urlscan.io logo urlscan.io
SecurityTrails logo

ok.city4me.com Open in urlscan Pro
45.80.71.20  Public Scan

Go To Rescan Add Verdict Report
URL: http://ok.city4me.com/
Submission: On January 07 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 4 countries across 8 domains to perform 35 HTTP transactions. The main IP is 45.80.71.20, located in St Petersburg, Russian Federation and belongs to BEGET-AS, RU. The main domain is ok.city4me.com.
This is the only time ok.city4me.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

4    45.80.71.20 (St Petersburg, Russian Federation)

ASN198610 (BEGET-AS, RU)
ok.city4me.com
12    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:7a60:0:103b::1 (Ukraine)

ASN200000 (UKRAINE-AS, UA)
c.city4me.com
1    89.184.81.35 (Kyiv, Ukraine)

ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, US)
PTR: c.hit.ua
c.hit.ua
1    88.212.202.52 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host152.rax.ru
counter.yadro.ru
2    88.212.201.204 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host204.rax.ru
counter.yadro.ru
4    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    172.217.16.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f6.1e100.net
ad.doubleclick.net
7    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:82a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
19 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 140
tpc.googlesyndication.com — Cisco Umbrella Rank: 185
293 KB
6 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 68
ad.doubleclick.net — Cisco Umbrella Rank: 199
47 KB
5 city4me.com
ok.city4me.com
c.city4me.com
179 KB
3 yadro.ru
counter.yadro.ru — Cisco Umbrella Rank: 7553
1 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 6
1 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 271
65 KB
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 407
19 KB
1 hit.ua
c.hit.ua — Cisco Umbrella Rank: 157458
704 B
35 8
Domain Requested by
12 pagead2.googlesyndication.com ok.city4me.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
7 tpc.googlesyndication.com googleads.g.doubleclick.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
4 ok.city4me.com ok.city4me.com
3 counter.yadro.ru 2 redirects ok.city4me.com
2 ad.doubleclick.net googleads.g.doubleclick.net
1 www.google.com tpc.googlesyndication.com
1 www.googletagservices.com googleads.g.doubleclick.net
1 s0.2mdn.net googleads.g.doubleclick.net
1 c.hit.ua ok.city4me.com
1 c.city4me.com ok.city4me.com
35 11

This site contains links to these domains. Also see Links.

Domain
www.odnoklassniki.ru
vk.com
t.me
city4me.com
Subject Issuer Validity Valid
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh

This page contains 8 frames:

Primary Page: http://ok.city4me.com/
Frame ID: C99D85BECD25D9101B74D66570C90701
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240103/r20190131/zrt_lookup_fy2021.html
Frame ID: 9A7F5282E49F59B89774064A63C5E361
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3746566164632724&output=html&h=90&slotname=9192009245&adk=792150153&adf=1145582654&pi=t.ma~as.9192009245&w=728&lmt=1704647076&format=728x90&url=http%3A%2F%2Fok.city4me.com%2F&ea=0&wgl=1&dt=1704647075691&bpp=4&bdt=275&idt=319&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&correlator=4733295718208&frm=20&pv=2&ga_vid=792172490.1704647076&ga_sid=1704647076&ga_hid=20299469&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=318&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080224%2C95320868%2C21065724&oid=2&pvsid=1222486465810958&tmod=63986003&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=331
Frame ID: 5AB1072EBB502CC9BF5A1F720C23DA02
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3746566164632724&output=html&adk=1812271804&adf=3025194257&lmt=1704647076&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=http%3A%2F%2Fok.city4me.com%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&dt=1704647075724&bpp=1&bdt=308&idt=304&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&nras=1&correlator=4733295718208&frm=20&pv=1&ga_vid=792172490.1704647076&ga_sid=1704647076&ga_hid=20299469&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080224%2C95320868%2C21065724&oid=2&pvsid=1222486465810958&tmod=63986003&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=310
Frame ID: 41C086BF3D87389807AF48C3A09613FE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARj_9r7cATAB&v=APEucNWBLHHFOxrYRHeWbMb-DDtypwwg5zalMSAyU7sQe_0jK2vG7ews-RdCKSE4Vi90AHxWd3rTIxe5jxf41dXvP5uUY9Z0HQ
Frame ID: 3E94FA9A68BA2B052D3FB9CB93D7C50E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 1F2B2E41BFC8E122C654A276B387244B
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 74AB0CDD424809DDDCFEE4662119B125
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 01607851A830548B621EB1187F73EEBC
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Шпион Одноклассники: слежка онлайн за друзьями ОК

Detected technologies

Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • <script[^<>]*>[^]{0,128}?src\s*=\s*['"]//counter\.yadro\.ru/hit(?:;\S+)?\?(?:t\d+\.\d+;)?r

Page Statistics

35
Requests

77 %
HTTPS

58 %
IPv6

8
Domains

11
Subdomains

12
IPs

4
Countries

604 kB
Transfer

1318 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • http://counter.yadro.ru/hit?t26.1;r;s1600*1200*24;uhttp%3A//ok.city4me.com/;0.8515768536352784 HTTP 302
  • https://counter.yadro.ru/hit?t26.1;r;s1600*1200*24;uhttp%3A//ok.city4me.com/;0.8515768536352784 HTTP 302
  • https://counter.yadro.ru/hit?q;t26.1;r;s1600*1200*24;uhttp%3A//ok.city4me.com/;0.8515768536352784

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ok.city4me.com/ 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ok.city4me.com/
Protocol
HTTP/1.1
Server
45.80.71.20 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
fd84a587d121394f75f7e239aeeae2991599e0fa1d9736ff09f86063d3a7183c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Length
5116
Content-Type
text/html; charset=UTF-8
Date
Sun, 07 Jan 2024 17:04:35 GMT
Server
nginx
Vary
Accept-Encoding
vkspy.min.css
ok.city4me.com/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://ok.city4me.com/css/vkspy.min.css?150321
Requested by
Host: ok.city4me.com
URL: http://ok.city4me.com/
Protocol
HTTP/1.1
Server
45.80.71.20 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
b2c5fbe01609c619a90405da18b6ac62624142b5953a74a38c8e65ed075705b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ok.city4me.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sun, 07 Jan 2024 17:04:35 GMT
Content-Encoding
gzip
Last-Modified
Thu, 03 Mar 2022 18:17:38 GMT
Server
nginx
ETag
W/"62210642-1cde"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		146 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: ok.city4me.com
URL: http://ok.city4me.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b8d84d243e975f4d7144fb1a69c6ad707456cd7fe17c6c74cde95bfab161c3c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ok.city4me.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sun, 07 Jan 2024 17:04:35 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Content-Length
54284
X-XSS-Protection
0
Server
cafe
ETag
4384920796912698542
Vary
Accept-Encoding
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=3600, stale-while-revalidate=3600
Timing-Allow-Origin
*
Expires
Sun, 07 Jan 2024 17:04:35 GMT
bg.jpg
ok.city4me.com/Images/ 		774 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ok.city4me.com/Images/bg.jpg
Requested by
Host: ok.city4me.com
URL: http://ok.city4me.com/css/vkspy.min.css?150321
Protocol
HTTP/1.1
Server
45.80.71.20 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
9254b6373c3458dbf676016a5515a4b91b41481183d747f5a441749bb6a19e0b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ok.city4me.com/css/vkspy.min.css?150321
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sun, 07 Jan 2024 17:04:35 GMT
Last-Modified
Thu, 03 Mar 2022 16:46:33 GMT
Server
nginx
ETag
"6220f0e9-306"
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
774
Expires
Thu, 31 Dec 2037 23:55:55 GMT
segoe.ttf
ok.city4me.com/css/ 		168 KB
169 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://ok.city4me.com/css/segoe.ttf
Requested by
Host: ok.city4me.com
URL: http://ok.city4me.com/css/vkspy.min.css?150321
Protocol
HTTP/1.1
Server
45.80.71.20 St Petersburg, Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
4061e7eb9833327b08b56aa354455a4f5263e0e2ebd57ea1c9071a96d90fad35

Request headers

Referer
http://ok.city4me.com/css/vkspy.min.css?150321
Origin
http://ok.city4me.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sun, 07 Jan 2024 17:04:35 GMT
Last-Modified
Thu, 03 Mar 2022 16:47:35 GMT
Server
nginx
ETag
"6220f127-2a1a0"
Content-Type
application/octet-stream
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
172448
Expires
Thu, 31 Dec 2037 23:55:55 GMT
/
c.city4me.com/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://c.city4me.com/?c=9&r=&s=1600*1200&u=http%3A//ok.city4me.com/&rand=0.959050043196986
Requested by
Host: ok.city4me.com
URL: http://ok.city4me.com/
Protocol
HTTP/1.1
Server
2a00:7a60:0:103b::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software
nginx /
Resource Hash
dd5b7c3c740f58b844fb256aa88a07ea4da120c3a2485b15b2622168b2e1e4a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ok.city4me.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 07 Jan 2024 17:04:35 GMT
x-ray
p529:0.010/wn32611:0.010/wa32611:D=6212
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
hit
c.hit.ua/ 		279 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://c.hit.ua/hit?i=41221&g=0&x=4&s=1&c=1&t=-60&w=1600&h=1200&d=24&0.2801297747045368&r=&u=http%3A//ok.city4me.com/
Requested by
Host: ok.city4me.com
URL: http://ok.city4me.com/
Protocol
HTTP/1.1
Server
89.184.81.35 Kyiv, Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, US),
Reverse DNS
c.hit.ua
Software
nginx/1.17.9 /
Resource Hash
ce233adf12823de2274a119d16b9cd60ca2de9b06fd445e398e1000070b89449

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ok.city4me.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 07 Jan 2024 17:04:35 GMT
Server
nginx/1.17.9
Transfer-Encoding
chunked
Content-Type
image/png
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
hit
counter.yadro.ru/
Redirect Chain
  • http://counter.yadro.ru/hit?t26.1;r;s1600*1200*24;uhttp%3A//ok.city4me.com/;0.8515768536352784
  • https://counter.yadro.ru/hit?t26.1;r;s1600*1200*24;uhttp%3A//ok.city4me.com/;0.8515768536352784
  • https://counter.yadro.ru/hit?q;t26.1;r;s1600*1200*24;uhttp%3A//ok.city4me.com/;0.8515768536352784
138 B
624 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit?q;t26.1;r;s1600*1200*24;uhttp%3A//ok.city4me.com/;0.8515768536352784
Requested by
Host: ok.city4me.com
URL: http://ok.city4me.com/
Protocol
HTTP/1.1
Server
88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host204.rax.ru
Software
nginx/1.17.9 /
Resource Hash
a46acf39ab24720d9c1167024b187745f821be642819bb897fd9c792d4b130c0
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ok.city4me.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 07 Jan 2024 17:04:35 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
image/gif
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Length
138
Expires
Fri, 06 Jan 2023 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 07 Jan 2024 17:04:35 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
text/html
Location
https://counter.yadro.ru/hit?q;t26.1;r;s1600*1200*24;uhttp%3A//ok.city4me.com/;0.8515768536352784
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Cache-control
no-cache
Connection
keep-alive
Content-Length
32
Expires
Fri, 06 Jan 2023 21:00:00 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/ 		403 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3746566164632724&plah=ok.city4me.com
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
96726ada8ffcbe165eb418768e5180362e53305d0fb34c80967e7cd2b73b71c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ok.city4me.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:04:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
139437
x-xss-protection
0
server
cafe
etag
9423089469141198378
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 07 Jan 2024 17:04:35 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240103/r20190131/ Frame 9A7F 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240103/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://ok.city4me.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
50339
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4173
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 07 Jan 2024 03:05:36 GMT
etag
9219409622527106327
expires
Sun, 21 Jan 2024 03:05:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 5AB1 		91 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3746566164632724&output=html&h=90&slotname=9192009245&adk=792150153&adf=1145582654&pi=t.ma~as.9192009245&w=728&lmt=1704647076&format=728x90&url=http%3A%2F%2Fok.city4me.com%2F&ea=0&wgl=1&dt=1704647075691&bpp=4&bdt=275&idt=319&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&correlator=4733295718208&frm=20&pv=2&ga_vid=792172490.1704647076&ga_sid=1704647076&ga_hid=20299469&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=318&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080224%2C95320868%2C21065724&oid=2&pvsid=1222486465810958&tmod=63986003&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=331
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3746566164632724&plah=ok.city4me.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
034fb3cb626722636625ad8a6277c2fcefcb0c5620295de69ec88ca81df4beaf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://ok.city4me.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
42905
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 07 Jan 2024 17:04:36 GMT
expires
Sun, 07 Jan 2024 17:04:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 41C0 		0
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3746566164632724&output=html&adk=1812271804&adf=3025194257&lmt=1704647076&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=http%3A%2F%2Fok.city4me.com%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&dt=1704647075724&bpp=1&bdt=308&idt=304&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&nras=1&correlator=4733295718208&frm=20&pv=1&ga_vid=792172490.1704647076&ga_sid=1704647076&ga_hid=20299469&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080224%2C95320868%2C21065724&oid=2&pvsid=1222486465810958&tmod=63986003&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=310
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3746566164632724&plah=ok.city4me.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://ok.city4me.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 07 Jan 2024 17:04:36 GMT
expires
Sun, 07 Jan 2024 17:04:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5AB1 		42 B
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AVUZuK0PNc1SVy9SggIm-CRnPFJlCVhAEU1ibfN1eAHBG-uHguJejQpQ7p0BON2_bpbK_9dJk1D6OV0bYgy3NqyCzX4xB1Pt2vI9J4lSZs4_IBZ9M
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3746566164632724&output=html&h=90&slotname=9192009245&adk=792150153&adf=1145582654&pi=t.ma~as.9192009245&w=728&lmt=1704647076&format=728x90&url=http%3A%2F%2Fok.city4me.com%2F&ea=0&wgl=1&dt=1704647075691&bpp=4&bdt=275&idt=319&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&correlator=4733295718208&frm=20&pv=2&ga_vid=792172490.1704647076&ga_sid=1704647076&ga_hid=20299469&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=318&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080224%2C95320868%2C21065724&oid=2&pvsid=1222486465810958&tmod=63986003&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=331
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 17:04:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 3E94 		0
20 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARj_9r7cATAB&v=APEucNWBLHHFOxrYRHeWbMb-DDtypwwg5zalMSAyU7sQe_0jK2vG7ews-RdCKSE4Vi90AHxWd3rTIxe5jxf41dXvP5uUY9Z0HQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3746566164632724&output=html&h=90&slotname=9192009245&adk=792150153&adf=1145582654&pi=t.ma~as.9192009245&w=728&lmt=1704647076&format=728x90&url=http%3A%2F%2Fok.city4me.com%2F&ea=0&wgl=1&dt=1704647075691&bpp=4&bdt=275&idt=319&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&correlator=4733295718208&frm=20&pv=2&ga_vid=792172490.1704647076&ga_sid=1704647076&ga_hid=20299469&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=318&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080224%2C95320868%2C21065724&oid=2&pvsid=1222486465810958&tmod=63986003&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=331
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3746566164632724&output=html&h=90&slotname=9192009245&adk=792150153&adf=1145582654&pi=t.ma~as.9192009245&w=728&lmt=1704647076&format=728x90&url=http%3A%2F%2Fok.city4me.com%2F&ea=0&wgl=1&dt=1704647075691&bpp=4&bdt=275&idt=319&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&correlator=4733295718208&frm=20&pv=2&ga_vid=792172490.1704647076&ga_sid=1704647076&ga_hid=20299469&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=318&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080224%2C95320868%2C21065724&oid=2&pvsid=1222486465810958&tmod=63986003&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=331
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 07 Jan 2024 17:04:36 GMT
expires
Sun, 07 Jan 2024 17:04:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240103/r20110914/ Frame 5AB1 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240103/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3746566164632724&output=html&h=90&slotname=9192009245&adk=792150153&adf=1145582654&pi=t.ma~as.9192009245&w=728&lmt=1704647076&format=728x90&url=http%3A%2F%2Fok.city4me.com%2F&ea=0&wgl=1&dt=1704647075691&bpp=4&bdt=275&idt=319&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&correlator=4733295718208&frm=20&pv=2&ga_vid=792172490.1704647076&ga_sid=1704647076&ga_hid=20299469&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=318&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080224%2C95320868%2C21065724&oid=2&pvsid=1222486465810958&tmod=63986003&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=331
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 14:42:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
8500
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 21 Jan 2024 14:42:56 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240103/r20110914/elements/html/ Frame 5AB1 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240103/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3746566164632724&output=html&h=90&slotname=9192009245&adk=792150153&adf=1145582654&pi=t.ma~as.9192009245&w=728&lmt=1704647076&format=728x90&url=http%3A%2F%2Fok.city4me.com%2F&ea=0&wgl=1&dt=1704647075691&bpp=4&bdt=275&idt=319&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&correlator=4733295718208&frm=20&pv=2&ga_vid=792172490.1704647076&ga_sid=1704647076&ga_hid=20299469&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=318&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080224%2C95320868%2C21065724&oid=2&pvsid=1222486465810958&tmod=63986003&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=331
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 00:37:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
59198
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 21 Jan 2024 00:37:58 GMT
view
ad.doubleclick.net/pcs/ Frame 5AB1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsu8m3SVXNeQCoovm2APXZAC4h24Pc9A-wlrgOxq5TK8ClKNprIbIt7XFqEhmROLirh3Rq7AEMBQEsep_SyZkxSiHWEaqB8vG-RBxMVNeyIY_KWlrkrlMZnf22LbbTzQiXOOUG4NHuZbcW6Zm9dNdv_x5dXlgETf9ovEOBLmBTtk_dI1LQ4JKy46X7YAWyI_d88d-rtsBNg1PB0NqPgSnnJndBlxTV4N_g7J5ZHoCipDV4wvpSpNdBGYVR2E0z-u1kqTrNzKg4eDDU0LCrsr36PH4TplNSOLXRV9TPShdcAXJLbn8pcF9CKkay_K9ZDU4AOa4OpZczjMrmuQoiHFHH5QF9k6bYRcJ_KiI7q8MM2NreQHRMgLbwr_REXUoCuk_PN4sXPSZ6utv50AWWF3H-FQ1o122FFK39R2q3mHfw4OoKzLf0LDiS_VAr6MVk0PlzDN_RAE9_OQ0rj4Kf1tmPNb5FEPtPKOClmlxerzhWjypx68Eiayt87sc40txA47N39X5AeXFKxrUz6gDXzxYmbU__NqKxhszSvSG18uGOnLGE6kQs5bKc6IMrw1StDB-O_S_QDI_hwspTbiaoh8n7iKdk-pJCMEhluBKKmqOq2XaSXBo3PDbdP7loxDQCEFeUfITVr3tlLWHSzHW_-ktwAAurVHCh3mO97zLuFolraRFXs6PnMaQdivQLNSJtg_nzo15fd-PPx3FM27wNDB3AVoYQkZG2I7Wdpms2F_hLBFk1w1CL52KhqIlWdWKaDUy5BA6SSemhXdbwjOeZMQM4FeUX5bbEkOVIDhOBBCwf1ej_922C0jkS78EbPAE7-eyIulR6LWsazt1Cu4k3sVlSlfN6gzlB92-L66oHN4kJi2cZnoppOMwlWgPbUBRZXV3dMEw5Q0arrJe13DuDY3g5Sd8lAfue86T2v8vLqbIbdtM19xEv76PuqewdY9gmDUC8ROog4wERDtM55PkUtDPYZjvNmgLYNzdK6LQZxhZldyKTeSoD8Nr4TKpc_7p79PWEBHyw1C0w-uAvcmiUS8iOJ6076-RnmNqBmLK2cjL0FXPe_psJRnOtrxnE-KvH9cSrBIwiHivKgq_LTqN3ldCFSbSq-sfk6VnSQK2vW3-TcDsMB-Ta_G3tKBem5x4Zius6Wm4gUEAdHDXNw6MlmN3zVdW4quIijxwIyRD50i-xsCLhcZO36031KqH32PC1Vmmbv3nJ86JLEBXLV34CmeszO-PYEY3-RcFSskIAtCZWRH3rTKaQ_7rBj23klwlJIAzHdc3Z6k4I8BSinx&sai=AMfl-YT1BbeYRSWah9rTzgjQ78Lmy7TG6yzRfyvT-PcJs36Vcz3eMPlrDQy9gNqfw1x8amBbpKhaeelKhPKcDHrkJGT332lD5xGcAyeGFiiuvdNQw3T-cjUmCpE8pYG9gliWHg0KCmuZm7g4RXv2_DBgbJuKqb5yJy9d337oplQ3GRv8ED58mNIjfcSROhTZDxn16BNx_i7Sgt7zOzuQzldngvouwC_AZezfR5R7pmwcuKodE0Ru3y_UaswLjIPvO8wziUOkZteBJdpo15dvB-vAze8oBX-tHZhJnQqD0jrA_XJOFz_c85DhVj_u9LJFV82GL74YqpElCeiuxzt0cl2LXkPuybVI1-BGG74olrkraXXbXYUaXu8szBdRj6QdGgKoSiJ2cPJ9iWlQgecckZItukW0GzYEB0MF_vzKxsmxYHi7HV4sDWlTxJBi4p6Fhb5bAyPKVLE_y2xq7AzCN1r6YmQLf5SP9Ag-YBqJ9wwGWOcuCiBO1VesmnXQ7YSteJYwR4VaF-kPZm9y&sig=Cg0ArKJSzAB7VEYZFZaJEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9maXZlcnIuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20240103.98265&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3746566164632724&output=html&h=90&slotname=9192009245&adk=792150153&adf=1145582654&pi=t.ma~as.9192009245&w=728&lmt=1704647076&format=728x90&url=http%3A%2F%2Fok.city4me.com%2F&ea=0&wgl=1&dt=1704647075691&bpp=4&bdt=275&idt=319&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&correlator=4733295718208&frm=20&pv=2&ga_vid=792172490.1704647076&ga_sid=1704647076&ga_hid=20299469&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=318&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080224%2C95320868%2C21065724&oid=2&pvsid=1222486465810958&tmod=63986003&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=331
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 07 Jan 2024 17:04:36 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Sun, 07 Jan 2024 17:04:36 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 5AB1 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3746566164632724&output=html&h=90&slotname=9192009245&adk=792150153&adf=1145582654&pi=t.ma~as.9192009245&w=728&lmt=1704647076&format=728x90&url=http%3A%2F%2Fok.city4me.com%2F&ea=0&wgl=1&dt=1704647075691&bpp=4&bdt=275&idt=319&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&correlator=4733295718208&frm=20&pv=2&ga_vid=792172490.1704647076&ga_sid=1704647076&ga_hid=20299469&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=318&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080224%2C95320868%2C21065724&oid=2&pvsid=1222486465810958&tmod=63986003&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=331
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 13:49:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
443720
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Jan 2025 13:49:16 GMT
18045379082880960195
s0.2mdn.net/simgad/ Frame 5AB1 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/18045379082880960195
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3746566164632724&output=html&h=90&slotname=9192009245&adk=792150153&adf=1145582654&pi=t.ma~as.9192009245&w=728&lmt=1704647076&format=728x90&url=http%3A%2F%2Fok.city4me.com%2F&ea=0&wgl=1&dt=1704647075691&bpp=4&bdt=275&idt=319&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&correlator=4733295718208&frm=20&pv=2&ga_vid=792172490.1704647076&ga_sid=1704647076&ga_hid=20299469&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=318&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080224%2C95320868%2C21065724&oid=2&pvsid=1222486465810958&tmod=63986003&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=331
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e0ce7a13bc8fe7ae8e5b92998a93fb3e4343783ddc6e95945204c906aa18d27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires
Sun, 05 Jan 2025 09:58:57 GMT
date
Sat, 06 Jan 2024 09:58:57 GMT
x-content-type-options
nosniff
age
111939
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18418
x-xss-protection
0
last-modified
Sun, 11 Dec 2022 07:06:22 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame 5AB1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3746566164632724&output=html&h=90&slotname=9192009245&adk=792150153&adf=1145582654&pi=t.ma~as.9192009245&w=728&lmt=1704647076&format=728x90&url=http%3A%2F%2Fok.city4me.com%2F&ea=0&wgl=1&dt=1704647075691&bpp=4&bdt=275&idt=319&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&correlator=4733295718208&frm=20&pv=2&ga_vid=792172490.1704647076&ga_sid=1704647076&ga_hid=20299469&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=318&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080224%2C95320868%2C21065724&oid=2&pvsid=1222486465810958&tmod=63986003&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=331
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 14:36:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
8871
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 21 Jan 2024 14:36:45 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/ Frame 5AB1 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240103/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3746566164632724&output=html&h=90&slotname=9192009245&adk=792150153&adf=1145582654&pi=t.ma~as.9192009245&w=728&lmt=1704647076&format=728x90&url=http%3A%2F%2Fok.city4me.com%2F&ea=0&wgl=1&dt=1704647075691&bpp=4&bdt=275&idt=319&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&correlator=4733295718208&frm=20&pv=2&ga_vid=792172490.1704647076&ga_sid=1704647076&ga_hid=20299469&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=318&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080224%2C95320868%2C21065724&oid=2&pvsid=1222486465810958&tmod=63986003&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=331
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 14:36:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
8873
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8523
x-xss-protection
0
server
cafe
etag
16500369019378894752
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 21 Jan 2024 14:36:43 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 5AB1 		204 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3746566164632724&output=html&h=90&slotname=9192009245&adk=792150153&adf=1145582654&pi=t.ma~as.9192009245&w=728&lmt=1704647076&format=728x90&url=http%3A%2F%2Fok.city4me.com%2F&ea=0&wgl=1&dt=1704647075691&bpp=4&bdt=275&idt=319&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&correlator=4733295718208&frm=20&pv=2&ga_vid=792172490.1704647076&ga_sid=1704647076&ga_hid=20299469&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=318&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080224%2C95320868%2C21065724&oid=2&pvsid=1222486465810958&tmod=63986003&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=331
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:04:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65775
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704286440049996"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 07 Jan 2024 17:04:36 GMT
truncated
/ Frame 5AB1 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d08acbc47f916bf2d47691f2ef1fecf5b8168df36741bae57d7d6be901f6fb06

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type
image/png
view
ad.doubleclick.net/pcs/ Frame 5AB1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsu8m3SVXNeQCoovm2APXZAC4h24Pc9A-wlrgOxq5TK8ClKNprIbIt7XFqEhmROLirh3Rq7AEMBQEsep_SyZkxSiHWEaqB8vG-RBxMVNeyIY_KWlrkrlMZnf22LbbTzQiXOOUG4NHuZbcW6Zm9dNdv_x5dXlgETf9ovEOBLmBTtk_dI1LQ4JKy46X7YAWyI_d88d-rtsBNg1PB0NqPgSnnJndBlxTV4N_g7J5ZHoCipDV4wvpSpNdBGYVR2E0z-u1kqTrNzKg4eDDU0LCrsr36PH4TplNSOLXRV9TPShdcAXJLbn8pcF9CKkay_K9ZDU4AOa4OpZczjMrmuQoiHFHH5QF9k6bYRcJ_KiI7q8MM2NreQHRMgLbwr_REXUoCuk_PN4sXPSZ6utv50AWWF3H-FQ1o122FFK39R2q3mHfw4OoKzLf0LDiS_VAr6MVk0PlzDN_RAE9_OQ0rj4Kf1tmPNb5FEPtPKOClmlxerzhWjypx68Eiayt87sc40txA47N39X5AeXFKxrUz6gDXzxYmbU__NqKxhszSvSG18uGOnLGE6kQs5bKc6IMrw1StDB-O_S_QDI_hwspTbiaoh8n7iKdk-pJCMEhluBKKmqOq2XaSXBo3PDbdP7loxDQCEFeUfITVr3tlLWHSzHW_-ktwAAurVHCh3mO97zLuFolraRFXs6PnMaQdivQLNSJtg_nzo15fd-PPx3FM27wNDB3AVoYQkZG2I7Wdpms2F_hLBFk1w1CL52KhqIlWdWKaDUy5BA6SSemhXdbwjOeZMQM4FeUX5bbEkOVIDhOBBCwf1ej_922C0jkS78EbPAE7-eyIulR6LWsazt1Cu4k3sVlSlfN6gzlB92-L66oHN4kJi2cZnoppOMwlWgPbUBRZXV3dMEw5Q0arrJe13DuDY3g5Sd8lAfue86T2v8vLqbIbdtM19xEv76PuqewdY9gmDUC8ROog4wERDtM55PkUtDPYZjvNmgLYNzdK6LQZxhZldyKTeSoD8Nr4TKpc_7p79PWEBHyw1C0w-uAvcmiUS8iOJ6076-RnmNqBmLK2cjL0FXPe_psJRnOtrxnE-KvH9cSrBIwiHivKgq_LTqN3ldCFSbSq-sfk6VnSQK2vW3-TcDsMB-Ta_G3tKBem5x4Zius6Wm4gUEAdHDXNw6MlmN3zVdW4quIijxwIyRD50i-xsCLhcZO36031KqH32PC1Vmmbv3nJ86JLEBXLV34CmeszO-PYEY3-RcFSskIAtCZWRH3rTKaQ_7rBj23klwlJIAzHdc3Z6k4I8BSinx&sai=AMfl-YT1BbeYRSWah9rTzgjQ78Lmy7TG6yzRfyvT-PcJs36Vcz3eMPlrDQy9gNqfw1x8amBbpKhaeelKhPKcDHrkJGT332lD5xGcAyeGFiiuvdNQw3T-cjUmCpE8pYG9gliWHg0KCmuZm7g4RXv2_DBgbJuKqb5yJy9d337oplQ3GRv8ED58mNIjfcSROhTZDxn16BNx_i7Sgt7zOzuQzldngvouwC_AZezfR5R7pmwcuKodE0Ru3y_UaswLjIPvO8wziUOkZteBJdpo15dvB-vAze8oBX-tHZhJnQqD0jrA_XJOFz_c85DhVj_u9LJFV82GL74YqpElCeiuxzt0cl2LXkPuybVI1-BGG74olrkraXXbXYUaXu8szBdRj6QdGgKoSiJ2cPJ9iWlQgecckZItukW0GzYEB0MF_vzKxsmxYHi7HV4sDWlTxJBi4p6Fhb5bAyPKVLE_y2xq7AzCN1r6YmQLf5SP9Ag-YBqJ9wwGWOcuCiBO1VesmnXQ7YSteJYwR4VaF-kPZm9y&sig=Cg0ArKJSzAB7VEYZFZaJEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9maXZlcnIuY29t&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=168&vt=11&dtpt=167&dett=2&cstd=0&cisv=r20240103.98265&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3746566164632724&output=html&h=90&slotname=9192009245&adk=792150153&adf=1145582654&pi=t.ma~as.9192009245&w=728&lmt=1704647076&format=728x90&url=http%3A%2F%2Fok.city4me.com%2F&ea=0&wgl=1&dt=1704647075691&bpp=4&bdt=275&idt=319&shv=r20240103&mjsv=m202401020101&ptt=9&saldr=aa&abxe=1&correlator=4733295718208&frm=20&pv=2&ga_vid=792172490.1704647076&ga_sid=1704647076&ga_hid=20299469&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=320&ady=318&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080224%2C95320868%2C21065724&oid=2&pvsid=1222486465810958&tmod=63986003&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=331
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:04:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 1F2B 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
441837
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 02 Jan 2024 14:20:39 GMT
expires
Wed, 01 Jan 2025 14:20:39 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240103&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3746566164632724&plah=ok.city4me.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3643b167e307807b24de20e6a9f50f99e0477b61fab66e020daf4e05072fe743
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ok.city4me.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:04:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12353
x-xss-protection
0
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 1F2B 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 16:51:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
804
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 06 Jan 2025 16:51:12 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1F2B 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B70FEpNmaZYeEDeHA7OsP5oaHyA4AAAAAOAHgBAI&bg=!-vml-bbNAAY3kmNgF5I7ADQBe5WfOEGmd197Tna-CKXJfn7c7vYoqXjbKYH2Y4wra1j6UsvRtHu6zSxJXLhybu2AbwWlAgAAAERSAAAAA2gBB5kC2UR2BUhXt1qNapmo5FY2so57RzFB7JZ8138fz2usDnkLT0vYd59DUkSRB6oNcTRi-CT3MZGeyGK3BHDDpY7q_T_GX47Z6-KAMgbVFD23MbVFqAiFkp8DR0kvaN2EphpwDojJFiIfDPckRFk8pcTK5lJ2Xo9U7XCQ9F2C0871GNWKMDcxBXTFmnaLf_E-5IZ5dqBIR_EjKpd6WMYe_5iTE35o5i-NUaSe2hcVsuRQvy_n9hCAQ4RD481Vk0q3aNpchCt3j-smRzKfQPrycZW1gWpiq4x5p5L7CFmyTYhrbNTJEZblBEGX7slFRG3VJMXBY9FNKaefq5ImlYKbvTFhO-O8fuakDJ3wR0xg9AK6Gs2KnqHC4IoJJ8IsXJlQ2v8sH1Rh7DrNhq9kI9UoCGyTi63c699JLguTS4L3XXxk9wYN1oVk45tCWtZkwwpQ3RYrq2YoGEGfCERFW1Ll6CYQtTdMTUaVfZ85U3rv_GsynizvPeeTa0sLZF9V9Lv9leAutxytPs4-32R3ntKPY2YUITur4cefuIUkZ0L8Zk5mZjtH2_dfJ7KC9AszbZxFUBUiMvbnAvd7f1USBIHZj4mTpgtQcd_MhE8osoSZMgJLDws66ng2cYI9_9uAtAJvIJV7w82YnKMq_k1DGJk69O8Dg0nlL04z42tDgQHS1VNg7eoCzzmrUAuus_BQDwDMtlOR84SHq-9k1chEiWn42L_Tf1k9qfElPQjWaQ6abqubxSVWmMweQIXcmsa0sJthDcHnhGs0kXT94VsQ1ot08NxRlrTVX50A-BhwpgOurBNqAesWNB6aiGCeUTdkZFzfyUWJEP-b__nRgwep2z4QOe2_6j0BnwvOvpF8cqMU4C4qdbbPodWYzshgPIvF5bgMOaShuykBYhQ2sC4UIR6QEErJ4D-ZTeR9EThYthf8Ole1FJyZdkszWKeNU9Csp0PtzRb1SBEJafey4I1VdQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 17:04:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3746566164632724&plah=ok.city4me.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ok.city4me.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:04:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 07 Jan 2024 17:04:37 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 74AB 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://ok.city4me.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
9477
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 07 Jan 2024 14:26:40 GMT
expires
Mon, 06 Jan 2025 14:26:40 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 0160 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
807951d127db2ca918d19d84d22052fe2cd6b53bf6cee70bd5daf222cd3d5124
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce--E7hzcoN2q9TR3Bx9onogQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://ok.city4me.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce--E7hzcoN2q9TR3Bx9onogQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 07 Jan 2024 17:04:37 GMT
expires
Sun, 07 Jan 2024 17:04:37 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 74AB 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 16:51:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
805
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 06 Jan 2025 16:51:12 GMT
generate_204
tpc.googlesyndication.com/ Frame 74AB 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?3bQhhw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sun, 07 Jan 2024 17:04:37 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 0160 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240103&jk=1222486465810958&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240103&jk=1222486465810958&bg=!enmleTbNAAY3kmNgF5I7ADQBe5WfOLu0y_G0gyzT_HRZ6f3ri8sDbzWLd020hGfZN5faiZ0Sb6sohijKDAU9jDyxo8lZAgAAAE5SAAAABGgBBwoAGjrVshXaegQgY6xfidHWzcIp5N1QqgHrgZ1hmQK4BmXybrsZ8UlhSgVYbfR3bbs_EOUZJwu1uKUnVU7tpeBxyztWE81ymxvHkffyydAkCynKEIlngYlDEKqln8D2IuqTUWdN_p3bwNi3JBFUxfcbrPWmjZZtOuuH9ZHWeq9LpjNdO-VQgt8UV4sf82Ahr6VMc-OMBTLJ1I7cNSCh6I_CxE5bQFf6Nh96WNYktdwy9zj68NndS0EuPjEuL71ZQXAyxJQlPOQhn5LzVbyVhxEEKbEWCf8vKS-pvS9_sRui9GLED8eXvBnHkeFgZVBkAOE3SA4T4USv1jJfdECY5KIuUJdiizg_j-LJSl8-dNer3GRaGVkq0i0MpYFBQt3_GGAyrs-wGf5TcTjoYk6qgJTd-HO6dBUroKiVxFq9Oaz8LuJYVDKqheXUKNRp3AimB9uMpM_FyuAryes2GYgGQz2hnaiSnPqr6c5LuPXN8-RKP7L0ZTywItDgwZBSzvKm_nEtatUsXD3qwyvVUgYg6iksCmGUOoOBZJNMZeHnm6VUBSLMWeBx8ka0aVHQWBcXaEa95kG_C9Fa8tR4fN-oKa_-wbxUVXxIH26Rqk23bPBqQBdPt4-2a2G5NOGWbCD85QpgsZDjl6NPqNjB9ScLKqiE6q10O2cPrzdughiKDt-v-P5y1FgY5E3AZoKhX1WvFNmkRDuVrSbIT64gFGtkZ71hAoeVP9fdPXfyHE3GnZCGEhZK1E8jJk1efcJ3TDmSP-_FMmr1cFu9QlLfuhGBsOpYdWKFnKvxMUr128epdj4M5E0-0wdTj7aYDsEmWR7omegnQaDG9t0_Dytc3Jt7R5T9la4qIY5CrOn-01nieIqykVt61OrA_JhyPCcNTRqvfajOI4GU3SNO3Q8mKYP3v4q6ApzN2Ena_O4qvhtLuuW1PoJL5iAiB2gOXZ4ugLC4ZBo88RkSQR1i
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ok.city4me.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 5AB1 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss0j6XD3tsHXN5duron420TseiR4dtvsKwiKagVQBU38rH3KZiETaDZlOPJo9JTzfByPENE2MGNOLXGZ8XTOSia2OBPXhK_VXlXTXuLEX2d7mck_Hw5ukmDhJhHKyroLoqE2658Q71S9_uhbtGQ3oeZHXkX&sai=AMfl-YRrKpMpd8oiYPWOrB-7k5b5hVvzrqTxmov8lWI-kwkPc0nksLJ0sFO4s9CBME91VfjhmFy8A2_MJMtUnhgdJigL9NrL426hn2_jXB7kRXNsagAlDenUWRJOZHfEeo65YubLqQOAAkTbVJOxUZ6nyA&sig=Cg0ArKJSzDKxbByrJVv5EAE&cid=CAQSTwAvHhf_437H0swwgps1RkKor3L8YhGMkHXKMcb54h-XBgkSGTgu3xAw9bcvM1qE0V7dpcuDwZk4f0taP0vd_kLKA8bc_BW5n0WdA3xOGzEYAQ&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240103&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=792150153&rs=2&la=0&cr=0&vs=4&r=v&rst=1704647076024&rpt=874&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jan 2024 17:04:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 function| get_out string| accessToken function| hiderow string| g_client string| g_slot number| g_width number| g_height object| adsbygoogle function| sh function| lazy object| Cd string| Cr string| Cp object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| googletag object| GoogleGcLKhOms object| google_image_requests

8 Cookies

Domain/Path Name / Value
ok.city4me.com/ Name: token
Value: tkn1ctd3EhxOlc5jvPMCANgdlpai04qC29s4cu5uSrPqL5o8wHC2G0BYfh5ZVsWtPsWcg
ok.city4me.com/ Name: b
Value: b
c.city4me.com/ Name: PHPSESSID
Value: j0f9uick3um22vk1rhf4f1knn2
.yadro.ru/ Name: FTID
Value: 1bcjcZ1JHcui1bcjcZ002FOQ
.yadro.ru/ Name: VID
Value: 35Z96J0th-8i1bcjcZ002FPN
.city4me.com/ Name: __gads
Value: ID=c185e57eb193a0c7:T=1704647076:RT=1704647076:S=ALNI_MYU_eMJHQLeEB4zHUIg7XWIsCHLJQ
.city4me.com/ Name: __gpi
Value: UID=00000d3c198f1e52:T=1704647076:RT=1704647076:S=ALNI_Mby6A6nAgj7b6VjaUYmr8N0cHPmJQ
.doubleclick.net/ Name: IDE
Value: AHWqTUnginyrDDF9LQ6oMu9x2ZWon8WeJYx8rL5zCk79hokHc-6L53mDJM5g5-2tjkc

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
c.city4me.com
c.hit.ua
counter.yadro.ru
googleads.g.doubleclick.net
ok.city4me.com
pagead2.googlesyndication.com
s0.2mdn.net
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
172.217.16.198
2a00:1450:4001:827::2001
2a00:1450:4001:827::2004
2a00:1450:4001:82a::2006
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a00:7a60:0:103b::1
45.80.71.20
88.212.201.204
88.212.202.52
89.184.81.35
034fb3cb626722636625ad8a6277c2fcefcb0c5620295de69ec88ca81df4beaf
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
2f764c969a82705ba7838239087f5ff9b33e978b6bae2657e299b6b14c30ad7f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3643b167e307807b24de20e6a9f50f99e0477b61fab66e020daf4e05072fe743
4061e7eb9833327b08b56aa354455a4f5263e0e2ebd57ea1c9071a96d90fad35
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
807951d127db2ca918d19d84d22052fe2cd6b53bf6cee70bd5daf222cd3d5124
8941597d26275d5e8775ac804bffb1d86f749d0cfe471777800a4543e4b65603
9254b6373c3458dbf676016a5515a4b91b41481183d747f5a441749bb6a19e0b
96726ada8ffcbe165eb418768e5180362e53305d0fb34c80967e7cd2b73b71c5
9e0ce7a13bc8fe7ae8e5b92998a93fb3e4343783ddc6e95945204c906aa18d27
a46acf39ab24720d9c1167024b187745f821be642819bb897fd9c792d4b130c0
b2c5fbe01609c619a90405da18b6ac62624142b5953a74a38c8e65ed075705b4
b8d84d243e975f4d7144fb1a69c6ad707456cd7fe17c6c74cde95bfab161c3c1
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
ce233adf12823de2274a119d16b9cd60ca2de9b06fd445e398e1000070b89449
d08acbc47f916bf2d47691f2ef1fecf5b8168df36741bae57d7d6be901f6fb06
dd5b7c3c740f58b844fb256aa88a07ea4da120c3a2485b15b2622168b2e1e4a2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fd84a587d121394f75f7e239aeeae2991599e0fa1d9736ff09f86063d3a7183c