www.logan.com Open in urlscan Pro
207.170.160.160 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.logan.com/
Submission: On June 14 via api (June 14th 2023, 6:53:18 am UTC) from US — Scanned from DE

Summary HTTP 47 Redirects Links 62 Behaviour Indicators

Summary

This website contacted 13 IPs in 3 countries across 9 domains to perform 47 HTTP transactions. The main IP is 207.170.160.160, located in United States and belongs to MICROADVANTAGE-INC, US. The main domain is www.logan.com.

This is the only time www.logan.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	207.170.160.160 207.170.160.160	14001 (MICROADVA...) (MICROADVANTAGE-INC)
18	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
3 4	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
3 5	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	185.89.210.101 185.89.210.101	29990 (ASN-APPNEX) (ASN-APPNEX)
5	2a00:1450:400... 2a00:1450:4001:813::2006	15169 (GOOGLE) (GOOGLE)
2	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
47	13

1 207.170.160.160 (United States)

ASN14001 (MICROADVANTAGE-INC, US)
PTR: mail.logan.com

www.logan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.66 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.80.39.216 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.101 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 133 tpc.googlesyndication.com — Cisco Umbrella Rank: 155	326 KB
11	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 57 cm.g.doubleclick.net — Cisco Umbrella Rank: 244 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 359	50 KB
5	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 338	2 MB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 621	4 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 249	3 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 107 www.google.com — Cisco Umbrella Rank: 3	2 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 207	55 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1107	601 B
1	logan.com www.logan.com	4 KB
47	9

	Domain	Requested by
18	pagead2.googlesyndication.com	www.logan.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
7	tpc.googlesyndication.com	googleads.g.doubleclick.net www.logan.com tpc.googlesyndication.com pagead2.googlesyndication.com
5	s0.2mdn.net	www.logan.com s0.2mdn.net googleads.g.doubleclick.net
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
2	googleads4.g.doubleclick.net	www.logan.com
2	adservice.google.com	pagead2.googlesyndication.com
1	www.google.com	tpc.googlesyndication.com
1	www.googletagservices.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.logan.com
47	13

This site contains links to these domains. Also see Links.

Domain
mail.logan.com
loganberrybooks.com
rob.com
richardewright.com
chrisachapman.net
lynnchapman.net
marty.rob.com
efistraining.com
lancairlegacy.com
cellarideas.com
albanofamily.net
csepegi.com
5cobbs.com
mrdecorte.org
hartstones.com
mail.lancair.net
lancair.net
www.jrcs.org
www.massport.com

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh

This page contains 9 frames:

Primary Page: http://www.logan.com/
Frame ID: 40E00BB82F0FFF745D4BC320EA50C578
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5359790986991748&output=html&h=600&slotname=9740388826&adk=1223337143&adf=2752454107&pi=t.ma~as.9740388826&w=160&lmt=1682615681&url=http%3A%2F%2Fwww.logan.com%2F&wgl=1&dt=1686725594618&bpp=12&bdt=137&idt=316&shv=r20230612&mjsv=m202306080101&ptt=5&saldr=sa&abxe=1&correlator=5021181545327&frm=20&pv=2&ga_vid=202072502.1686725595&ga_sid=1686725595&ga_hid=1115776777&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1427&ady=13&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071755%2C44772268%2C44788441%2C44793498&oid=2&pvsid=1244039673231688&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=MxV666WoUv&p=http%3A//www.logan.com&dtd=334
Frame ID: 7A13AC6934B5D2DF7E36E49EE53F44BD
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMvN-gEQ3_CHsQMY-MKv6QEwAQ&v=APEucNWyXXNy-GBhMmW374TBKljgJOcQs2IzVYfdtX0_mSbgzA_5O-scsCmFZQabQlOqWI7NQhCsW2D8n-guyChnp-s0-lf6XtzlXnIcq8hR0SRcXUc6E3M4kBmpH7fUmq4ZMy07olkEu-_09RN_48dzy9ryIFQwpZw_ypWlbYdedmMMPGk1OQE
Frame ID: 1A44C65CB37E775556B1F60B1FBAFF2E
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A212B6F51A2ECC1F95F3B73F4707039F
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17193030867716495342/Domes-Noruz-160x600-DE.html?ev=01_250
Frame ID: AC09C1F910D7A46EBDCAB8C16A6287F6
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230612/r20190131/zrt_lookup.html
Frame ID: 4FBFB0C9509AD931F7E55B35014DFA8B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5359790986991748&output=html&adk=1812271804&adf=3025194257&lmt=1682615681&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fwww.logan.com%2F&ea=0&pra=7&wgl=1&dt=1686725596394&bpp=2&bdt=1913&idt=2&shv=r20230612&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db9fcbeeb54199179-2282ac2aa6b40072%3AT%3D1686725595%3ART%3D1686725595%3AS%3DALNI_MZgc3ir9KxLgYPFLRW8ghggKkTwcg&gpic=UID%3D00000c4ec3079765%3AT%3D1686725595%3ART%3D1686725595%3AS%3DALNI_MY85JB8vcteJcjscISrK4JQ2LvpqA&prev_slotnames=9740388826&nras=1&correlator=5021181545327&frm=20&pv=1&ga_vid=202072502.1686725595&ga_sid=1686725595&ga_hid=1115776777&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071755%2C44772268%2C44788441%2C44793498&oid=2&psts=ABHeCviH761w79fOnXCqvIxTNa0xeEde64LUVr9KFMiakC9202zUTjK5PxPfwFNDja_B-DoN9CeUkVeIh15IIJD7PB7fPNI&pvsid=1244039673231688&tmod=622245943&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=32
Frame ID: EDB1069131EE65C5349A11B1A145BE64
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A63E49A359326205267CB953BCEA637F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 451124BD257B8D5D64B13435EA487C9B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Logans

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Page Statistics

47
Requests

87 %
HTTPS

58 %
IPv6

9
Domains

13
Subdomains

13
IPs

3
Countries

2641 kB
Transfer

3690 kB
Size

8
Cookies

62 Outgoing links

These are links going to different origins than the main page.

URL: https://mail.logan.com/
Title: Read Mail

Search URL Search Domain Scan URL

URL: http://loganberrybooks.com/
Title: Loganberry Books

Search URL Search Domain Scan URL

URL: http://rob.com/pix/
Title: Oops Photos

Search URL Search Domain Scan URL

URL: http://rob.com/rob/
Title: Rob Logan

Search URL Search Domain Scan URL

URL: http://rob.com/lancair/
Title: Photos

Search URL Search Domain Scan URL

URL: http://rob.com/ann/
Title: Ann Logan

Search URL Search Domain Scan URL

URL: http://rob.com/us/
Title: Photos

Search URL Search Domain Scan URL

URL: http://rob.com/russ/
Title: Russ Logan

Search URL Search Domain Scan URL

URL: http://rob.com/brenda/
Title: Brenda Logan

Search URL Search Domain Scan URL

URL: http://rob.com/wright/
Title: Jen Wright

Search URL Search Domain Scan URL

URL: http://richardewright.com/
Title: Richard Wright

Search URL Search Domain Scan URL

URL: http://rob.com/us/2011/Susan/
Title: Susan Wright

Search URL Search Domain Scan URL

URL: http://rob.com/chapman/
Title: Curtis Chapman

Search URL Search Domain Scan URL

URL: http://chrisachapman.net/
Title: Chris Chapman

Search URL Search Domain Scan URL

URL: http://chrisachapman.net/pix/
Title: Photos

Search URL Search Domain Scan URL

URL: http://lynnchapman.net/
Title: Lynn Chapman

Search URL Search Domain Scan URL

URL: http://rob.com/willingham/
Title: Massey and Carrie Anne Willingam

Search URL Search Domain Scan URL

URL: http://marty.rob.com/
Title: Marty Weinhous

Search URL Search Domain Scan URL

URL: http://marty.rob.com/pix/
Title: Photos

Search URL Search Domain Scan URL

URL: http://efistraining.com/
Title: Josh Brungardt

Search URL Search Domain Scan URL

URL: http://efistraining.com/pix/
Title: Photos

Search URL Search Domain Scan URL

URL: http://rob.com/bream/
Title: Bruce Bream

Search URL Search Domain Scan URL

URL: http://rob.com/bream/pix/
Title: Photos

Search URL Search Domain Scan URL

URL: http://lancairlegacy.com/
Title: Don Barnes

Search URL Search Domain Scan URL

URL: http://cellarideas.com/pix/
Title: Photos

Search URL Search Domain Scan URL

URL: http://albanofamily.net/
Title: Tom Albano

Search URL Search Domain Scan URL

URL: http://albanofamily.net/pix/
Title: Photos

Search URL Search Domain Scan URL

URL: http://rob.com/matt/
Title: Matt Bailey

Search URL Search Domain Scan URL

URL: http://csepegi.com/
Title: Chris Csepegi

Search URL Search Domain Scan URL

URL: http://csepegi.com/pix/
Title: Photos

Search URL Search Domain Scan URL

URL: http://5cobbs.com/gallery3/
Title: Chris Cobb

Search URL Search Domain Scan URL

URL: http://mrdecorte.org/pix/
Title: Mike Decorte

Search URL Search Domain Scan URL

URL: http://hartstones.com/pix/
Title: Rob Hartstone

Search URL Search Domain Scan URL

URL: http://rob.com/ziegler/
Title: Keith Ziegler

Search URL Search Domain Scan URL

URL: http://rob.com/morton/
Title: Rich Morton

Search URL Search Domain Scan URL

URL: http://rob.com/clarks/
Title: Clark Hungerford

Search URL Search Domain Scan URL

URL: http://rob.com/mahar/
Title: Mike Mahar

Search URL Search Domain Scan URL

URL: http://rob.com/smith/
Title: Rob Smith

Search URL Search Domain Scan URL

URL: http://rob.com/josh/
Title: Joshua Luckner

Search URL Search Domain Scan URL

URL: http://rob.com/forearms/
Title: Mike Kling

Search URL Search Domain Scan URL

URL: http://rob.com/tkg/
Title: tkg

Search URL Search Domain Scan URL

URL: http://mail.lancair.net:81/lists/lml/
Title: Lancair Mailing List

Search URL Search Domain Scan URL

URL: http://lancair.net/pix/
Title: Photos

Search URL Search Domain Scan URL

URL: http://rob.com/minecraft/
Title: MineCraft

Search URL Search Domain Scan URL

URL: http://rob.com/minecraft.19/
Title: 1.19

Search URL Search Domain Scan URL

URL: http://rob.com/minecraft.180/
Title: 1.80

Search URL Search Domain Scan URL

URL: http://rob.com/minecraft.175/
Title: 1.75

Search URL Search Domain Scan URL

URL: http://rob.com/minecraft.164/
Title: 1.64

Search URL Search Domain Scan URL

URL: http://rob.com/minecraft.147/
Title: 1.47

Search URL Search Domain Scan URL

URL: http://rob.com/minecraft.131/
Title: 1.31

Search URL Search Domain Scan URL

URL: http://rob.com/minecraft.123/
Title: 1.23

Search URL Search Domain Scan URL

URL: http://rob.com/minecraft.10/
Title: 1.0

Search URL Search Domain Scan URL

URL: http://rob.com/minecraft.18/
Title: 0.18

Search URL Search Domain Scan URL

URL: http://rob.com/minecraft.15/
Title: 0.15

Search URL Search Domain Scan URL

URL: http://www.jrcs.org/
Title: John Reich Collectors Society

Search URL Search Domain Scan URL

URL: http://rob.com/dunham/
Title: Dunham Tavern Museum

Search URL Search Domain Scan URL

URL: http://rob.com/lnraa/
Title: Lost Nation Regional Aviation Association

Search URL Search Domain Scan URL

URL: http://rob.com/afi/
Title: Adam Ferguson Institute

Search URL Search Domain Scan URL

URL: http://rob.com/liberty/
Title: The Libertarian Party of Northeast Ohio

Search URL Search Domain Scan URL

URL: http://rob.com/cachevalley/
Title: Cache Valley

Search URL Search Domain Scan URL

URL: http://www.massport.com/logan/
Title: Airport in Boston

Search URL Search Domain Scan URL

URL: http://rob.com/rob/audio/undrm_32.mid
Title: Background MIDI

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEChvWQPpYEmcg89m6gVq5O0&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEChvWQPpYEmcg89m6gVq5O0&google_cver=1&C=1

Request Chain 13

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZIlj22rJqP6DgrMsMEbGuwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEChvWQPpYEmcg89m6gVq5O0&google_cver=1

Request Chain 14

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESECLARwf4xfYZRckUFGqs5kw&google_cver=1

Request Chain 15

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk1NzU4OTQxMDUyNDk4NDI4Mw%3D%3D

47 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.logan.com/ 4 KB
4 KB 507ms
121ms Document
text/html 207.170.160.160
MICROADVANTAGE-INC

General

Check archive.org

Show headers Download Go to

Full URL: http://www.logan.com/
Protocol: HTTP/1.1
Server: 207.170.160.160 , United States, ASN14001 (MICROADVANTAGE-INC, US),
Reverse DNS: mail.logan.com
Software: Apache/2.4.27 (FreeBSD) PHP/5.6.31 /
Resource Hash: f8ac73613302cb8e0b57f78e0d4629f7cd87ed44a820e7c32ab4c3dbd6d464f1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: close
Content-Length: 4061
Content-Type: text/html
Date: Wed, 14 Jun 2023 06:53:12 GMT
ETag: "fdd-5fa547e017f2c"
Last-Modified: Thu, 27 Apr 2023 17:14:41 GMT
Server: Apache/2.4.27 (FreeBSD) PHP/5.6.31

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 93 KB
34 KB 102ms
68ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: www.logan.com
URL: http://www.logan.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

52307ecdac6c520495d76cb72cc8b7ac1108b1323c2c956f8dbd10723bb11215

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.logan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Wed, 14 Jun 2023 06:53:14 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 2736948039998045837
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 34592
X-XSS-Protection: 0
Expires: Wed, 14 Jun 2023 06:53:14 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/ 352 KB
118 KB 148ms
97ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5359790986991748&plah=www.logan.com

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

daa263faadced628548c7c2c0537ab7b3c5db63a30736ea98cf5ccecda608bf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.logan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 06:53:14 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120790
x-xss-protection: 0
server: cafe
etag: 15872499563487829915
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 14 Jun 2023 06:53:14 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 385 B
601 B 83ms
32ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.logan.com&callback=_gfp_s_&client=ca-pub-5359790986991748

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5359790986991748&plah=www.logan.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3971c2cf6dbbf116d5cec2ee8c33d865a731e46bb4fce14caeb4fd686d5ecee3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.logan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 06:53:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 249
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 85ms
29ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.logan.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.logan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 06:53:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7A13 20 KB
9 KB 283ms
230ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5359790986991748&output=html&h=600&slotname=9740388826&adk=1223337143&adf=2752454107&pi=t.ma~as.9740388826&w=160&lmt=1682615681&url=http%3A%2F%2Fwww.logan.com%2F&wgl=1&dt=1686725594618&bpp=12&bdt=137&idt=316&shv=r20230612&mjsv=m202306080101&ptt=5&saldr=sa&abxe=1&correlator=5021181545327&frm=20&pv=2&ga_vid=202072502.1686725595&ga_sid=1686725595&ga_hid=1115776777&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1427&ady=13&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071755%2C44772268%2C44788441%2C44793498&oid=2&pvsid=1244039673231688&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=MxV666WoUv&p=http%3A//www.logan.com&dtd=334

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5bd36a526ca39df97cdc1b54ffb9ffcedfe638ed6a299c75d529077907413a9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.logan.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 8909
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 14 Jun 2023 06:53:15 GMT
expires: Wed, 14 Jun 2023 06:53:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7A13 42 B
173 B 58ms
55ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CYRA7LKAfgYqRTD2FkI7_mPTu76v-Kep7EbVnpO4J0ggQMUMdNHo4LeBqyDgM77wH7vrcDcFyHglHj2uDLL3MbVGge94Iiiz8aHlWESF_yiZDEgAo

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5359790986991748&output=html&h=600&slotname=9740388826&adk=1223337143&adf=2752454107&pi=t.ma~as.9740388826&w=160&lmt=1682615681&url=http%3A%2F%2Fwww.logan.com%2F&wgl=1&dt=1686725594618&bpp=12&bdt=137&idt=316&shv=r20230612&mjsv=m202306080101&ptt=5&saldr=sa&abxe=1&correlator=5021181545327&frm=20&pv=2&ga_vid=202072502.1686725595&ga_sid=1686725595&ga_hid=1115776777&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1427&ady=13&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071755%2C44772268%2C44788441%2C44793498&oid=2&pvsid=1244039673231688&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=MxV666WoUv&p=http%3A//www.logan.com&dtd=334

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Jun 2023 06:53:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7A13 0
58 B 57ms
57ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=10756723562731178041&x=1&ct=119

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Jun 2023 06:53:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 7A13 78 KB
28 KB 85ms
84ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 06:53:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28042
x-xss-protection: 0
server: cafe
etag: 3261498652431352696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 14 Jun 2023 06:53:15 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230612/r20110914/client/ Frame 7A13 3 KB
1 KB 73ms
24ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230612/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 16:58:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50071
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Jun 2023 16:58:44 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230612/r20110914/client/ Frame 7A13 19 KB
8 KB 71ms
21ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230612/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6a668741aaae51af53932f5546ed0ba37f4c96c432e47497fa57a020232e332

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 16:58:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50071
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7977
x-xss-protection: 0
server: cafe
etag: 11528802260939709675
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Jun 2023 16:58:44 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7A13 176 KB
55 KB 47ms
31ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b1e1bef92ba957c4648c2118de4eece20ffb8e58eedbb33bce5c2227b46e9ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 06:53:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56133
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1686570138914868"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Jun 2023 06:53:15 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 1A44 624 B
508 B 74ms
73ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMvN-gEQ3_CHsQMY-MKv6QEwAQ&v=APEucNWyXXNy-GBhMmW374TBKljgJOcQs2IzVYfdtX0_mSbgzA_5O-scsCmFZQabQlOqWI7NQhCsW2D8n-guyChnp-s0-lf6XtzlXnIcq8hR0SRcXUc6E3M4kBmpH7fUmq4ZMy07olkEu-_09RN_48dzy9ryIFQwpZw_ypWlbYdedmMMPGk1OQE

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5359790986991748&output=html&h=600&slotname=9740388826&adk=1223337143&adf=2752454107&pi=t.ma~as.9740388826&w=160&lmt=1682615681&url=http%3A%2F%2Fwww.logan.com%2F&wgl=1&dt=1686725594618&bpp=12&bdt=137&idt=316&shv=r20230612&mjsv=m202306080101&ptt=5&saldr=sa&abxe=1&correlator=5021181545327&frm=20&pv=2&ga_vid=202072502.1686725595&ga_sid=1686725595&ga_hid=1115776777&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1427&ady=13&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071755%2C44772268%2C44788441%2C44793498&oid=2&pvsid=1244039673231688&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=MxV666WoUv&p=http%3A//www.logan.com&dtd=334
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 14 Jun 2023 06:53:15 GMT
expires: Wed, 14 Jun 2023 06:53:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1A44
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEChvWQPpYEmcg89m6gVq5O0&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEChvWQPpYEmcg89m6gVq5O0&google_cver=1&C=1

43 B
632 B

40ms
25ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEChvWQPpYEmcg89m6gVq5O0&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMvN-gEQ3_CHsQMY-MKv6QEwAQ&v=APEucNWyXXNy-GBhMmW374TBKljgJOcQs2IzVYfdtX0_mSbgzA_5O-scsCmFZQabQlOqWI7NQhCsW2D8n-guyChnp-s0-lf6XtzlXnIcq8hR0SRcXUc6E3M4kBmpH7fUmq4ZMy07olkEu-_09RN_48dzy9ryIFQwpZw_ypWlbYdedmMMPGk1OQE
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 14 Jun 2023 06:53:15 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 14 Jun 2023 06:53:15 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEChvWQPpYEmcg89m6gVq5O0&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1A44
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZIlj22rJqP6DgrMsMEbGuwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEChvWQPpYEmcg89m6gVq5O0&google_cver=1

43 B
632 B

23ms
23ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEChvWQPpYEmcg89m6gVq5O0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMvN-gEQ3_CHsQMY-MKv6QEwAQ&v=APEucNWyXXNy-GBhMmW374TBKljgJOcQs2IzVYfdtX0_mSbgzA_5O-scsCmFZQabQlOqWI7NQhCsW2D8n-guyChnp-s0-lf6XtzlXnIcq8hR0SRcXUc6E3M4kBmpH7fUmq4ZMy07olkEu-_09RN_48dzy9ryIFQwpZw_ypWlbYdedmMMPGk1OQE
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 14 Jun 2023 06:53:15 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 14 Jun 2023 06:53:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEChvWQPpYEmcg89m6gVq5O0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 1A44
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESECLARwf4xfYZRckUFGqs5kw&google_cver=1

43 B
1 KB

70ms
32ms

Image
image/gif

185.89.210.101
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESECLARwf4xfYZRckUFGqs5kw&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMvN-gEQ3_CHsQMY-MKv6QEwAQ&v=APEucNWyXXNy-GBhMmW374TBKljgJOcQs2IzVYfdtX0_mSbgzA_5O-scsCmFZQabQlOqWI7NQhCsW2D8n-guyChnp-s0-lf6XtzlXnIcq8hR0SRcXUc6E3M4kBmpH7fUmq4ZMy07olkEu-_09RN_48dzy9ryIFQwpZw_ypWlbYdedmMMPGk1OQE

Protocol

HTTP/1.1

Server

185.89.210.101 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 14 Jun 2023 06:53:15 GMT
AN-X-Request-Uuid: 96a96206-cba1-4704-818b-451bddc31b53
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.114.215.133; 217.114.215.133; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 14 Jun 2023 06:53:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESECLARwf4xfYZRckUFGqs5kw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 1A44
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk1NzU4OTQxMDUyNDk4NDI4Mw%3D%3D

170 B
243 B

39ms
36ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk1NzU4OTQxMDUyNDk4NDI4Mw%3D%3D

Requested by

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Jun 2023 06:53:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 14 Jun 2023 06:53:15 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.215.133; 217.114.215.133; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 5c82805b-5140-4626-92f1-8c0cde9180c6
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk1NzU4OTQxMDUyNDk4NDI4Mw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7A13 0
20 B 56ms
56ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5254152424555&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Jun 2023 06:53:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7A13 0
20 B 56ms
56ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5254152424555&version=m202301230201&ct=119&x=1&cor=10756723562731178000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Jun 2023 06:53:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 7A13 83 KB
35 KB 100ms
99ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BcAzRAKedrEXhUBP_Qgq1dCN8kLd1T5KsroBZB_6wqRdZOUYvyVZD8cifIdBrCm97bqQGiUtPWJj2vUMJcbLdLJDOJRMbAWF3lKHkG6cOYy8Jz_ZX4EqhIGHq-pBbXm5WNR2FdlCNi0OozNSMIIXpd38BSSp-VRiY9yntWjFZHhxnGkrs&cry=1&dbm_d=AKAmf-AOduvTkSROeebSfMJcpiGbag8OjGKyDtAR9zsbFXcOUkjT8UQ7Bb9Ro-83fpNEQMWUuBRqMJK-60At8gVcr7IKRnoXP7rRACb_w8xTbzrsnyZXg0kzgUPb__CLDaMLYNMmKz5riG67geF2Xsvh_NezcoZaBe9T_RLwNR48exgIYae4t6T5DteXl-1-VGWOuAPh33fX-Eu4M_-WkQ9RWFWknSEYi2_ndwP8T-AVUjyAICFceFGnHbuBxNiHi8NBJl7fp-CDjiVSFEYGWGd7a0llVskpDyBjp0uD_KfI9kOTmnmQsSLb757Ng-aZ4_De54ROw77JtzwR1JcVdqMAs-e07sdx9ckd6KyTO2sqmQ3GT2IqMuJIVfizpX18K5IGoTdLkK8E8Hptxy4nvRrkjfFSrSDN-2Yffa3diYcRiB-Alas6VQ72grWrmGJX-kGUXC1nlmBLQoR6E3LMrJGxd9PxVs6nn8y_NuBK3yl62oZxtHLCBYaKbnbRF9uuGAB_tDNfVRW-eoriW89sF3N7svt8VNUmP4FBBcDAqhQk1QJCt7GB_CrwYrwZNY3gDpE97-of_Kko2vB0XWrbiEqWIfvHzLYRG9fJOZ_ZFrS8W-z42LnhfvOGyqKvo_uSkVOTOVO7JRtQBUEYDmuHCXcDPFcIKNo_m5Bi1ZjqfrivEHoHA67b2ESCAP-ZO2Ssp_fvvDsHZWzFZpwPBiqOkv0hdUIHBst9b6IjZScc6cnHv-soeaymBbv1uzhQOAiPYEEwib-DkA2pJkYb3TmG-gKpO3SKDvq9At8mO6FceOjNXmUbLzauPY26XwlWMb2QRyf638vPEl2XEGF-gBZk9JPMiJ4fGVSkqR3sQp9HurSCem9eRSN7FsulQd9mVwXINwRHUG65XojpiEollL_exFytqjTwEQrrzUUuLK29s2WAQH8mLvo6VfVI-Jr4XPmpjm-oPMKioWNmhfwvzYKHz_s1hOhd06MHDrJRCD95w3XIReyAjRATPNXXKgTWuhd7ynDY2c56VdvE3yNFo25A3vnmkCdnAzxFvYpczfuzBegDLajYR1RpFk3Fb3mFiQpjns6RJ3diYsAsXQD0L3qs0Qip-jwttdZ0J7aqFAxGA6pXw7GkMeNUAG50meCb32HFvzzMe1X8SrdKlfadohhxgFnS6m4vBxN-gbjLAUKMfAU8xU1xvwlIt07Rh1YSDfeQ-VYuwI5h0oDSSBrGiHTjksAM6YUhk8dUtDuasT-HpZaYrUrbtN1Yhs9w-lvBmfADd7UVX8OtH1odq6yqCWTj3laA2RpVAy65rzLmoQn29TV_czQ6b8zniEMDUVcaRpGfNNT7QXzipc16bIGm4FenmswmBgRwRK83DY7K_YhOQ6qAoc_yfAeMgULaA0_-JShzB4yle-cmV0GskUIPUPxSkpIwRR21YwrJR-skuKNGlDwh1ywi8BpXpUjL0wS_WGF-l6KxD7eCGESsIQ5U6HYfoFmQjoTJbxb-lMUtWAmzMbSJixBARfCVrPHpfji6SZbH3Mr_rwFiP2muByIXNxZeevQofBDei3YY27ze9f1Hb53SnJvDo6XQyIl3U7yw86eeVwW8854afhTwoPsdWwaP_Ou2hmsC9Qa1kTDLxXuuVC6hmULnOgAthqCIX6gcXbxMIEhDPXRfu2mOKuzpxi-x-rFHLS9mBYzHgpktUwIIXdOajYbDrioePZqeKccIEUiKFBKby1Nuyo2ZSwRJIxMl87vZkuP06rb6aQc2ZQeRDXoCVSlKEgaGv5R0tbX4OWDFiet6_hLmfG0Bm9qLojVdG7xYY1VMru5-9j3A9yfPy_6CkwTfjAVefiV9qzP1bxKRQbLfmjE9dfckYb2PZZ8QfGWCmTfRX2Q6Uo39Msp4jLLBbxLzgAJttRghCdb3dQIZrl6Cmab_c8H5xdoucow8Iuj7IYKpnsjO0zFtHoPDSXG9alDFL8yR-qD9NsYM3zMdKAPiB2u0AWUb6kBO34sZ3pVULFL_vh06SHtLHVSC5lLe3lCE4TX_O6nFKvxzAwEq1AlX3jAue6lxHJL3LFi8G99G50XzWL5vvO_F1xRM_9oRQbXebYqv4mRfkIifR-3ZN8gYL2TkwJWSZo0QQ71d90g3Y56BQO4LMUfJcN9_M9dOYaBlll8M9-CXXhYr8FUb4SZGieJgXdX7zN2o9VsZEVEpqwM58AO1ka765ouYAL-Df9G6Ea_P_rf7D_yYoOD7UYacje8F4pE9S_SgVtLubDhtM6u6cNFco7B3O_d4bVgJYYiACMHuPeevv5kNpB399W_3S6q-rqQTo5P5F9QzIkaZPwmgfPHK3y0LugQAecCm3nvNYQz4PKmW_imjU_2KrBbQasH76FM9Wz5qCNOgUzFwk7Iw6YVb9TCDHqCSC9g78PunTmjE4fl5Ywc5kDyrzJScINc0PsguJhQrHMKTDzX28qy9YViazcD55qV-gOqLUh3L_JAe1ZHMMyzlwJJuFSMaj3sjm-x0K-GrzGHzjA8kHSuDUb2p1pkhVqSm4qxCzs6upFhroDnFBawjQovtmYPy9Em9iiDR0TEETvtZP8dUdYoW7JpOgXkX2j3wBiqGNT-ogB3_xarek3KvO8dsaIxuoERAeR4erGG31En00G6oo_yLNTwqy1KfsKHvxFOGz8JBcP3quKoArFTmlMU05lNzUBE7c4Xh3efWMRQVDxUxKYrh00_Exf1795oGDgjiqztsz71LfVG6mfNnEw9c0iScG9Nnl-F-4jh7gY2VMqkAs6obMGXboOqQR56k7cFacsWSzqGMePMD4qkudbncVBUlP0ncq7EUU5zRfpBMrNAUD53zkeBucektlIHVneIh5x9sI27IGCjd7bH9gia82UVAck9e1WV2S4OQoaFKLWJsICSP_Kl_z0If9yOlLpug4vKTKsXiyxHG5uvyfBJ_yANi-mmsjpNsg0jIW1tU6D4T1knAFuC7P2FvVIp8UYM5sCFp02zhAP7ssECBbRxL_WryUiN5djaFj0_Z3YsS4S_1ejzfKvhRPb50rzz21IFy-QWCYucMGGX2IIYPEYwVWApZZ_tA1kCconp1FGoN-cIXzSBtQzAs4nJ_Meep3reVYrfU9uT6xUCHh2DR0eSU7uvqPmCqR0gCbj_k4VKcbXgziDOED5rbB32vAqNPMK8eSXuquNHavmio3GSSNSKpZqQCCOmLVZi-P3uiIu5cQpCKzV38wlz9EuQPHhr9Qi4RzCYxgEqbDr9egadRTkfAa8Vqc7jZGyvzrYySNS3UpDjo2Yl4MMG1kuHR7B0ZMiyMiwxc_1bDIbNxi4r8IvNHcapAGYwGbII5UvEuKLPOc7l2NsnWdlVsXe9u6eqUp-Y3BjeoRgmBVaS0vEkDrlNRETMfU079BveIkyNv_gskujtyX89jQvFnvIZ2R3E6VBWh9koJbgqMMOT7pIze2BJ4ADCLr_jvhikEVLzkpXTLFFu3pS8gGybm8g&cid=CAQSGwBygQiDCPGT_34InrmFyhunNhwF2kR5TDOHZBgB&dv3_ver=m202301230201&rfl=http%3A%2F%2Fwww.logan.com%2F&ds=l&xdt=1&iif=1&cor=10756723562731178000&adk=3476589348&idt=133&cac=0&dtd=9

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c41fb8e9d2a219e2d945c5f385479d110f55392ae0828ff8aa2ba3790b72814

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5359790986991748&output=html&h=600&slotname=9740388826&adk=1223337143&adf=2752454107&pi=t.ma~as.9740388826&w=160&lmt=1682615681&url=http%3A%2F%2Fwww.logan.com%2F&wgl=1&dt=1686725594618&bpp=12&bdt=137&idt=316&shv=r20230612&mjsv=m202306080101&ptt=5&saldr=sa&abxe=1&correlator=5021181545327&frm=20&pv=2&ga_vid=202072502.1686725595&ga_sid=1686725595&ga_hid=1115776777&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1427&ady=13&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071755%2C44772268%2C44788441%2C44793498&oid=2&pvsid=1244039673231688&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=MxV666WoUv&p=http%3A//www.logan.com&dtd=334
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Jun 2023 06:53:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35439
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 7A13 111 KB
39 KB 464ms
22ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.logan.com
URL: http://www.logan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 10:17:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74169
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 14 Jun 2023 10:17:06 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230612/r20110914/elements/html/ Frame 7A13 11 KB
4 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230612/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BcAzRAKedrEXhUBP_Qgq1dCN8kLd1T5KsroBZB_6wqRdZOUYvyVZD8cifIdBrCm97bqQGiUtPWJj2vUMJcbLdLJDOJRMbAWF3lKHkG6cOYy8Jz_ZX4EqhIGHq-pBbXm5WNR2FdlCNi0OozNSMIIXpd38BSSp-VRiY9yntWjFZHhxnGkrs&cry=1&dbm_d=AKAmf-AOduvTkSROeebSfMJcpiGbag8OjGKyDtAR9zsbFXcOUkjT8UQ7Bb9Ro-83fpNEQMWUuBRqMJK-60At8gVcr7IKRnoXP7rRACb_w8xTbzrsnyZXg0kzgUPb__CLDaMLYNMmKz5riG67geF2Xsvh_NezcoZaBe9T_RLwNR48exgIYae4t6T5DteXl-1-VGWOuAPh33fX-Eu4M_-WkQ9RWFWknSEYi2_ndwP8T-AVUjyAICFceFGnHbuBxNiHi8NBJl7fp-CDjiVSFEYGWGd7a0llVskpDyBjp0uD_KfI9kOTmnmQsSLb757Ng-aZ4_De54ROw77JtzwR1JcVdqMAs-e07sdx9ckd6KyTO2sqmQ3GT2IqMuJIVfizpX18K5IGoTdLkK8E8Hptxy4nvRrkjfFSrSDN-2Yffa3diYcRiB-Alas6VQ72grWrmGJX-kGUXC1nlmBLQoR6E3LMrJGxd9PxVs6nn8y_NuBK3yl62oZxtHLCBYaKbnbRF9uuGAB_tDNfVRW-eoriW89sF3N7svt8VNUmP4FBBcDAqhQk1QJCt7GB_CrwYrwZNY3gDpE97-of_Kko2vB0XWrbiEqWIfvHzLYRG9fJOZ_ZFrS8W-z42LnhfvOGyqKvo_uSkVOTOVO7JRtQBUEYDmuHCXcDPFcIKNo_m5Bi1ZjqfrivEHoHA67b2ESCAP-ZO2Ssp_fvvDsHZWzFZpwPBiqOkv0hdUIHBst9b6IjZScc6cnHv-soeaymBbv1uzhQOAiPYEEwib-DkA2pJkYb3TmG-gKpO3SKDvq9At8mO6FceOjNXmUbLzauPY26XwlWMb2QRyf638vPEl2XEGF-gBZk9JPMiJ4fGVSkqR3sQp9HurSCem9eRSN7FsulQd9mVwXINwRHUG65XojpiEollL_exFytqjTwEQrrzUUuLK29s2WAQH8mLvo6VfVI-Jr4XPmpjm-oPMKioWNmhfwvzYKHz_s1hOhd06MHDrJRCD95w3XIReyAjRATPNXXKgTWuhd7ynDY2c56VdvE3yNFo25A3vnmkCdnAzxFvYpczfuzBegDLajYR1RpFk3Fb3mFiQpjns6RJ3diYsAsXQD0L3qs0Qip-jwttdZ0J7aqFAxGA6pXw7GkMeNUAG50meCb32HFvzzMe1X8SrdKlfadohhxgFnS6m4vBxN-gbjLAUKMfAU8xU1xvwlIt07Rh1YSDfeQ-VYuwI5h0oDSSBrGiHTjksAM6YUhk8dUtDuasT-HpZaYrUrbtN1Yhs9w-lvBmfADd7UVX8OtH1odq6yqCWTj3laA2RpVAy65rzLmoQn29TV_czQ6b8zniEMDUVcaRpGfNNT7QXzipc16bIGm4FenmswmBgRwRK83DY7K_YhOQ6qAoc_yfAeMgULaA0_-JShzB4yle-cmV0GskUIPUPxSkpIwRR21YwrJR-skuKNGlDwh1ywi8BpXpUjL0wS_WGF-l6KxD7eCGESsIQ5U6HYfoFmQjoTJbxb-lMUtWAmzMbSJixBARfCVrPHpfji6SZbH3Mr_rwFiP2muByIXNxZeevQofBDei3YY27ze9f1Hb53SnJvDo6XQyIl3U7yw86eeVwW8854afhTwoPsdWwaP_Ou2hmsC9Qa1kTDLxXuuVC6hmULnOgAthqCIX6gcXbxMIEhDPXRfu2mOKuzpxi-x-rFHLS9mBYzHgpktUwIIXdOajYbDrioePZqeKccIEUiKFBKby1Nuyo2ZSwRJIxMl87vZkuP06rb6aQc2ZQeRDXoCVSlKEgaGv5R0tbX4OWDFiet6_hLmfG0Bm9qLojVdG7xYY1VMru5-9j3A9yfPy_6CkwTfjAVefiV9qzP1bxKRQbLfmjE9dfckYb2PZZ8QfGWCmTfRX2Q6Uo39Msp4jLLBbxLzgAJttRghCdb3dQIZrl6Cmab_c8H5xdoucow8Iuj7IYKpnsjO0zFtHoPDSXG9alDFL8yR-qD9NsYM3zMdKAPiB2u0AWUb6kBO34sZ3pVULFL_vh06SHtLHVSC5lLe3lCE4TX_O6nFKvxzAwEq1AlX3jAue6lxHJL3LFi8G99G50XzWL5vvO_F1xRM_9oRQbXebYqv4mRfkIifR-3ZN8gYL2TkwJWSZo0QQ71d90g3Y56BQO4LMUfJcN9_M9dOYaBlll8M9-CXXhYr8FUb4SZGieJgXdX7zN2o9VsZEVEpqwM58AO1ka765ouYAL-Df9G6Ea_P_rf7D_yYoOD7UYacje8F4pE9S_SgVtLubDhtM6u6cNFco7B3O_d4bVgJYYiACMHuPeevv5kNpB399W_3S6q-rqQTo5P5F9QzIkaZPwmgfPHK3y0LugQAecCm3nvNYQz4PKmW_imjU_2KrBbQasH76FM9Wz5qCNOgUzFwk7Iw6YVb9TCDHqCSC9g78PunTmjE4fl5Ywc5kDyrzJScINc0PsguJhQrHMKTDzX28qy9YViazcD55qV-gOqLUh3L_JAe1ZHMMyzlwJJuFSMaj3sjm-x0K-GrzGHzjA8kHSuDUb2p1pkhVqSm4qxCzs6upFhroDnFBawjQovtmYPy9Em9iiDR0TEETvtZP8dUdYoW7JpOgXkX2j3wBiqGNT-ogB3_xarek3KvO8dsaIxuoERAeR4erGG31En00G6oo_yLNTwqy1KfsKHvxFOGz8JBcP3quKoArFTmlMU05lNzUBE7c4Xh3efWMRQVDxUxKYrh00_Exf1795oGDgjiqztsz71LfVG6mfNnEw9c0iScG9Nnl-F-4jh7gY2VMqkAs6obMGXboOqQR56k7cFacsWSzqGMePMD4qkudbncVBUlP0ncq7EUU5zRfpBMrNAUD53zkeBucektlIHVneIh5x9sI27IGCjd7bH9gia82UVAck9e1WV2S4OQoaFKLWJsICSP_Kl_z0If9yOlLpug4vKTKsXiyxHG5uvyfBJ_yANi-mmsjpNsg0jIW1tU6D4T1knAFuC7P2FvVIp8UYM5sCFp02zhAP7ssECBbRxL_WryUiN5djaFj0_Z3YsS4S_1ejzfKvhRPb50rzz21IFy-QWCYucMGGX2IIYPEYwVWApZZ_tA1kCconp1FGoN-cIXzSBtQzAs4nJ_Meep3reVYrfU9uT6xUCHh2DR0eSU7uvqPmCqR0gCbj_k4VKcbXgziDOED5rbB32vAqNPMK8eSXuquNHavmio3GSSNSKpZqQCCOmLVZi-P3uiIu5cQpCKzV38wlz9EuQPHhr9Qi4RzCYxgEqbDr9egadRTkfAa8Vqc7jZGyvzrYySNS3UpDjo2Yl4MMG1kuHR7B0ZMiyMiwxc_1bDIbNxi4r8IvNHcapAGYwGbII5UvEuKLPOc7l2NsnWdlVsXe9u6eqUp-Y3BjeoRgmBVaS0vEkDrlNRETMfU079BveIkyNv_gskujtyX89jQvFnvIZ2R3E6VBWh9koJbgqMMOT7pIze2BJ4ADCLr_jvhikEVLzkpXTLFFu3pS8gGybm8g&cid=CAQSGwBygQiDCPGT_34InrmFyhunNhwF2kR5TDOHZBgB&dv3_ver=m202301230201&rfl=http%3A%2F%2Fwww.logan.com%2F&ds=l&xdt=1&iif=1&cor=10756723562731178000&adk=3476589348&idt=133&cac=0&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ff9993d3bf21821aa4aab3b5958b4d9ba3fd3a3aa92f5830a24d3ee259f4851

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 17:03:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49773
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4172
x-xss-protection: 0
server: cafe
etag: 5499578052516643378
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Jun 2023 17:03:42 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230612/r20110914/ Frame 7A13 28 KB
11 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230612/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe46a63908b2f38a3e6fe196b2be955caabbc630905b0948a4c9c8e97a75c54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 17:09:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49407
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11023
x-xss-protection: 0
server: cafe
etag: 2148190616262561532
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Jun 2023 17:09:48 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 7A13 41 KB
15 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.logan.com
URL: http://www.logan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 13:19:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 495245
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Jun 2024 13:19:10 GMT

GET
DATA 200
OK truncated
/ Frame 7A13 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52193d9e393c811ccb01136ce33ae3a6ef3d55a1e86d25ef49b36b6c5e39c5f6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame A212 22 KB
8 KB 23ms
22ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 495152
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 08 Jun 2023 13:20:43 GMT
expires: Fri, 07 Jun 2024 13:20:43 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 _gLG9aN8cjF7vXKbMeOxmtCOjM8PIsJVPzQXNT2dY7E.js Show response
pagead2.googlesyndication.com/bg/ Frame A212 37 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/_gLG9aN8cjF7vXKbMeOxmtCOjM8PIsJVPzQXNT2dY7E.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe02c6f5a37c72317bbd729b31e3b19ad08e8ccf0f22c2553f3417353d9d63b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 20:34:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37103
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14773
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 12 Jun 2024 20:34:53 GMT

GET
H3 200 Domes-Noruz-160x600-DE.html Show response
s0.2mdn.net/sadbundle/17193030867716495342/ Frame AC09 6 KB
2 KB 65ms
21ms Document
text/html 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17193030867716495342/Domes-Noruz-160x600-DE.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f24a910b3b98e869cb192db4bf50c68ebb6ebc850f8cd7c8c1064be104e87818

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 150603
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2352
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 12 Jun 2023 13:03:13 GMT
expires: Tue, 11 Jun 2024 13:03:13 GMT
last-modified: Tue, 09 May 2023 15:12:48 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7A13 0
0 131ms
67ms Fetch
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvTwIQFzQeRP4x5gaJvoc4ac5k7PCx0on9v-zil5WXtWHA75P31f7ub8LQKi_-sH5qHGrUoBjkbCj9-knwuNphkI-jDF6HRdeQ5zwhhXwf7TDTC1ccaOwK0rPfmd8k_74zp_x9tlsY2ECTEwipOQYzDYzFqSkuoJXjaXF7EbjSDiBhc6nHrpDKcgUKiVvFapgVAYa2Z3N2PT8WBPmKamPb4bPJzQKTTeJg_NT_Kux5rPW7f42cOb9LRYY8N-6SAkMfkk1SIRC77K4TTN2tRyQ-s4tzCpAHZUhW52m7u0fSCot9S7Xr8fWoYSIbjK12ObSz5x_FPsyg-TcCY7jUZ0eghPCwiyZTPP7TrYlKFGmP1_eV_ORkQpAxZGMAIyYVEIhKDy3cllZ2ZjWqROrksVtgaFwVkSQ9D-PBh-uGFN1i9oR2ump5AIkW9s8MzcO9HqlUqdv3AedFKnPiH9VjY_LFruIL64va0LmPA7XGB--tdQ-x7xZeM2blPJ6FmXuDqHeTo_8XhZ7ONforBREkBI7Ue8uExeKlNuS8DOBZaJsYE5oRsVD-tLzAYYX-fCNMNFs0qlpzs15ymJ--xAWw0q4seGDbNgjqTyJGMvh2dZt8Z1XAEw0Zjw0Bqz8Qxe0_9c1cXQyoZT0WJs2e4UatV5uPu2PMHXRIwGp05_2fo7-D0vi857LVQQAO-31tVu5XCJkO1p_0wrcFsgo_YuBEnhCol779Guokl5dVwPkAfIoj2OG09nADKKDyXpfANEAkvRZSGSusPug_FdMTjeDdRc5keOcrNBwgjBdR8uWl9L0bvdOKSpQcfJ01giFRmHcPjfrJMg4U57zBRKS3D1m5YdbBUFfw4KE9OIv3u4xenii5MSo3FQTiWfGfqFr-CficooKUWd-hkCCkGHTmgPXWF0ArtiZ7SBCcOMFcahdfUKSiZckF06EIu7_HyciqFercHq5hEb5FpRXOAID1hqHQUhOc4GIg4OzwQAy5g7qjfUBag6VwIijTM9hedSNcmKDGfjrae2Z4k35PRKYc5m1-bI2WGyN3R9vL1HL9lsS6L8bdPfYBJqS9XU6RbAg4vgOKElp4P0qt1FHGt6aZpqiAnghyZtpg-BC7WEt9ub9ZxL5OBwZo2ncZIe7Z37CV4DtHrvzyXXd4bYk7RGNn7pzs_1OBJKkuciPWX-InUaFXphECj8Uf9s6hnVwb1Hw&sai=AMfl-YQA3-qKyvxBvGsyol6umD7Io0PkygASeYjxQz5GJwTpcdPsRt_dUsiwXfGCt3YxdyLJVVGhPShnaYtj_hcwJHAYbefPGLo8sh2Ec8CJvpJu2AaPgnTQ6LALS8RHyDu73AqMpNkfp9kjPxW4abHHg2YVoOLldiVEYk99_TFerFShriH_vlo&sig=Cg0ArKJSzAKUo6oeSPetEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=497&cbvp=1&cstd=493&cisv=r20230612.91393&arae=0&ftch=1&adurl=

Requested by

Host: www.logan.com
URL: http://www.logan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 14 Jun 2023 06:53:16 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Wed, 14 Jun 2023 06:53:16 GMT

GET
H3 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame AC09 236 KB
63 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17193030867716495342/Domes-Noruz-160x600-DE.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17193030867716495342/Domes-Noruz-160x600-DE.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 06:53:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 14 Jun 2023 06:53:16 GMT

GET
H3 200 Domes-Noruz-160x600-DE.js Show response
s0.2mdn.net/sadbundle/17193030867716495342/ Frame AC09 51 KB
9 KB 21ms
21ms Script
application/x-javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17193030867716495342/Domes-Noruz-160x600-DE.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17193030867716495342/Domes-Noruz-160x600-DE.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db8e364fb51fad369240565dec4060a6fd4b59ae8b5ff7446feaf000bab9f198

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17193030867716495342/Domes-Noruz-160x600-DE.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 13:03:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 150605
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9223
x-xss-protection: 0
last-modified: Tue, 09 May 2023 15:12:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 11 Jun 2024 13:03:11 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A212 0
20 B 61ms
60ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B5ea-22OJZPCtHMLA3gPS14fQCQAAAAA4AeAEAg&bg=!CwilCFzNAAaGYqkwpmI7ADkAdvg8WlIoTdKp4RTXeqwpi6XzhEPn8OxmhXyecKZO7nLXlXCa_-d4-TVro9Mu3z3fgPUc_64ctKcCAAAAX1IAAAACaAEHCgB57AicdizTdlXjpDS3CCcIjdHLqKdOQVhoh82mV0-ffkOmfMAGJiHFmV09jjM1-meQF3vMWsiR2qou0t9v0r8eIjAlSChqxhDqSa_c9l-02V0umK1duGbOYBWSrcN240FkfAc14UEwCiLZoX72mJ40Ceda6jkIh9dHCJkC9ButB9xonem08AcRebLyNz6O8_d27kU-PH53TBcilAMHfo9RV5AtinUF6bAUquKAdUjTqXP8dj3RyFnwCPvoPN-6yHa0FcmqLZM0r6eylGigr0BXzFeZsIAJR7wjp517F2przyC71RGzh2-Ly6DEmPmpPkgbrgoaI6VxetLJWnLxHJbpAvUl7HP2Z6QkDWYXvqm-WDH9MAO6nOyVIRdnb8eI8EFB1ZW4Mw9Dnm4eLJcUirxWS_ObCdxkHAhVj7HGWVNzJWN_udUiVNx5AIL0cIAasTUG8PUtOBwLm3NnNvxkoO6CxcOCy-bpsIxWIav7es_EEKziBRQr6LpUqHv0EuexBo328Q2bdtTgPXskkg4t6kuYfni0Ng0U_w1r0A9HlJ-uEyaXpqmoWckshPURwZVIcGS2FY3PFDTvD1CNNQjH3_Mj8RthgZG8D2hhYnfU_CVpascHERA-S7OHki7mkk0Y_tTjYZdtp1e_NxIx8G_IJx1fuQOrOKfZuRTYMdPqvhRkfdUbfeo_apaxfAm9O1w5hObpqMFOeHJY7YcIiookUI-kVrD04VmVwSM1GiNVUzmGBRmfrJwp0vqk018aV-HlVol73jwz2AWAE0929hZEQAh6KZFUSAgYTmtCpOiBzWw3ybg4yXSSKvrk0kXhl37EHYG3kor_jq_44jLAvLD4PDeOmG7sQomVLTS9lTTIka9fYQ99UFOMFrEDn4TioeJh2paQIJIqV0O46LXlLCvlZy86BZ3a286EejQeKpi5UlmocoH31OTTCV0Sh_F5v0giDdb8-paHvXkZQ9nbdWMyimrcuH34LLWNPxLGgyg6s8HGgHvgBToorgDPEyvXs9xaV654vyUvxhxmRii2qI1HHdMabNBszKzfeSKfe8KGgF6vML1tAi1DRrHxTYE6zAJklfs_UCVoTtsyc7EoayzjqOEVwcUxyJkjeU0jH0rNN5BI4CrwnrbBYPiawF7e01bJv8eQV7F1IeHcseU38uwkTWwg5Q

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Jun 2023 06:53:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Domes_Noruz_160x600_DE_atlas_1.jpg
s0.2mdn.net/sadbundle/17193030867716495342/images/ Frame AC09 2 MB
2 MB 24ms
23ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17193030867716495342/images/Domes_Noruz_160x600_DE_atlas_1.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88414148b0c9c47c37aee3e2c3b5a22dc37cf2255e064d237bba9fa86782f6a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17193030867716495342/Domes-Noruz-160x600-DE.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 12 Jun 2023 13:03:11 GMT
x-content-type-options: nosniff
age: 150605
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2138057
x-xss-protection: 0
last-modified: Tue, 09 May 2023 15:12:48 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 11 Jun 2024 13:03:11 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7A13 0
0 60ms
59ms Fetch
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvTwIQFzQeRP4x5gaJvoc4ac5k7PCx0on9v-zil5WXtWHA75P31f7ub8LQKi_-sH5qHGrUoBjkbCj9-knwuNphkI-jDF6HRdeQ5zwhhXwf7TDTC1ccaOwK0rPfmd8k_74zp_x9tlsY2ECTEwipOQYzDYzFqSkuoJXjaXF7EbjSDiBhc6nHrpDKcgUKiVvFapgVAYa2Z3N2PT8WBPmKamPb4bPJzQKTTeJg_NT_Kux5rPW7f42cOb9LRYY8N-6SAkMfkk1SIRC77K4TTN2tRyQ-s4tzCpAHZUhW52m7u0fSCot9S7Xr8fWoYSIbjK12ObSz5x_FPsyg-TcCY7jUZ0eghPCwiyZTPP7TrYlKFGmP1_eV_ORkQpAxZGMAIyYVEIhKDy3cllZ2ZjWqROrksVtgaFwVkSQ9D-PBh-uGFN1i9oR2ump5AIkW9s8MzcO9HqlUqdv3AedFKnPiH9VjY_LFruIL64va0LmPA7XGB--tdQ-x7xZeM2blPJ6FmXuDqHeTo_8XhZ7ONforBREkBI7Ue8uExeKlNuS8DOBZaJsYE5oRsVD-tLzAYYX-fCNMNFs0qlpzs15ymJ--xAWw0q4seGDbNgjqTyJGMvh2dZt8Z1XAEw0Zjw0Bqz8Qxe0_9c1cXQyoZT0WJs2e4UatV5uPu2PMHXRIwGp05_2fo7-D0vi857LVQQAO-31tVu5XCJkO1p_0wrcFsgo_YuBEnhCol779Guokl5dVwPkAfIoj2OG09nADKKDyXpfANEAkvRZSGSusPug_FdMTjeDdRc5keOcrNBwgjBdR8uWl9L0bvdOKSpQcfJ01giFRmHcPjfrJMg4U57zBRKS3D1m5YdbBUFfw4KE9OIv3u4xenii5MSo3FQTiWfGfqFr-CficooKUWd-hkCCkGHTmgPXWF0ArtiZ7SBCcOMFcahdfUKSiZckF06EIu7_HyciqFercHq5hEb5FpRXOAID1hqHQUhOc4GIg4OzwQAy5g7qjfUBag6VwIijTM9hedSNcmKDGfjrae2Z4k35PRKYc5m1-bI2WGyN3R9vL1HL9lsS6L8bdPfYBJqS9XU6RbAg4vgOKElp4P0qt1FHGt6aZpqiAnghyZtpg-BC7WEt9ub9ZxL5OBwZo2ncZIe7Z37CV4DtHrvzyXXd4bYk7RGNn7pzs_1OBJKkuciPWX-InUaFXphECj8Uf9s6hnVwb1Hw&sai=AMfl-YQA3-qKyvxBvGsyol6umD7Io0PkygASeYjxQz5GJwTpcdPsRt_dUsiwXfGCt3YxdyLJVVGhPShnaYtj_hcwJHAYbefPGLo8sh2Ec8CJvpJu2AaPgnTQ6LALS8RHyDu73AqMpNkfp9kjPxW4abHHg2YVoOLldiVEYk99_TFerFShriH_vlo&sig=Cg0ArKJSzAKUo6oeSPetEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=646&vt=11&dtpt=149&dett=3&cstd=493&cisv=r20230612.91393&arae=0&ftch=1&adurl=

Requested by

Host: www.logan.com
URL: http://www.logan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 06:53:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 14 Jun 2023 06:53:16 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 137 KB
46 KB 135ms
134ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6bb0bb2c301f92fc2e7af8fbf4cd39ab7f5b0f0ed1b6079e059fbfee6fa5283

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.logan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 06:53:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47349
x-xss-protection: 0
server: cafe
etag: 12053752963316802693
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 14 Jun 2023 06:53:16 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 114ms
71ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230612&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ea7fbe1147583fbffbcd821b22dc72a5803aeeee9eb4cee4071b43f92d599db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.logan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 06:53:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11129
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 41ms
38ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.logan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 06:53:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 14 Jun 2023 06:53:16 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230612/r20190131/ Frame 4FBF 10 KB
4 KB 22ms
22ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230612/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.logan.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 36097
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Jun 2023 20:51:39 GMT
etag: 15057649708203361565
expires: Tue, 27 Jun 2023 20:51:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 34ms
33ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.logan.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.logan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 06:53:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EDB1 0
16 B 32ms
32ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5359790986991748&output=html&adk=1812271804&adf=3025194257&lmt=1682615681&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fwww.logan.com%2F&ea=0&pra=7&wgl=1&dt=1686725596394&bpp=2&bdt=1913&idt=2&shv=r20230612&mjsv=m202306080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db9fcbeeb54199179-2282ac2aa6b40072%3AT%3D1686725595%3ART%3D1686725595%3AS%3DALNI_MZgc3ir9KxLgYPFLRW8ghggKkTwcg&gpic=UID%3D00000c4ec3079765%3AT%3D1686725595%3ART%3D1686725595%3AS%3DALNI_MY85JB8vcteJcjscISrK4JQ2LvpqA&prev_slotnames=9740388826&nras=1&correlator=5021181545327&frm=20&pv=1&ga_vid=202072502.1686725595&ga_sid=1686725595&ga_hid=1115776777&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31071755%2C44772268%2C44788441%2C44793498&oid=2&psts=ABHeCviH761w79fOnXCqvIxTNa0xeEde64LUVr9KFMiakC9202zUTjK5PxPfwFNDja_B-DoN9CeUkVeIh15IIJD7PB7fPNI&pvsid=1244039673231688&tmod=622245943&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=32

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.logan.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 14 Jun 2023 06:53:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A63E 13 KB
5 KB 25ms
22ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.logan.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 50854
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 13 Jun 2023 16:45:42 GMT
expires: Wed, 12 Jun 2024 16:45:42 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4511 783 B
1 KB 84ms
31ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1e86a9904f9c28d3bce993ab6aa601ac8302e6ca4e637fc229389b87cf41a6ae

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-SGlNEZRbosrx2II5UgVIrA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.logan.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-SGlNEZRbosrx2II5UgVIrA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 14 Jun 2023 06:53:16 GMT
expires: Wed, 14 Jun 2023 06:53:16 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 _gLG9aN8cjF7vXKbMeOxmtCOjM8PIsJVPzQXNT2dY7E.js Show response
pagead2.googlesyndication.com/bg/ Frame A63E 37 KB
14 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/_gLG9aN8cjF7vXKbMeOxmtCOjM8PIsJVPzQXNT2dY7E.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe02c6f5a37c72317bbd729b31e3b19ad08e8ccf0f22c2553f3417353d9d63b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 13 Jun 2023 20:34:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37103
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14773
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 12 Jun 2024 20:34:53 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4511 0
0 56ms
56ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230612&jk=1244039673231688&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A63E 0
10 B 22ms
22ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?dBafEw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Wed, 14 Jun 2023 06:53:16 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7A13 42 B
64 B 59ms
59ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstceUqNPMpXT99qodGZT6qmrzMe8CHieB6BT1FQK43J4q9Z9nrPG_s4V81vleJKLZuGqgBp0RfyVPsmGwHcEgtsMok5AksqqlmEDKuAyfALdsYrNp8Sp2RVrHbDxcDJAUE&sai=AMfl-YS3DyMrMpuN_vx9gs14NLXFyqM6_uBa4FJBtKxvK-GK0ttR7AwLm6ZTvkvgBNU5QpgIyt9syC_fVLsb&sig=Cg0ArKJSzIgHcvdY476YEAE&cid=CAQSGwBygQiDCPGT_34InrmFyhunNhwF2kR5TDOHZBgB&id=lidar2&mcvt=1000&p=0,119,40,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230612&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1223337143&rs=2&la=0&cr=0&vs=4&r=v&rst=1686725594954&rpt=669&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=14

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Jun 2023 06:53:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7A13 0
20 B 56ms
56ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5254152424555&version=m202301230201&ct=119&x=1&cor=10756723562731178000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Jun 2023 06:53:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 60ms
60ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230612&jk=1244039673231688&bg=!dnWldSHNAAaGYqkwpmI7ADkAdvg8WmLiYjWSeeH5KDve8xfjbukslMxRrUKYD0DwypOKw7SKqAGWI41-Neecj8M9W2R_Scgy6UQCAAAAbFIAAAAGaAEHmQLlbqAwLLgzXfMcJTI9gzAJl_Q2iZYmfJeqUFse-9aAvRhjYQISS3MSbYn-BWlLCXM7AxoT-2HSi7SMyZC-O1QEoBdaO428ZbVA4C_TT5HFCZBdnP4vyoxHSAEER4An_RklaqfgpMZlF_nEOR7pE6PM4dFXGKRakNnfsGthqtC5oV1HkxdEfPRdjqISP7kKCcKdQWy3c9_NlUxI2WQDnTgHt9BlCf_pvYyFoL_tIg1pCuoagiRaRnAOT8u0wwVIQIsKrFZGaQT8PGmFG-G47wlZjsa1ND1ljF_8vQAiEgH_9X6OTPyBI4HY_qFgV6cJcSCbHmzQrrS9TGfM7APugWuwW-mKy6FTtXXuZw4eEdpSD_6MKDrQpcsTN40aNCPQw2V33Dh5X-xqjT6a_kTJdbtTrGsLyMVdLxhsVExoUrYFHCjFpp1L0PSyKSvTU3__XTeSq2JCEs5CbdfTkg4r7W-JcrLibPl98B-Sepqt74mzUbM6907sMG9ot5BDAm1Nua6cWCvbgTP0sTuRzBvpoNNUPm9qSXrZZqyeZMHzX3C4ss0L90NYg0ugnjrwA_We3KA7hWywJ5uNI-32rgGyYPbDaGWkZSxU8c8el2aQPPORZryLV1QpSgxvhpmKOc15oUHdKyOJVpg9fFOYfY3Lc9u987_mFwmwznOxt5_shv3FAKTVpDPU2MA05DMSNVnDNpATEqcPs3DZAOv5-vG3pCFLbqmsbXHCRZjhS0YcnJe3KPzlJBriC7JQuaScJvJ7m15eX6eJeN25E0wEmorix5TuGlSX5qtNrSptu5uEztZI6yFi5qZmOK0ruxTKTiZOkiGqQw-uAOfaUeJrLtzd6fPGB12FAq96TzTzoh0s4D70l7gg3RItwLrv_6QlpqTYDLtyz5SxRSa3vRutDSTkXJjJDghTvrReEm4abVLkK0gDNiPBG2Sg63VgJwumCRX8M1fSvB8cazPXiWZOKjxWCpwtsGpW4lA3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.logan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

187 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.logan.com/	1970-01-20 21:53:41	Name: __gads Value: ID=b9fcbeeb54199179-2282ac2aa6b40072:T=1686725595:RT=1686725595:S=ALNI_MZgc3ir9KxLgYPFLRW8ghggKkTwcg
.logan.com/	1970-01-20 21:53:41	Name: __gpi Value: UID=00000c4ec3079765:T=1686725595:RT=1686725595:S=ALNI_MY85JB8vcteJcjscISrK4JQ2LvpqA
.doubleclick.net/	1970-01-20 21:53:41	Name: IDE Value: AHWqTUnBaoIWWIGwQmxHTQiu_qcKobkbo90po3uqpKwhOjhN2BUcW4qTA70fzO99
.adnxs.com/	1970-01-20 14:41:41	Name: uuid2 Value: 4957589410524984283
.casalemedia.com/	1970-01-20 14:41:41	Name: CMPS Value: 5209
.casalemedia.com/	1970-01-20 14:41:41	Name: CMPRO Value: 5209
.adnxs.com/	1970-01-20 14:41:41	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GUjx:CYA!@wnfH8K6pQK`!5=E<L5?%M7f#fQXhqS<4.Ja777QRl^m4jIBnBBKZ.bKibpRzqF1`b_^f7$wa
.casalemedia.com/	1970-01-20 21:17:41	Name: CMID Value: ZIlj22rJqP6DgrMsMEbGvAAA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
cm.g.doubleclick.net
dsum-sec.casalemedia.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
pagead2.googlesyndication.com
partner.googleadservices.com
s0.2mdn.net
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.logan.com
142.250.186.66
172.217.16.130
185.80.39.216
185.89.210.101
207.170.160.160
2a00:1450:4001:810::2002
2a00:1450:4001:812::2002
2a00:1450:4001:813::2006
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:831::2004
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
1e86a9904f9c28d3bce993ab6aa601ac8302e6ca4e637fc229389b87cf41a6ae
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
332d8e2d6964e41c92a430d24b1b469bfdcc30ad072f980b2e7adf241590886a
3971c2cf6dbbf116d5cec2ee8c33d865a731e46bb4fce14caeb4fd686d5ecee3
4b1e1bef92ba957c4648c2118de4eece20ffb8e58eedbb33bce5c2227b46e9ee
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
52193d9e393c811ccb01136ce33ae3a6ef3d55a1e86d25ef49b36b6c5e39c5f6
52307ecdac6c520495d76cb72cc8b7ac1108b1323c2c956f8dbd10723bb11215
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5bd36a526ca39df97cdc1b54ffb9ffcedfe638ed6a299c75d529077907413a9a
5ea7fbe1147583fbffbcd821b22dc72a5803aeeee9eb4cee4071b43f92d599db
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6c41fb8e9d2a219e2d945c5f385479d110f55392ae0828ff8aa2ba3790b72814
7ff9993d3bf21821aa4aab3b5958b4d9ba3fd3a3aa92f5830a24d3ee259f4851
88414148b0c9c47c37aee3e2c3b5a22dc37cf2255e064d237bba9fa86782f6a3
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
daa263faadced628548c7c2c0537ab7b3c5db63a30736ea98cf5ccecda608bf6
db8e364fb51fad369240565dec4060a6fd4b59ae8b5ff7446feaf000bab9f198
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f24a910b3b98e869cb192db4bf50c68ebb6ebc850f8cd7c8c1064be104e87818
f6a668741aaae51af53932f5546ed0ba37f4c96c432e47497fa57a020232e332
f6bb0bb2c301f92fc2e7af8fbf4cd39ab7f5b0f0ed1b6079e059fbfee6fa5283
f8ac73613302cb8e0b57f78e0d4629f7cd87ed44a820e7c32ab4c3dbd6d464f1
fe02c6f5a37c72317bbd729b31e3b19ad08e8ccf0f22c2553f3417353d9d63b1
fe46a63908b2f38a3e6fe196b2be955caabbc630905b0948a4c9c8e97a75c54f

www.logan.com Open in urlscan Pro 207.170.160.160 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

47 Requests

87 %HTTPS

58 %IPv6

9 Domains

13 Subdomains

13 IPs

3 Countries

2641 kBTransfer

3690 kBSize

8 Cookies

62 Outgoing links

Redirected requests

47 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.logan.com Open in urlscan Pro
207.170.160.160 Public Scan

Screenshot
Live screenshot

Full Image

47
Requests

87 %
HTTPS

58 %
IPv6

9
Domains

13
Subdomains

13
IPs

3
Countries

2641 kB
Transfer

3690 kB
Size

8
Cookies

47 HTTP transactions
1 data transactions