNx_3r4XEGsZi8jkne6-...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTEzNTY2ODM1NzY2MzYyNTM4&google_push=AYg5qPIL7vUklm3lvTIETI_Thdb9SdgwIynz-7fAVJIOY3JDBt4frqiMHhkLxNx_3r4XEGsZi8jkne6-Lm3BJrkHK-USy_vtey6d
Requested by
Host: 53ab8df00057ea206686f649674cc05e.safeframe.googlesyndication.com
URL: https://53ab8df00057ea206686f649674cc05e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 07:03:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 18 Oct 2021 07:03:17 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTEzNTY2ODM1NzY2MzYyNTM4&google_push=AYg5qPIL7vUklm3lvTIETI_Thdb9SdgwIynz-7fAVJIOY3JDBt4frqiMHhkLxNx_3r4XEGsZi8jkne6-Lm3BJrkHK-USy_vtey6d
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 2E3C
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=eQtRUQAYQ3iy4RhCsTK6cA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=eQtRUQAYQ3iy4RhCsTK6cA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPL87QxMMK_doJHdJcMa3efW7o4fYkT7bPuiVLxFt2Oh5Qb3tU82P2G5ajG4LNB0VTOuWoJWyywvE83ob0a5dK9zx1S5HkBS
Requested by
Host: 53ab8df00057ea206686f649674cc05e.safeframe.googlesyndication.com
URL: https://53ab8df00057ea206686f649674cc05e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 07:03:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=eQtRUQAYQ3iy4RhCsTK6cA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPL87QxMMK_doJHdJcMa3efW7o4fYkT7bPuiVLxFt2Oh5Qb3tU82P2G5ajG4LNB0VTOuWoJWyywvE83ob0a5dK9zx1S5HkBS
date
Mon, 18 Oct 2021 07:03:17 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 2E3C
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEBal4EnQ6CErYedZAHqmerA&google_cver=1&google_push=AYg5qPIXy918c4gpFO0w6Uuz73CnM-MuCWpdCUUcS-7aXBqXTY0GZCgfmdeVYausbhxfiAdYZtxbh9ubB6JzqKzTc...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEBal4EnQ6CErYedZAHqmerA&google_cver=1&google_push=AYg5qPIXy918c4gpFO0w6Uuz73CnM-MuCWpdCUUcS-7aXBqXTY0GZCgfmdeVYausbhxfiAdYZtxbh9ubB6JzqKzTc...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPIXy918c4gpFO0w6Uuz73CnM-MuCWpdCUUcS-7aXBqXTY0GZCgfmdeVYausbhxfiAdYZtxbh9ubB6JzqKzTc2wxksJ33GPt&google_hm=b58ead9751fbe33c055cc12d
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPIXy918c4gpFO0w6Uuz73CnM-MuCWpdCUUcS-7aXBqXTY0GZCgfmdeVYausbhxfiAdYZtxbh9ubB6JzqKzTc2wxksJ33GPt&google_hm=b58ead9751fbe33c055cc12d
Requested by
Host: 53ab8df00057ea206686f649674cc05e.safeframe.googlesyndication.com
URL: https://53ab8df00057ea206686f649674cc05e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 07:03:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 18 Oct 2021 07:03:17 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPIXy918c4gpFO0w6Uuz73CnM-MuCWpdCUUcS-7aXBqXTY0GZCgfmdeVYausbhxfiAdYZtxbh9ubB6JzqKzTc2wxksJ33GPt&google_hm=b58ead9751fbe33c055cc12d
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
pixel
cm.g.doubleclick.net/ Frame 2E3C
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEAp5N83w0sbGGJBdpdSqvlE&google_cver=1&google_push=AYg5qPIDRZBe6XpSrFtYASAnMGfJhBM26zJoDUbEtJGDGoj1jNKbBu3YSw7VdoyEBUMwlkpI2j...
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEAp5N83w0sbGGJBdpdSqvlE&google_cver=1&google_push=AYg5qPIDRZBe6XpSrFtYASAnMGfJhBM26zJoDUbEtJGDGoj1jNKbBu3YSw7VdoyEBUMwlkpI2j...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS0ubzhmN2xKRTJ1SFhndWtfbGRJT1pfUnNnMksyVEFqM35B&google_push=AYg5qPIDRZBe6XpSrFtYASAnMGfJhBM26zJoDUbEtJGDGoj1jNKbBu3YS...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS0ubzhmN2xKRTJ1SFhndWtfbGRJT1pfUnNnMksyVEFqM35B&google_push=AYg5qPIDRZBe6XpSrFtYASAnMGfJhBM26zJoDUbEtJGDGoj1jNKbBu3YSw7VdoyEBUMwlkpI2j_bpmK9boXJQnWKOFgGpPfRXaQtEA
Requested by
Host: 53ab8df00057ea206686f649674cc05e.safeframe.googlesyndication.com
URL: https://53ab8df00057ea206686f649674cc05e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 07:03:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 18 Oct 2021 07:03:17 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS0ubzhmN2xKRTJ1SFhndWtfbGRJT1pfUnNnMksyVEFqM35B&google_push=AYg5qPIDRZBe6XpSrFtYASAnMGfJhBM26zJoDUbEtJGDGoj1jNKbBu3YSw7VdoyEBUMwlkpI2j_bpmK9boXJQnWKOFgGpPfRXaQtEA
Connection
keep-alive
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame 2E3C 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JhYiEhbNeY0uYaHHotDZ6ynXInRQ3fAKdYzwkwXTMJwXKq4A9Wh7MAOzKtN5oVggY
Requested by
Host: 53ab8df00057ea206686f649674cc05e.safeframe.googlesyndication.com
URL: https://53ab8df00057ea206686f649674cc05e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 07:03:17 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
3NpV0t_ssl6JniOQZDZq0-jr2lBMmb0RSXUDLe8J8DM.js
pagead2.googlesyndication.com/bg/ Frame B657 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/3NpV0t_ssl6JniOQZDZq0-jr2lBMmb0RSXUDLe8J8DM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
dcda55d2dfecb25e899e239064366ad3e8ebda504c99bd114975032def09f033
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 21:12:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
35436
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13493
x-xss-protection
0
last-modified
Mon, 11 Oct 2021 11:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Mon, 17 Oct 2022 21:12:41 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 122D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021101301&jk=2698346140837667&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
3NpV0t_ssl6JniOQZDZq0-jr2lBMmb0RSXUDLe8J8DM.js
pagead2.googlesyndication.com/bg/ Frame 4E9E 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/3NpV0t_ssl6JniOQZDZq0-jr2lBMmb0RSXUDLe8J8DM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
dcda55d2dfecb25e899e239064366ad3e8ebda504c99bd114975032def09f033
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 21:12:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
35436
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13493
x-xss-protection
0
last-modified
Mon, 11 Oct 2021 11:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Mon, 17 Oct 2022 21:12:41 GMT
3NpV0t_ssl6JniOQZDZq0-jr2lBMmb0RSXUDLe8J8DM.js
pagead2.googlesyndication.com/bg/ Frame E9E5 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/3NpV0t_ssl6JniOQZDZq0-jr2lBMmb0RSXUDLe8J8DM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
dcda55d2dfecb25e899e239064366ad3e8ebda504c99bd114975032def09f033
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 21:12:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
35436
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13493
x-xss-protection
0
last-modified
Mon, 11 Oct 2021 11:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Mon, 17 Oct 2022 21:12:41 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 1F78 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://f13d6db1c689e54b2934b3feb880359c.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://f13d6db1c689e54b2934b3feb880359c.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Sun, 17 Oct 2021 21:12:41 GMT
expires
Mon, 17 Oct 2022 21:12:41 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
35436
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Enabler_01_245.js
s0.2mdn.net/879366/ Frame 3B99 		110 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_245.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61692970/20210607074802688/300x600.html?e=69&leftOffset=0&topOffset=0&c=NF79w6lVYu&t=1&renderingType=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61692970/20210607074802688/300x600.html?e=69&leftOffset=0&topOffset=0&c=NF79w6lVYu&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 06:37:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1537
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38568
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 19:32:54 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 19 Oct 2021 06:37:40 GMT
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 3B99 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61692970/20210607074802688/300x600.html?e=69&leftOffset=0&topOffset=0&c=NF79w6lVYu&t=1&renderingType=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61692970/20210607074802688/300x600.html?e=69&leftOffset=0&topOffset=0&c=NF79w6lVYu&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 07:03:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 18 Oct 2021 07:03:17 GMT
/
google2waycm.netmng.com/cm/ Frame 74EA 		0
0
current
dclk-match.dotomi.com/match/bounce/ Frame 74EA 		0
0
pixel
cm.g.doubleclick.net/ Frame 74EA
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEKR928MPOoVFkQ2hlUx3Rfw&google_cver=1&google_push=AYg5qPKM2AImTlR0pBq_FxQ5u6MR3TmzJ2t5h6GX7EpGSjlkuXS9xGUcbxlK-LvhioilL2gcwHNrumLtniBHVf...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAyMDI5ODQwODExNTA0MjQ1Ng%3D%3D&google_push=AYg5qPKM2AImTlR0pBq_FxQ5u6MR3TmzJ2t5h6GX7EpGSjlkuXS9xGUcbxlK-LvhioilL2gcwHNrumLtniBHVfVlyn...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAyMDI5ODQwODExNTA0MjQ1Ng%3D%3D&google_push=AYg5qPKM2AImTlR0pBq_FxQ5u6MR3TmzJ2t5h6GX7EpGSjlkuXS9xGUcbxlK-LvhioilL2gcwHNrumLtniBHVfVlyndKvjptsGbS
Requested by
Host: f13d6db1c689e54b2934b3feb880359c.safeframe.googlesyndication.com
URL: https://f13d6db1c689e54b2934b3feb880359c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 07:03:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAyMDI5ODQwODExNTA0MjQ1Ng%3D%3D&google_push=AYg5qPKM2AImTlR0pBq_FxQ5u6MR3TmzJ2t5h6GX7EpGSjlkuXS9xGUcbxlK-LvhioilL2gcwHNrumLtniBHVfVlyndKvjptsGbS
Date
Mon, 18 Oct 2021 07:03:17 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 74EA
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEPV7l8920FoFMuD589q0iq4&google_cver=1&google_push=AYg5qPJpQ9Ntb7XME_YIv8MQAx7C0eAE7FpVcVh4JACDTtZlv_jlmjI2thQ58AblqJeRA2V9kUsAKgOMopgCYJSM...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=GQUEZC1eSQq_TfsvX4NHaw2&google_push=AYg5qPJpQ9Ntb7XME_YIv8MQAx7C0eAE7FpVcVh4JACDTtZlv_jlmjI2thQ58AblqJeRA2V9kUsAKgOMopgCYJSMV34S1ebt-4Un
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=GQUEZC1eSQq_TfsvX4NHaw2&google_push=AYg5qPJpQ9Ntb7XME_YIv8MQAx7C0eAE7FpVcVh4JACDTtZlv_jlmjI2thQ58AblqJeRA2V9kUsAKgOMopgCYJSMV34S1ebt-4Un
Requested by
Host: f13d6db1c689e54b2934b3feb880359c.safeframe.googlesyndication.com
URL: https://f13d6db1c689e54b2934b3feb880359c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 07:03:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 18 Oct 2021 07:03:17 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.15.12
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=GQUEZC1eSQq_TfsvX4NHaw2&google_push=AYg5qPJpQ9Ntb7XME_YIv8MQAx7C0eAE7FpVcVh4JACDTtZlv_jlmjI2thQ58AblqJeRA2V9kUsAKgOMopgCYJSMV34S1ebt-4Un
x-host
tde-deliveryengine-production-7f8fcb5db4-8jqrm
alt-svc
clear
content-length
0
adxRedirect
tracking.m6r.eu/sync/ Frame 74EA
Redirect Chain
  • https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEEyxmqULjE7wVsNm4kqTABs&google_cver=1&google_push=AYg5qPKNoiMv6oAgVZbo3S4xOUQyg6E4ZBgEkhah-DlBXpubAai-vbk6Wfjp9...
  • https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEEyxmqULjE7wVsNm4kqTABs&google_cver=1&google_push=AYg5qPKNoiMv6oAgVZbo3S4xOUQyg6E4ZBgEkhah-DlBXpubAai-vbk6Wfjp9...
0
0
pixel
cm.g.doubleclick.net/ Frame 74EA
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEN92wggEFnZ6oGpERvg1Kbo&google_cver=1&google_push=AYg5qPIeJVDJoMt9UoFj0mgd7G_2gXmwQdghT8fwvpGABnL8yRTfzA-sgIi7-AvNkzvxbEPIRKzWZEeG...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTEzNTY2ODM1NzY2MzYyNTM4&google_push=AYg5qPIeJVDJoMt9UoFj0mgd7G_2gXmwQdghT8fwvpGABnL8yRTfzA-sgIi7-AvNkzvxbEPIRKzWZEeG...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTEzNTY2ODM1NzY2MzYyNTM4&google_push=AYg5qPIeJVDJoMt9UoFj0mgd7G_2gXmwQdghT8fwvpGABnL8yRTfzA-sgIi7-AvNkzvxbEPIRKzWZEeGj1Va4AWsfrujCx5RMOqJ
Requested by
Host: f13d6db1c689e54b2934b3feb880359c.safeframe.googlesyndication.com
URL: https://f13d6db1c689e54b2934b3feb880359c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Oct 2021 07:03:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 18 Oct 2021 07:03:17 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTEzNTY2ODM1NzY2MzYyNTM4&google_push=AYg5qPIeJVDJoMt9UoFj0mgd7G_2gXmwQdghT8fwvpGABnL8yRTfzA-sgIi7-AvNkzvxbEPIRKzWZEeGj1Va4AWsfrujCx5RMOqJ
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
sync
ssbsync.smartadserver.com/api/ Frame 74EA 		0
0
attr
cm.g.doubleclick.net/pixel/ Frame 74EA 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JQhGwP5GpNjp5Oh8Tp17kDR96FSv4hpwOLds-y6P-WnXJXHyl__8Iks7DF3WP6R4F-KqYa
Requested by
Host: f13d6db1c689e54b2934b3feb880359c.safeframe.googlesyndication.com
URL: https://f13d6db1c689e54b2934b3feb880359c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 07:03:17 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
view
googleads4.g.doubleclick.net/pcs/ Frame 73AE 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuS-rayUZMpQ72jxpOZZBhZ3AfIzF05JV6DNVJR4KwuP7LQSShJBh0DicDZIDO2HWfbogaPb-i5qjnIgFvf061m19lVuSm4iKfuEalGZUt29gJxeGYJHxoOV9f_xv3x5UjhJ5c0upoWAmgwgh2S3pWYcozpCzKm5JVsjQebbO2aT3B28-UgpvXC5r1KDfHZ43IoxYp0YV4sjQW03Y0CylmT4hePwntz21eKMaEVqjucypM58X0GupEHMNsa6pSoI1u34aPTASbZFRoZFr2qPlDBz0Vc1ClokxQWQs1CaoNVqg7OSDFhRbwbsQ09zG48ff0sMCwVJFGwLkPOF5jraeBg6F4vDNaE1duhGnuEBeWa_6rlS5NjNHjsjn9vKMDm5tGzi0pc5tChklycLrczbMRQNoFwT4TX3gpj23CVGlgngyYsQS6fJUIHgtLXfTg3z9Vb8F8-szWmYslVUXvJwPTd1M9cuJL0N5C_A_wb_WLmbe-uKgobKP8L2Q32CFWXh1wvgn_OAQcv3KQVf1_Q5nJiOvZuebY8QNmIrDTgtuFIl5DN-wmJJqoCcTO4BqUo8jGqhUtVDeejriBQ9mSqNnY-YBqCkcpa7jVtTNH7FxERlF7AZp-rDw0H3Ol1tngQMfwzhT28L6wm06PzY_OQXHh3JCNL88x8aFqbBYl1S8dfPmTdSHpYCNhaIixgnSPcVYtwvX3oH4M6tlV6psBK2UJeucReHWFRrXJFp3kzZicQf7qac4LRMinE8PMOSMiNyF3681l9vk7lQ3D-FrwouLFrf-27aZb-qN2VgnNF_Br0b40kNdMWXPG6Tv0XTy_1pR1wCgC8nfw-B9R1b3jA26JiLniFkVmMd6Rd-DlpLzrAZpZvaCEPavxjheCPc9JwBY19ZKuhavflnonUSkuhBhReaykCzgn0sDpb-UudEBdONMONmG6hN8kVY5xnHFRwYRRMASuv7Wse9sZQNXB2YliZW4XPQuaGQGwk6NXLEktY8w-MUM1WiCry24zcRaW7vXXeHH5o2g8b1RoHTKCf3hFl2gesxlQzkJnUtKbbUOjVgE3fqwxyvLgowdq0YRNY6-aHCwfIqvSgvAzVi-L3Mm0qdi4jxNkH9wyOkJbHFdMQGe4q_UC4sp0mAgOHoVGSW_QcK49px86ffcQztUdfYQeX9lynOS0E4xpgPuaNNFYPLI5sYZEMe419GJMTqZf-N-wVtICJhuCO_GkROWLwF7T9gdpcwlKHwFrcdnVm&sai=AMfl-YT7tzvWCB8hNnEGJ3CJHVLiuQPNJYJymC47icEYYxe615XOuqGiDGS3mReTwz0rtoyziadjBl-rBgYJ88JDkd8x-TMEzP-p8Cz7nK_sRAPCjd1btXKx9BekBMv8okLdMdCM-1kbKpT1fcP9WOLvpTCXmJkSEg&sig=Cg0ArKJSzHOSXLrNiA5xEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=269&vt=11&dtpt=190&dett=3&cstd=75&cisv=r20211013.93378&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=
Requested by
Host: obankofamerica.com
URL: https://obankofamerica.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f13d6db1c689e54b2934b3feb880359c.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Mon, 18 Oct 2021 07:03:17 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
QjHKgOpm15qTJXWLxUnNMS8wTt6682k-qtw68OFTrDs.js
pagead2.googlesyndication.com/bg/ Frame 1F78 		35 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/QjHKgOpm15qTJXWLxUnNMS8wTt6682k-qtw68OFTrDs.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 17 Oct 2021 08:40:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
80551
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13301
x-xss-protection
0
last-modified
Mon, 11 Oct 2021 11:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Mon, 17 Oct 2022 08:40:46 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YW0cM-D_3ic4adcHDntHQgAABKYAAAIB&google_push=AYg5qPI3kndcYYgUswpj5HBRj71tAUSm5ZZxeF4TIDFdSmDTDUNvzzYLyU-HvGUJojElZivLUERS6bw_yPoHhhSx9h9w5wJtPeo71g&google_gid=CAESEKoGPKR0RB3lW7qpz2gf3FA&google_cver=1
Domain
www.googletagservices.com
URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Domain
www.googletagservices.com
URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Domain
google2waycm.netmng.com
URL
https://google2waycm.netmng.com/cm/?google_gid=CAESEEsrlneumZRECyx98JN2k5o&google_cver=1&google_push=AYg5qPJVZv-G-8Yhmekhc3kvd4O5thp0w3hpmTg6dV1rvetiBaCCZbU77GJyF8qlzWvHm7Vz-Swt-wYy-UHC3-z2OZnDXA6AahE
Domain
dclk-match.dotomi.com
URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESELTEReoB17BX7tYnwV4cqQM&google_cver=1&google_push=AYg5qPIUALdEq4BFR2lsbTCgWtVvw8yOeB3MUtYSi_XCzCdV_CWkGeV0EuQ0EPUzCv_zAs4e965AHTsBQfPL9GLNpKUriZLviz_r
Domain
tracking.m6r.eu
URL
https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEEyxmqULjE7wVsNm4kqTABs&google_cver=1&google_push=AYg5qPKNoiMv6oAgVZbo3S4xOUQyg6E4ZBgEkhah-DlBXpubAai-vbk6Wfjp9iQxdlud-FZeIrmUtAz-rPz5PmhFA9rZSQSaNrVE&checkcookies=true
Domain
ssbsync.smartadserver.com
URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEN2hQCWNWO9U-dsM_l8NgOk&google_cver=1&google_push=AYg5qPLFlrNO4p8ksHgHgGNYJlZUzsSAh33LSTMn_W6s-4dWmpkr09cIA6l5xBtqybFAicSVXtKnIzrFUvHFbUT_8aEpd5vtLvE

Verdicts & Comments Add Verdict or Comment

139 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| onbeforexrselect boolean| originAgentCluster function| loadCSS function| $ZO2 function| $ object| gptadslots object| googletag number| sc_js_css undefined| ad_slot_on_gallery_mobile string| url_site string| seccion string| marca string| modelo object| adUnit boolean| _is_long_article string| _tipo string| _carnet string| _cilindrada string| _marca string| keyword object| url object| murl object| madUnit function| JCaption object| imgsCache number| iScrollPos number| iCurScrollPos number| wscrolltop number| sticky_height number| dsquiclinkspos number| w_h number| w_w number| search_w number| search_l number| mtabs_offsetTop number| newsl_cookie number| scontent number| idleTimer number| pop_closed object| home_top_right_col object| home_top_right_ad object| home_middle_right_col object| home_middle_right_ad object| home_bottom_right_col object| home_bottom_right_ad string| flag_status number| yt_api undefined| YT undefined| player undefined| player_id number| comments_count_load number| smart_grid_status object| scrollingBox_h object| scrollingBox_h_Old number| r_second_b_attop undefined| sidebar_r_col_h undefined| sidebar_r_col_offset undefined| sidebar_r_col_offset_Old undefined| search_top number| timer function| detectmob function| initTooltips function| loadjscssfile function| preload function| model_grid function| onYouTubeIframeAPIReady function| onPlayerReady function| setCookie function| getCookie function| comments_count function| imageSlider function| smart_grid function| switchbutton function| brandFilterbutton function| modelquicksearch function| lessandmore function| left_right_ad function| loadGoogleTag function| full_short_c function| model_list_smart function| article_fsb function| home_ad_effect function| filters function| reload function| resetTimer function| idleTimerF function| jQuery number| bootstrap_css number| bootstrap_js number| comment_css number| sidebar_css number| gallery_css object| jQuery1124016184585949066377 function| dsquicklinks function| anchorscrolling function| m_init function| ds_titleDropdown function| newsletter function| clonemenu function| showmorecomments function| scrollingFilter function| scrollingSearcher function| scrollingBox function| datasheet_mtabs function| mtabs_scroll number| n object| ggeac object| google_js_reporting_queue function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| googletagCall object| adGiga1 object| adGiga2 object| adMega1 object| adMega2 object| adMega3 object| adMega4 object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| google_image_requests

22 Cookies

Domain/Path Name / Value
.obankofamerica.com/ Name: _ga
Value: GA1.2.531716827.1634540594
.obankofamerica.com/ Name: _gid
Value: GA1.2.1469405003.1634540594
.obankofamerica.com/ Name: _gat
Value: 1
.obankofamerica.com/ Name: __gads
Value: ID=ff045517be28424b-2241d46cf8ca0098:T=1634540594:S=ALNI_MaMXsgnCisiNdHq-ynqhkYOCn30ZQ
.doubleclick.net/ Name: IDE
Value: AHWqTUmDoamMcuKkNE3MfS1rwJzFe2mOmjXAMfAGQ2f5RvdzEQvAh4sPdZAiKbHhgz0
.casalemedia.com/ Name: CMID
Value: YW0cM.D-3ic4adcHDntHQgAA
.casalemedia.com/ Name: CMPS
Value: 5229
.casalemedia.com/ Name: CMPRO
Value: 1190
.casalemedia.com/ Name: CMST
Value: YW0cM2FtHDMA
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2In>dn(7p!]tbPl1M>e)ZlrFUfJ+tGXxp)CYj)z@KNAH<xz2M:G(a]D=D8D`dZ$KBMwO8*bpRz*qF1`*bac)*K^xo
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-7439088e-8f87-4a32-896d-07dbfbabcac6-003%22%7D
.mathtag.com/ Name: uuid
Value: c4ec616d-1c33-4600-8911-f14bbdc0def1
.mathtag.com/ Name: mt_mop
Value: 4:1634540595
.casalemedia.com/ Name: CMRUM3
Value: 2d616d1c332760CAESECGb-Td3gfRcLV4KfQVrnkA
.turn.com/ Name: uid
Value: 7175684533912092611
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-7439088e-8f87-4a32-896d-07dbfbabcac6-003%22%7D
.adnxs.com/ Name: uuid2
Value: 5694062045996304369
.ctnsnet.com/ Name: cid_044cdb3d366045abbb53ada7c6696e09
Value: 1
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 513566835766362538
.tribalfusion.com/ Name: ANON_ID
Value: aIntmIqkaHbBykt9ZbxqPghfm3QRkwJoPfkyqaRyHW05h7u5jXW51FuKwgXDtDM8a57YcXQQtuG45EZb1AjejBGSAZa
.o2online.de/ Name: webShopPV
Value: ?partnerId=O2_DSP_TRA_HAV_14112_PV&mediacode=25667676_4307561_303197273_146033526_-0&ref=25667676_4307561_303197273_146033526_-0

1 Console Messages

Source Level URL
Text
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YW0cM-D_3ic4adcHDntHQgAABKYAAAIB&google_push=AYg5qPI3kndcYYgUswpj5HBRj71tAUSm5ZZxeF4TIDFdSmDTDUNvzzYLyU-HvGUJojElZivLUERS6bw_yPoHhhSx9h9w5wJtPeo71g&google_gid=CAESEKoGPKR0RB3lW7qpz2gf3FA&google_cver=1
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

00b60a390aded31298f0237f320d50d6.safeframe.googlesyndication.com
53ab8df00057ea206686f649674cc05e.safeframe.googlesyndication.com
83ac6b6e7e5aee9be4ea51bb505026ec.safeframe.googlesyndication.com
a.tribalfusion.com
ad.turn.com
ads.travelaudience.com
adservice.google.com
adservice.google.de
ap.lijit.com
c1.adform.net
cm.g.doubleclick.net
d13tq2cqmxyt15.cloudfront.net
d652e80cb3ee3b007b7f35f570e8773b.safeframe.googlesyndication.com
dclk-match.dotomi.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
f13d6db1c689e54b2934b3feb880359c.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
google2waycm.netmng.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
image6.pubmatic.com
match.adsrvr.org
obankofamerica.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
pm.w55c.net
portal.o2online.de
r.turn.com
s.tribalfusion.com
s0.2mdn.net
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
stats.g.doubleclick.net
sync.1rx.io
sync.mathtag.com
sync.targeting.unrulymedia.com
sync.teads.tv
tpc.googlesyndication.com
tracking.m6r.eu
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.motofichas.com
cm.g.doubleclick.net
dclk-match.dotomi.com
google2waycm.netmng.com
ssbsync.smartadserver.com
tracking.m6r.eu
www.googletagservices.com
104.111.242.245
142.250.181.226
142.250.185.130
142.250.185.98
159.253.128.183
18.193.4.24
185.29.134.244
185.33.221.11
185.64.189.115
2.18.234.21
2001:678:cb4:bbbb::11
213.19.147.45
216.52.2.19
2600:9000:2057:400:4:4f50:1e40:21
2606:4700::6812:d05
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:810::2001
2a00:1450:4001:810::200e
2a00:1450:4001:812::2003
2a00:1450:4001:813::2006
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:828::200a
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2001
2a00:1450:400c:c04::9c
3.126.56.137
34.116.74.150
34.98.64.218
35.186.193.173
35.190.0.66
37.157.6.241
69.173.144.165
76.223.111.131
82.113.101.132
82.98.176.31
85.114.159.93
028967ce63f1dc502cbc50fce6c1d765d5b8ba579cedf67440d26613b72f6603
04bbede4f72508d7a23ac323498251a0002cf62d24d778bbe82bf28f7b412adc
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bb775e23934c5478dab7517dbf8a614834c96e926c4498b734399eb8a2e640d
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
17d1cf42245d2ef2eba8dfa67ca52099000b92e9435cd9d362cb0b527f1e61ae
1ac72f08948a2ab0562b6dcbabadd3f3414dfe53e47482d78c7860ea4afb84f1
29ae43f03b8f5eac942435f29a69b933105b6245ef692b91e1bb5f1f7d08d822
29d3ac66cb7823c6a5771bbb0ee77b819f72c251c06f7c9eb5c3000ea9611b32
2a2436f5dcc89c67af1d2a188f41976f99a465f93eda716a21682861e8b5049e
2aad6719c09c388e29d91958aeb0c35a8b46f0e4ec91b3320bd7ed72e2e212da
2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391
2cff7ab03cb4e476b49ea05511c6cfcc71af6d5ed20d40e9b40ee31062149e77
2d83ebac8aaf7b702dfb804ef1b8000fa7caedceda307ff0ceecd7fb0680213a
2f5112906eabdeacf910ccbff012ad4d9f91faa1e9f0cecf70d2469fcdad5a9d
302226a5cf639d8b3d141d54a2f82e421a89e4282a883642bc5f29a411027f6d
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
3597332bd4c2f6fb7187e3dfd1c87d76db41393497a3d5979662e9a77729c9cc
3739f7e3f233afefaaf897a2c109cd3dcce3799125f58957b4a622b610511a63
4066fd0a04b8661675e82a7f4d2ee8f19f1b56c75ac9e3f566c70d3f145039b7
41d9de265e720a301cbd9c525fa7089a677e0b099b422579a401516212b5add3
4231ca80ea66d79a9325758bc549cd312f304edebaf3693eaadc3af0e153ac3b
45c432c16a068645114767942ab1d37d492d21e4407927dd39e380ed912c944f
4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
474b6b6ae9279599a12c5244eabde929fc536446c6a539192244b3c18898981a
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bc1b05f98442359892e0177a892f071cc0ae1d145801c8288e0aab7b067c498
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
53bb85849942fe0fdb6998300d0c68f1727a6f34a3bdcd9f6f8f12476f64b1e9
552109b217566153d7b6af5b791a0cc4b6265a1946afcf15b6de62f3476baee6
5775b8862843b70917777ecfc11a069e866aec6d7a6fdede172edcf9e862f843
599ad71fae7cb8d014f7c2d29b8450bc7c34f8e32d49fa103716becef8ae9964
59ed0d781d748658f0995fbeeafdcadf81122cafb6854faab8d03289cf7cc863
5a8d15b5eaa48b5607e6f0f63bf0ecbd361309c0a314a74872812f695d784378
5cd30a5ea630c5918b368d97e660bca26c52060476052172f655a9b12e1a5884
5ef3d77067143b374e45165a5b091a8ba69a6ebdda4bf9d8e5b6ce9cd8afbd35
5ef9e96ddb990925c293831963f2b5da6a29232cba2540c1126ded87c95f80e1
5faf62169f7da6114f53dd0a157ed71226bf96b65bf32b793787fdf3959eab17
620832384db769005621cf062865aa207cddac3e6b8989de4fd6b6906e4a7e21
6237a85adb2ca0fefe8ced210c8c108658c45a1468d826cf0c35b5222a9d7d3c
67cf5c21bfc71ee46210832792237e4a6ccd99e5c7bc198b046a38c9167fd0ab
6b3e2fc337b32194f1e28751762144baee1844b0b69c8f1fe43a2317d2efa4e0
708f3e65df746ce52aa2da4458ba8227142afcf4f7c604404faa97fb1c7edd01
72332ed8866e479889aefb2b570a7007f5b64d8ade2bcea3879a2622a7f4d660
7520958e95b85ec20449739628fb761b6b3ae4e616e8c359163c33b65d00439f
77853315d2369bcb8b22545cc192f72f62aa912ea6a5a708782c0463ddaeeaaa
7885d5344938dfc178f8b521a7542346f7e2db1bd0cb0ff5e36dce9f81eceb75
7926fbda182418930ec6d094f7341cd12c4812cc1691da5d0177f7fae75c4143
7aac57c1e43998c8b833a07f48474fbf7d51f81b87ea2b2ff98eff177a0436df
7b164b55d923436d57a934eef56e099b3eaf4cc638e22a377ae768c9faf3a696
806546a8c77e194561ce4b86c1799765ee57bde30100cdbc22595e5b5422dc6f
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
860642fdc6b287a294f65d054f666b1fbd3dea4bf9f43144a8c27d3784c00e22
8aa688232baf7da85a88dbd33964b3b0efe766d8754c32da59e1551bd4b6be05
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
99943c61d9b6810556c3936ea2a25aa6fee5747470ddcef4e20d0ee29e486d5b
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b59eaf6a8178d7b92e8367fadb702572655beafa51772c05b6278871c8c9475
9c21b3dbf862e916d2689453d7f27dcc0539a0239bf323e5f2db397fca0e5d21
9cd51539b72e46d024a93b71ef9e2d45ae8c2d575b3481c2fc3eccb2d552153c
9dd15bb32f2eccd3cfbbeb820e948a9fcde37d4d40f35495a97768cc9911e18f
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a50b13170a8b0fdf43d976275c8529936532a6a3cc39cdf994c7380317df2890
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a6828bf9516807c892a64abe314658777c36824e910a9fb5e6ab31070084b796
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aaf2f7bc90cc29a453bd07229397a5124581a75d0f0675ca3cf87c051fcb6813
ac9745f4653cfac1fb1a014a705223094282296614fa651a1d901da02a0b0846
adacfff51021fd65f61cf89d5bdb7432993df747dc92b8c327ab4afc6114f858
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b29507fb6668637b13c34941b74ef9fa939afcb554204dbef9dde887f7ff2d3b
b2ec3db0c3ffe01385ebd2fa36b83708e505fada5609f9859a8e04a9cbdcaefd
b64291fc91dc77833930ffcead244193c5cfd9e882af312ecc89b580160c22a1
b8d0686fa3b6082b3e684c5925dc585db636154775e3e8eba399ad46b878430a
be6026ee43686dc089b8ce4dd9a9aa72fb28a2a53cf800e9997ba50c0587c276
c7e536b79cd591ba2baa9affcd371c7941e8a597b23b332c6b9fee4494a621f2
cc4c0cf9df4e976c9925ae093daa32de937fa65d6f681984798345de6fc1345f
cf43029467c206ba5c103fa6a010a613fbad363e35524b16b2e2815592fd82bd
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d4db45736fa52a62f53c696debe6cd984bce783886b701746f281437786bbaba
d54a37d8c9dbe2e7db0d87c588c9b3e23735cf1cb0eb9275f7b1c3579980241d
d9ad8df7699a0d6ba7186b67fd574c9cb7951b7eac23cb852abe98b7bb515e04
dcda55d2dfecb25e899e239064366ad3e8ebda504c99bd114975032def09f033
de70cbd675a9cbb631b8380b5a02e519e3f84336a284fd409bdad8fe7e6d5de8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5be30616d437d2baf9041a6648598542ae30fed30d261b002266e5d58969685
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3c0b56e0d2efcb529b2ae34b91994105bd6df935ba83c9ef6884a9f709e5565
f4726d988effd5253298f2a2738ca92d780d4105af0ce67eb7e7d1c748fb6909
f9f7d91a866eb82211da55242d79e8db9b1e5f1c904a94017d21a3c95c7cf9ff
fb32c92a0a5ec78418491f41e27687cb5d0c501665badf278ab5496c733e5914
fb9268e99659f17a183de7aa0d4e27453f96c159a7ba99d6482522f8f72d1009
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62