partclone.org Open in urlscan Pro
69.163.180.58 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://partclone.org/
Effective URL:
https://partclone.org/
Submission: On October 20 via api (October 20th 2023, 2:28:54 pm UTC) from US — Scanned from DE

Summary HTTP 86 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 17 IPs in 2 countries across 11 domains to perform 86 HTTP transactions. The main IP is 69.163.180.58, located in Brea, United States and belongs to DREAMHOST-AS, US. The main domain is partclone.org.
TLS certificate: Issued by R3 on October 18th 2023. Valid for: 3 months.

This is the only time partclone.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	69.163.180.58 69.163.180.58	26347 (DREAMHOST-AS) (DREAMHOST-AS)
15	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700:10:... 2606:4700:10::6816:3fdb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:256f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 8	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
3 13	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
1 24	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
6	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
86	17

4 69.163.180.58 (Brea, United States) 1 redirects

ASN26347 (DREAMHOST-AS, US)
PTR: apache2-grog.pdx1-shared-a1-04.dreamhost.com

partclone.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:3fdb (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.clustrmaps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
clustrmaps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:256f (United States)

ASN13335 (CLOUDFLARENET, US)

sflogo.sourceforge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	561 KB
13	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 45	179 KB
11	google.com 2 redirects cse.google.com — Cisco Umbrella Rank: 3340 www.google.com — Cisco Umbrella Rank: 2 clients1.google.com — Cisco Umbrella Rank: 474	174 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	95 KB
7	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1200 www.googleadservices.com — Cisco Umbrella Rank: 153	606 B
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 223	236 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49	4 KB
4	partclone.org 1 redirects partclone.org	23 KB
2	clustrmaps.com 1 redirects www.clustrmaps.com — Cisco Umbrella Rank: 466564 clustrmaps.com — Cisco Umbrella Rank: 72229	18 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 250	7 KB
1	sourceforge.net sflogo.sourceforge.net — Cisco Umbrella Rank: 556371	1 KB
86	11

	Domain	Requested by
24	tpc.googlesyndication.com	1 redirects googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
15	pagead2.googlesyndication.com	partclone.org pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
13	googleads.g.doubleclick.net	3 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
8	www.google.com	2 redirects cse.google.com www.google.com partclone.org tpc.googlesyndication.com
6	www.googleadservices.com	partclone.org
5	www.gstatic.com	googleads.g.doubleclick.net
4	www.googletagservices.com	googleads.g.doubleclick.net
4	fonts.googleapis.com	googleads.g.doubleclick.net
4	partclone.org	1 redirects partclone.org
2	fonts.gstatic.com	fonts.googleapis.com
2	cse.google.com	partclone.org www.google.com
2	cdnjs.cloudflare.com	partclone.org
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	clients1.google.com	partclone.org
1	sflogo.sourceforge.net	partclone.org
1	clustrmaps.com	partclone.org
1	www.clustrmaps.com	1 redirects
86	17

This site contains links to these domains. Also see Links.

Domain
cookiesandyou.com
en.wikipedia.org
www.clustrmaps.com
drbl.org
clonezilla.org
tuxboot.org
drbl-winroll.org
tux2live.org
cloudboot.org
sourceforge.net

Subject Issuer	Validity	Valid
partclone.org R3	`2023-10-18` - `2024-01-16`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
sourceforge.net Cloudflare Inc ECC CA-3	`2023-10-07` - `2024-01-05`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh

This page contains 16 frames:

Primary Page: https://partclone.org/
Frame ID: 1485AD1DD559EDD09E6267EDCAE4305D
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/zrt_lookup.html
Frame ID: 828B1CA1F12E2E4B1A9F3C30C071AF94
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9507710613356481&output=html&adk=1812271804&adf=3025194257&lmt=1697804928&plaf=1%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpartclone.org%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697812127884&bpp=4&bdt=197&idt=257&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3285374660127&frm=20&pv=2&ga_vid=559999903.1697812128&ga_sid=1697812128&ga_hid=656983882&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44805113%2C44805533%2C44805681%2C44805918%2C44805931%2C31078297%2C21065725&oid=2&pvsid=4022459969056053&tmod=1773388595&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=275
Frame ID: 367590C58002588B8903C8A74A3268AE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9507710613356481&output=html&h=600&slotname=4907929316&adk=2753577935&adf=3655334244&pi=t.ma~as.4907929316&w=160&lmt=1697804928&url=https%3A%2F%2Fpartclone.org%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697812127797&bpp=92&bdt=109&idt=369&shv=r20231011&mjsv=m202310160101&ptt=5&saldr=sd&abxe=1&prev_fmts=0x0&nras=1&correlator=3285374660127&frm=20&pv=1&ga_vid=559999903.1697812128&ga_sid=1697812128&ga_hid=656983882&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=7&ady=280&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44805113%2C44805533%2C44805681%2C44805918%2C44805931%2C31078297%2C21065725%2C31078916&oid=2&pvsid=4022459969056053&tmod=1773388595&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=jJRg46g7o1&p=https%3A//partclone.org&dtd=373
Frame ID: 06ED48BE1DCA642D6878A321A40AD7AC
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9507710613356481&output=html&h=600&slotname=3362518801&adk=584815194&adf=3250391820&pi=t.ma~as.3362518801&w=300&lmt=1697804928&url=https%3A%2F%2Fpartclone.org%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697812127801&bpp=88&bdt=114&idt=372&shv=r20231011&mjsv=m202310160101&ptt=5&saldr=sd&abxe=1&prev_fmts=0x0&prev_slotnames=4907929316&nras=1&correlator=3285374660127&frm=20&pv=1&ga_vid=559999903.1697812128&ga_sid=1697812128&ga_hid=656983882&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1300&ady=95&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44805113%2C44805533%2C44805681%2C44805918%2C44805931%2C31078297%2C21065725%2C31078916&oid=2&pvsid=4022459969056053&tmod=1773388595&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=qaYow3pwwX&p=https%3A//partclone.org&dtd=374
Frame ID: 0D055F55C6D8A370FA56C43663C74661
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9507710613356481&output=html&h=90&slotname=6579915600&adk=1525535536&adf=887624740&pi=t.ma~as.6579915600&w=970&lmt=1697804928&url=https%3A%2F%2Fpartclone.org%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697812127804&bpp=85&bdt=117&idt=373&shv=r20231011&mjsv=m202310160101&ptt=5&saldr=sd&abxe=1&prev_fmts=0x0&prev_slotnames=4907929316%2C3362518801&nras=1&correlator=3285374660127&frm=20&pv=1&ga_vid=559999903.1697812128&ga_sid=1697812128&ga_hid=656983882&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=388&ady=806&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44805113%2C44805533%2C44805681%2C44805918%2C44805931%2C31078297%2C21065725%2C31078916&oid=2&pvsid=4022459969056053&tmod=1773388595&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=nVZZaH0kNM&p=https%3A//partclone.org&dtd=376
Frame ID: DDD18FC19D8977A5B29979421153A0A2
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Go2L2UXASa3zgLYMtWkhikvoKs581XwKUqsvcPiRwIk.js
Frame ID: 6703127E20BB54BF591EEC92BF01DF76
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Frame ID: 1A29DF104ECDA1ACC3A43BCC4F7C281F
Requests: 6 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Frame ID: 52360522787B9151B5C1DD78021CF562
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Go2L2UXASa3zgLYMtWkhikvoKs581XwKUqsvcPiRwIk.js
Frame ID: A01AAFAFFB7D8BEADE4A0BA45DB24B40
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 84ACC134CD1B8ADFEDA420EB1C5D0038
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Go2L2UXASa3zgLYMtWkhikvoKs581XwKUqsvcPiRwIk.js
Frame ID: 2BAE8371E65E267D2F1419ACC8C5A056
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: D3E1106FB683D217B250BB70CF479680
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Go2L2UXASa3zgLYMtWkhikvoKs581XwKUqsvcPiRwIk.js
Frame ID: FDA00CD859055B6F5CCD8C547AF5493D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EFE6EEDF487A9D97596EF1CF4447DAAD
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E86B06D786A186ED1C1B11F6005CCC0E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Partclone - Aboutsuchen

Page URL History Show full URLs

http://partclone.org/ HTTP 301
https://partclone.org/ Page URL

Detected technologies

ClustrMaps Widget (Maps) Expand

Overall confidence: 100%
Detected patterns

clustrmaps\.com

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Osano (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cookieconsent\.min\.js

Page Statistics

86
Requests

94 %
HTTPS

88 %
IPv6

11
Domains

17
Subdomains

17
IPs

2
Countries

1298 kB
Transfer

3403 kB
Size

6
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: http://cookiesandyou.com/
Title: Learn more

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/Disk_imaging
Title: Imaging

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/Disk_cloning
Title: Cloning

Search URL Search Domain Scan URL

URL: https://www.clustrmaps.com/map/partclone.org

Search URL Search Domain Scan URL

URL: http://drbl.org/
Title: Diskless Remote Boot in Linux (a.k.a DRBL)

Search URL Search Domain Scan URL

URL: http://clonezilla.org/
Title: Clonezilla

Search URL Search Domain Scan URL

URL: http://tuxboot.org/
Title: Tuxboot

Search URL Search Domain Scan URL

URL: http://drbl-winroll.org/
Title: DRBL-winroll

Search URL Search Domain Scan URL

URL: http://tux2live.org/
Title: Tux2live

Search URL Search Domain Scan URL

URL: http://cloudboot.org/
Title: Cloudboot

Search URL Search Domain Scan URL

URL: https://sourceforge.net/projects/partclone

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://partclone.org/ HTTP 301
https://partclone.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://www.clustrmaps.com/map_v2.png?u=CCBf&d=d7RI8KigHTNb6J_CXHwe0lxSw7aqAKlvOl40rOHadEs HTTP 301
https://clustrmaps.com/map_v2.png?u=CCBf&d=d7RI8KigHTNb6J_CXHwe0lxSw7aqAKlvOl40rOHadEs

Request Chain 31

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODY64757QEQ_g4Y_g4yCFVnelAQir3D HTTP 301
https://tpc.googlesyndication.com/simgad/1772839622880022021

Request Chain 34

https://googleads.g.doubleclick.net/pagead/adview?ai=C4n0doI4yZfO0DLLtxgONxZSABfSF0NZz5rHIpMMQ2tkeEAEgzYyvBWCVgoCAsAegAZHrqNgDyAEJqQLms6xSnbyxPqgDAcgDywSqBNUBT9BPHyPsyrCT92tHvszlCrCNj_Be6Z5v229itvnsS7-AFNoWWNjguadzXWXw8Rn_x35JoGsaAPZN9xdsMku4B4QRiotBTJ5gZ7b0URt15NOs22QfQvTTMlENAoo0RaIvX7IADuAqrtR18JsPOy7OMLd7zSR9F_TIJpIW8Mejv0qQ03GIxfyni16EkV-WV5VgfxhxAlUUgSL2wp7SbvnfsycOlJJZhFmQWkMqjN3Cr4CCDe9W6G_OVXkuzhV5QHtfySCAVFPZ58jUbh8Shq7wKe-rzIrcwASBt8LYnwSIBZHxrYdGkgUECAQYAZIFBAgFGASgBi6AB5CYxoABqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEI-1DtIIFgiA4YBwEAEYHzIC6wI6AoBASL39wTqaCUZodHRwczovL3d3dy5jb25kb3IuY29tL2RlL2ZsdWVnZS90cmluaWRhZC10b2JhZ28vdG9iYWdvLz9nY2xzcmM9YXcuZHMmgAoByAsB2BMMiBQH0BUBgBcBshccChoIABIUcHViLTk1MDc3MTA2MTMzNTY0ODEYAA&sigh=dnuxzdG74YE&uach_m=[UACH]&ase=2&nis=4&cid=CAQSSwDICaaNtrtYwl8HSew4VhZtdFDAuqFfCt6tMXQaKrKIkd7p9Wp_f_ofryKk1V_NFuH6mTQVuaJPmFUZVDLziCXKjgTazH-TE9SPLBgB&template_id=494&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216831597693699178492%22,%22debug_reporting%22:true,%22destination%22:%22https://condor.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22990524817%22],%224%22:[%2210-20%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2218231426546714448961%22}&andc=true

Request Chain 62

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 64

https://googleads.g.doubleclick.net/pagead/adview?ai=CEX22oI4yZdOADaK41fAPraGJsAvRtJTfcbe6y8nnD8CNtwEQASDNjK8FYJWCgICwB6ABnu-C_wPIAQGpAuazrFKdvLE-qAMByAPLBKoExgFP0K4H6if6mH00X6VcTs57C6lNLKGAe6MSZqs1g06fnv1ypTtQHN45B92EfzHbyphV7t6PvQTvD2LtphsAGp5ZgGw5tHJq1snF4bGI78UgtmRklqQ122L0RxjyAn0hV9RRZsJe-rZogtZgIT4h8WifeSGu4Eh74AsCB25UJAfF-FKXKO8Ji2PgN3f54n89N58-JgB_2Vd_YJpKA1K2YrbaywWfgTHZMciEhxrF7jeexLQOdtWK3iuDwvyT40TuT8vvWHBkBDHABOiziJz_A4gFiLjSsUCSBQQIBBgBkgUECAUYBIAHypB9qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQoP8x0ggWCIDhgHAQARgfMgLrAjoCgEBIvf3BOpoJHWh0dHBzOi8vc2hvcC5oYXVmZS5kZS9zdGV1ZXJugAoByAsB2BMOiBQP0BUBmBYBgBcBshccChoIABIUcHViLTk1MDc3MTA2MTMzNTY0ODEYAA&sigh=iPVsr38CGxg&uach_m=[UACH]&ase=2&nis=4&cid=CAQSSwDICaaNjD9wq2ZjjZZ-IDVFNdtxCrSE3o_1kpZyEneIGOLLLDRG326xlANhXczUtb4ye80OgeRblEu3j34CHBT2VJn8jFDK2XgKSxgB&template_id=5020&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213746795110214046081%22,%22debug_reporting%22:true,%22destination%22:%22https://haufe.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221071691678%22],%224%22:[%2210-20%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222637499087624625937%22}&andc=true

Request Chain 76

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 78

https://googleads.g.doubleclick.net/pagead/adview?ai=CN_TxoI4yZbP_DLOo1fAPkJWq0AWloM3Uc6H87puAEobviZWPDhABIM2MrwVglYKAgLAHoAH75N-YA8gBAqkC5rOsUp28sT6oAwHIA8kEqgTHAU_QjVz583DXNsv813y83zt4KJUB5wqyZnpzQYojCjlUhjlnyonHWx43QCQtontzexewqlWCQ4zP47xKavo3zWit6Ryxso-w6OCKDRiJLp9uaZboT08VOh-FS4-mmbrbZ5au9LGqQOLx9BK3INTNZf9LH_EdGvBe9kj3Lhr_WuY5UCtlghtdeOyrfK9m1-h3L4lEPZ9JHI-i_KF34TuV0qumIslGv78epMS8uRG8T3H0AbGIgwQN4_Ix_z0Xnzmjk3vjdJVSea_ABK_awqerBIgF9ojrr0uSBQQIBBgBkgUECAUYBKAGAoAH7ZqgZ6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEN7hL9IIFgiA4YBwEAEYHzIC6wI6AoBASL39wTqaCe4BaHR0cHM6Ly93d3cuZW5wYWwuZGUvYXJ0aWtlbDIvbWVoci1hbHMtZGFzLXNvbGx0ZW4tc29sYXJhbmxhZ2VuLWluLTIwMjMtbmljaHQta29zdGVuP3V0bV9zb3VyY2U9R29vZ2xlJTIwRGlzcGxheSZ1dG1fY2FtcGFpZ249MjAyMzI5Nzk1NzQmdXRtX3Rlcm09MTQ5MDY0NTU5OTE5JnV0bV9jb250ZW50PTY3Njk5NTc4ODYwMyZ1dG1fcGxhY2VtZW50PXBhcnRjbG9uZS5vcmcmdXRtX2RldmljZT1jJmRldmljZW1vZGVsPYAKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi05NTA3NzEwNjEzMzU2NDgxGAA&sigh=_BdMB2k2TrY&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTADICaaNtZnDzi6wcqqbHwcGFenKOKj7MyZ1eTctHpYDrT6klklPoMochHm4FHuwGzUHMjJoPEW4c2waaUxpaIRWb9lOA1d81LUVLQwYAQ&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229605135865141600657%22,%22debug_reporting%22:true,%22destination%22:%22https://enpal.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22857207419%22],%224%22:[%2210-20%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222592518864689782673%22}&andc=true

86 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
partclone.org/
Redirect Chain

http://partclone.org/
https://partclone.org/

9 KB
3 KB

491ms
174ms

Document
text/html

69.163.180.58
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://partclone.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.163.180.58 Brea, United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-grog.pdx1-shared-a1-04.dreamhost.com
Software: Apache /
Resource Hash: 3dff7d321ee2d2e90e4cbd7b21f41d1e8d3e808ded95b27056c86b03e7172bdf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=600
content-encoding: gzip
content-length: 3369
content-type: text/html; charset=UTF-8
date: Fri, 20 Oct 2023 14:28:47 GMT
expires: Fri, 20 Oct 2023 14:38:47 GMT
server: Apache
vary: Accept-Encoding,User-Agent

Redirect headers

Connection: Keep-Alive
Content-Length: 230
Content-Type: text/html; charset=iso-8859-1
Date: Fri, 20 Oct 2023 14:28:46 GMT
Keep-Alive: timeout=5, max=100
Location: https://partclone.org/
Server: Apache

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
50 KB 163ms
112ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: partclone.org
URL: https://partclone.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

681ccacfa243772e6b3179d813ae074150839ce30a89ccf12a10d9774d5f8df5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://partclone.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 14:28:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51385
x-xss-protection: 0
server: cafe
etag: 18410879858821471741
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 20 Oct 2023 14:28:47 GMT

GET
H2 200 cookieconsent.min.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ 4 KB
2 KB 37ms
17ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css

Requested by

Host: partclone.org
URL: https://partclone.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://partclone.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 14:28:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 7421977
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 948
last-modified: Thu, 22 Jun 2023 10:57:54 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942932-3b4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=05js%2B306fStUJgvH1HnHIdjqFJu9IDyqby9WxYhz%2BJGMatDmoSPlCiauzAuQQ3yMufLTRcIW7ZZNfoP4zEPyBRk1KJ9nIr%2F9Drjbl%2BCRczE2thzHg9aNZxJKWgaAAjd%2B52z8B5h3G72%2ByHTTI%2Fz3ZJez"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8191f3063dc4915e-FRA
expires: Wed, 09 Oct 2024 14:28:47 GMT

GET
H2 200 cookieconsent.min.js Show response
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ 19 KB
6 KB 38ms
18ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js

Requested by

Host: partclone.org
URL: https://partclone.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://partclone.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 14:28:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 919737
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5676
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-4d5a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=auNc6q1SkCrug7sGvAlTgMuWJ8kvUc81Fulr2cgn6vjbamXxJaNOEZtzSdB4vFBcwNHdVSdwl8QY9zZABPRANWjfHZKj4tYZHIpWouj%2FjPFXhgA3il4HjUYi5wYESlnQ7Xa2x%2FYjlAHX%2BAfY08AMzWYB"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8191f3063dc6915e-FRA
expires: Wed, 09 Oct 2024 14:28:47 GMT

GET
H2 200 partclone-easy-logo.png
partclone.org/images/ 17 KB
17 KB 160ms
159ms Image
image/png 69.163.180.58
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partclone.org/images/partclone-easy-logo.png
Requested by: Host: partclone.org
URL: https://partclone.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.163.180.58 Brea, United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-grog.pdx1-shared-a1-04.dreamhost.com
Software: Apache /
Resource Hash: 3ccb807aaddf1192c1de0b2f05ac687d4f0180c9c601aa4986ff9b77dd77f4b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://partclone.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 14:28:47 GMT
last-modified: Wed, 06 Apr 2016 06:37:28 GMT
server: Apache
etag: "42d9-52fcb3211ef5b"
vary: User-Agent,Accept-Encoding
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 17113
expires: Sun, 19 Nov 2023 14:28:47 GMT

GET
H2 200 cse.js Show response
cse.google.com/ 6 KB
4 KB 117ms
45ms Script
text/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse.js?cx=ac675db41a7f09a5b

Requested by

Host: partclone.org
URL: https://partclone.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

597d9c40aa37d9119adb9925c6f679561cc5731807f826a96e4ba689051fae1c

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-G48EAnKqcmdwXadKuc--ug' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://partclone.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-G48EAnKqcmdwXadKuc--ug' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-encoding: br
date: Fri, 20 Oct 2023 14:28:47 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2414
x-xss-protection: 0
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
server: gws
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private
permissions-policy: unload=()
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
expires: Fri, 20 Oct 2023 14:28:47 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 23 KB
10 KB 103ms
52ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: partclone.org
URL: https://partclone.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c49db62a1c7685552f28189c0b1a6e42d9cdccc0258fe1c5adb6495a1829f6bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://partclone.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 14:28:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9636
x-xss-protection: 0
server: cafe
etag: 6754412417784599761
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 20 Oct 2023 14:28:47 GMT

GET
H2

200

map_v2.png
clustrmaps.com/
Redirect Chain

https://www.clustrmaps.com/map_v2.png?u=CCBf&d=d7RI8KigHTNb6J_CXHwe0lxSw7aqAKlvOl40rOHadEs
https://clustrmaps.com/map_v2.png?u=CCBf&d=d7RI8KigHTNb6J_CXHwe0lxSw7aqAKlvOl40rOHadEs

18 KB
18 KB

468ms
449ms

Image
image/png

2606:4700:10::6816:3fdb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://clustrmaps.com/map_v2.png?u=CCBf&d=d7RI8KigHTNb6J_CXHwe0lxSw7aqAKlvOl40rOHadEs

Requested by

Host: partclone.org
URL: https://partclone.org/

Protocol

Server

2606:4700:10::6816:3fdb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.9

Resource Hash

24b09f32579c1a750881c826ebd056dc252fe6ae0d8a03f707dfc88a61060d7e

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://partclone.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 14:28:48 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.4.9
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/png
cache-control: no-store, no-cache, must-revalidate
cf-ray: 8191f3092c515c6e-FRA
expires: Thu, 19 Nov 1981 08:52:00 GMT

Redirect headers

date: Fri, 20 Oct 2023 14:28:48 GMT
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: text/html
location: https://clustrmaps.com/map_v2.png?u=CCBf&d=d7RI8KigHTNb6J_CXHwe0lxSw7aqAKlvOl40rOHadEs
cf-ray: 8191f306992b5c6e-FRA
content-length: 185

GET
H2 200 sflogo.php
sflogo.sourceforge.net/ 1 KB
1 KB 395ms
344ms Image
image/png 2606:4700:4400::6812:256f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sflogo.sourceforge.net/sflogo.php?group_id=364763&type=16

Requested by

Host: partclone.org
URL: https://partclone.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:256f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

94f92bec2e9838967359dfacd950a04c43b074bdd85748794f898b25c9440ec7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://partclone.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 14:28:48 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: DYNAMIC
last-modified: Wed, 21 Jul 2021 18:54:25 GMT
server: cloudflare
etag: "60f86d61-4dc"
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cf-ray: 8191f306ac7d5d60-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1244

GET
H2 200 pp.png
partclone.org/images/ 2 KB
2 KB 275ms
274ms Image
image/png 69.163.180.58
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partclone.org/images/pp.png
Requested by: Host: partclone.org
URL: https://partclone.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.163.180.58 Brea, United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: apache2-grog.pdx1-shared-a1-04.dreamhost.com
Software: Apache /
Resource Hash: 764b2d0712418f3eab2213e23571bc243683e14e702baca9c4a64f2c795d4a8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://partclone.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 14:28:47 GMT
last-modified: Wed, 06 Apr 2016 06:37:28 GMT
server: Apache
etag: "7d9-52fcb3211ef5b"
vary: User-Agent,Accept-Encoding
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 2009
expires: Sun, 19 Nov 2023 14:28:47 GMT

GET
H2 200 cse_element__de.js Show response
www.google.com/cse/static/element/e992cd4de3c7044f/ 310 KB
103 KB 64ms
28ms Script
text/javascript 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/e992cd4de3c7044f/cse_element__de.js?usqp=CAI%3D

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=ac675db41a7f09a5b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c78cbc891d36ddcc95ff6786a968ef27edab4085779b578253a42bcb9f8f44af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://partclone.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 14:28:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 105519
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 17:25:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: private, max-age=31536000
accept-ranges: bytes
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Fri, 20 Oct 2023 14:28:47 GMT

GET
H2 200 default+de.css
www.google.com/cse/static/element/e992cd4de3c7044f/ 41 KB
9 KB 61ms
25ms Stylesheet
text/css 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/e992cd4de3c7044f/default+de.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=ac675db41a7f09a5b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c965aefdb4c6acf10f46758dc1601a64d811dcf3a378bf9e90278916aa47508f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://partclone.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 14:28:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9102
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 17:25:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: private, max-age=31536000
accept-ranges: bytes
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Fri, 20 Oct 2023 14:28:47 GMT

GET
H2 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
2 KB 54ms
18ms Stylesheet
text/css 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=ac675db41a7f09a5b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://partclone.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 14:26:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 154
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1345
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Fri, 20 Oct 2023 15:16:13 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310160101/ 394 KB
134 KB 104ms
103ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9507710613356481&plah=partclone.org

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

27f7baf8979a76d38ead6dbdcbd9cb5611eb28e469c6df19ad1c2fc47dd35f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://partclone.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 14:28:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137107
x-xss-protection: 0
server: cafe
etag: 7852942085751791540
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 20 Oct 2023 14:28:47 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/ Frame 828B 10 KB
5 KB 53ms
13ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://partclone.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 5552
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 20 Oct 2023 12:56:15 GMT
etag: 2603938475786422795
expires: Fri, 03 Nov 2023 12:56:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 async-ads.js Show response
cse.google.com/adsense/search/ 144 KB
53 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/e992cd4de3c7044f/cse_element__de.js?usqp=CAI%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

830179b0aa3829a00191b4580a21eac232a09e77d715c919ea7ca0ce0031fc36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://partclone.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 14:28:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "14775677045273887321"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
expires: Fri, 20 Oct 2023 14:28:47 GMT

GET
H2 200 clear.png
www.google.com/cse/static/css/v2/ 1018 B
1 KB 15ms
15ms Image
image/png 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/css/v2/clear.png

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/e992cd4de3c7044f/default+de.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/cse/static/element/e992cd4de3c7044f/default+de.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 12:04:55 GMT
x-content-type-options: nosniff
age: 8632
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1018
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Sat, 19 Oct 2024 12:04:55 GMT

GET
H2 200 branding.png
www.google.com/cse/static/images/1x/de/ 1 KB
2 KB 18ms
18ms Image
image/png 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/de/branding.png

Requested by

Host: partclone.org
URL: https://partclone.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ee9e63e519096342d5899e32f1a38b4880ffba6b2aff64178b955a3b7f3a80d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://partclone.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 19:31:02 GMT
x-content-type-options: nosniff
age: 68265
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1512
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Fri, 18 Oct 2024 19:31:02 GMT

GET
H2 204 generate_204
clients1.google.com/ 0
117 B 103ms
24ms Image
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clients1.google.com/generate_204
Requested by: Host: partclone.org
URL: https://partclone.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://partclone.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 14:28:48 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 393 B
606 B 82ms
24ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=partclone.org&callback=_gfp_s_&client=ca-pub-9507710613356481

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9507710613356481&plah=partclone.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bbb277600331b9d22a841b5ae444cbe85ebc247270c4f7e06266559873321ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://partclone.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 14:28:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 254
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3675 197 KB
52 KB 1104ms
1104ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9507710613356481&output=html&adk=1812271804&adf=3025194257&lmt=1697804928&plaf=1%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fpartclone.org%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697812127884&bpp=4&bdt=197&idt=257&shv=r20231011&mjsv=m202310160101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3285374660127&frm=20&pv=2&ga_vid=559999903.1697812128&ga_sid=1697812128&ga_hid=656983882&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44805113%2C44805533%2C44805681%2C44805918%2C44805931%2C31078297%2C21065725&oid=2&pvsid=4022459969056053&tmod=1773388595&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=275

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0cb6aab4775552265b22ea0ede4b1c09fbc9e5b9ffe0f894063ed3aadacf09b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://partclone.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 53497
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 20 Oct 2023 14:28:49 GMT
expires: Fri, 20 Oct 2023 14:28:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 06ED 130 KB
40 KB 673ms
672ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9507710613356481&output=html&h=600&slotname=4907929316&adk=2753577935&adf=3655334244&pi=t.ma~as.4907929316&w=160&lmt=1697804928&url=https%3A%2F%2Fpartclone.org%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697812127797&bpp=92&bdt=109&idt=369&shv=r20231011&mjsv=m202310160101&ptt=5&saldr=sd&abxe=1&prev_fmts=0x0&nras=1&correlator=3285374660127&frm=20&pv=1&ga_vid=559999903.1697812128&ga_sid=1697812128&ga_hid=656983882&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=7&ady=280&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44805113%2C44805533%2C44805681%2C44805918%2C44805931%2C31078297%2C21065725%2C31078916&oid=2&pvsid=4022459969056053&tmod=1773388595&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=jJRg46g7o1&p=https%3A//partclone.org&dtd=373

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

045a79796a957e36d2bad67dd0fbf4703156a6accf57956bdcc4e4e26166d5ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://partclone.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40584
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 20 Oct 2023 14:28:48 GMT
expires: Fri, 20 Oct 2023 14:28:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0D05 119 KB
39 KB 1462ms
1462ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9507710613356481&output=html&h=600&slotname=3362518801&adk=584815194&adf=3250391820&pi=t.ma~as.3362518801&w=300&lmt=1697804928&url=https%3A%2F%2Fpartclone.org%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697812127801&bpp=88&bdt=114&idt=372&shv=r20231011&mjsv=m202310160101&ptt=5&saldr=sd&abxe=1&prev_fmts=0x0&prev_slotnames=4907929316&nras=1&correlator=3285374660127&frm=20&pv=1&ga_vid=559999903.1697812128&ga_sid=1697812128&ga_hid=656983882&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1300&ady=95&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44805113%2C44805533%2C44805681%2C44805918%2C44805931%2C31078297%2C21065725%2C31078916&oid=2&pvsid=4022459969056053&tmod=1773388595&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=qaYow3pwwX&p=https%3A//partclone.org&dtd=374

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d982b7b01a7f7adc59f91910bf48d95f53f85a38e8a1d024f550805e7d8b9f7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://partclone.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40043
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 20 Oct 2023 14:28:49 GMT
expires: Fri, 20 Oct 2023 14:28:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DDD1 100 KB
37 KB 1883ms
1883ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9507710613356481&output=html&h=90&slotname=6579915600&adk=1525535536&adf=887624740&pi=t.ma~as.6579915600&w=970&lmt=1697804928&url=https%3A%2F%2Fpartclone.org%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697812127804&bpp=85&bdt=117&idt=373&shv=r20231011&mjsv=m202310160101&ptt=5&saldr=sd&abxe=1&prev_fmts=0x0&prev_slotnames=4907929316%2C3362518801&nras=1&correlator=3285374660127&frm=20&pv=1&ga_vid=559999903.1697812128&ga_sid=1697812128&ga_hid=656983882&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=388&ady=806&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44805113%2C44805533%2C44805681%2C44805918%2C44805931%2C31078297%2C21065725%2C31078916&oid=2&pvsid=4022459969056053&tmod=1773388595&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=nVZZaH0kNM&p=https%3A//partclone.org&dtd=376

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

461b36faf1839c7c6e7792bd930238305b27efd84301c2df124780dbdc0fad00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://partclone.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 38066
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 20 Oct 2023 14:28:50 GMT
expires: Fri, 20 Oct 2023 14:28:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 06ED 4 KB
1 KB 59ms
23ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9507710613356481&output=html&h=600&slotname=4907929316&adk=2753577935&adf=3655334244&pi=t.ma~as.4907929316&w=160&lmt=1697804928&url=https%3A%2F%2Fpartclone.org%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697812127797&bpp=92&bdt=109&idt=369&shv=r20231011&mjsv=m202310160101&ptt=5&saldr=sd&abxe=1&prev_fmts=0x0&nras=1&correlator=3285374660127&frm=20&pv=1&ga_vid=559999903.1697812128&ga_sid=1697812128&ga_hid=656983882&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=7&ady=280&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44805113%2C44805533%2C44805681%2C44805918%2C44805931%2C31078297%2C21065725%2C31078916&oid=2&pvsid=4022459969056053&tmod=1773388595&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=jJRg46g7o1&p=https%3A//partclone.org&dtd=373

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 20 Oct 2023 14:28:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 20 Oct 2023 13:08:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 20 Oct 2023 14:28:48 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 06ED 2 KB
879 B 53ms
15ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 00:02:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51974
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 798
x-xss-protection: 0
server: cafe
etag: 15713038447858168282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Nov 2023 00:02:34 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/ Frame 06ED 23 KB
9 KB 52ms
16ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 00:02:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51974
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9137
x-xss-protection: 0
server: cafe
etag: 5200559654007170660
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Nov 2023 00:02:34 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 06ED 3 KB
1 KB 51ms
16ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 11:21:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11209
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Nov 2023 11:21:59 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 06ED 20 KB
9 KB 49ms
13ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f74f99e9fe1027d19c741e71e7a2adf40f49a011d50cb110e45a0511f624fb3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 00:02:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51974
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8427
x-xss-protection: 0
server: cafe
etag: 8504628880869859743
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Nov 2023 00:02:34 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 06ED 187 KB
59 KB 68ms
25ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 14:28:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60178
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697628223465749"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Oct 2023 14:28:48 GMT

GET
H2 200 ccbada329de78be299cbea1a52c9a584.js Show response
www.gstatic.com/mysidia/ Frame 06ED 35 KB
15 KB 52ms
14ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ccbada329de78be299cbea1a52c9a584.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

003fffcd4e614a4719da6f886bd221851da79915061393b248af55fe0ddf9476

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 21:16:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 321154
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14787
x-xss-protection: 0
last-modified: Thu, 12 Oct 2023 21:09:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 14 Jan 2024 21:16:14 GMT

GET
DATA 200
OK truncated
/ Frame 06ED 287 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce

Request headers

Referer
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2

200

1772839622880022021
tpc.googlesyndication.com/simgad/ Frame 06ED
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODY64757QEQ_g4Y_g4yCFVnelAQir3D
https://tpc.googlesyndication.com/simgad/1772839622880022021

63 KB
63 KB

15ms
14ms

Image
image/png

2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1772839622880022021

Requested by

Protocol

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e90b2b87607fd178648468c5425c0d6fc14f93e5602e1ffb9c7296dc536b1cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 23:18:35 GMT
x-content-type-options: nosniff
age: 227413
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64430
x-xss-protection: 0
last-modified: Wed, 24 Aug 2022 06:37:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 16 Oct 2024 23:18:35 GMT

Redirect headers

date: Thu, 19 Oct 2023 22:11:24 GMT
x-content-type-options: nosniff
server: cafe
age: 58644
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/1772839622880022021
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 18 Nov 2023 22:11:24 GMT

GET
DATA 200
OK truncated
/ Frame 06ED 203 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c5aa44b830f9aadda6ac4921cca10a14dde45f9aa086a8b1a32e0c9f4c1bbc14

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 06ED 16 KB
16 KB 48ms
13ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 17:26:14 GMT
x-content-type-options: nosniff
age: 248555
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Oct 2024 17:26:14 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 06ED
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C4n0doI4yZfO0DLLtxgONxZSABfSF0NZz5rHIpMMQ2tkeEAEgzYyvBWCVgoCAsAegAZHrqNgDyAEJqQLms6xSnbyxPqgDAcgDywSqBNUBT9BPHyPsyrCT92tHvszlCrCNj_Be6Z5v229itvn...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216831597693699178492%22,%22debug_reporting%22:true,%22destination%22:%22https://condor.com%22,%22event_report_window%22:%2...

0
0

114ms
61ms

Fetch
text/css

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216831597693699178492%22,%22debug_reporting%22:true,%22destination%22:%22https://condor.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22990524817%22],%224%22:[%2210-20%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2218231426546714448961%22}&andc=true

Requested by

Host: partclone.org
URL: https://partclone.org/

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 14:28:49 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"16831597693699178492","debug_reporting":true,"destination":"https://condor.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["990524817"],"4":["10-20"],"6":["true"]},"priority":"500","source_event_id":"18231426546714448961"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 20 Oct 2023 14:28:49 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 20 Oct 2023 14:28:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"16831597693699178492","debug_reporting":true,"destination":"https://condor.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["990524817"],"4":["10-20"],"6":["true"]},"priority":"500","source_event_id":"18231426546714448961"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Go2L2UXASa3zgLYMtWkhikvoKs581XwKUqsvcPiRwIk.js Show response
pagead2.googlesyndication.com/bg/ Frame 6703 38 KB
14 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Go2L2UXASa3zgLYMtWkhikvoKs581XwKUqsvcPiRwIk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a8d8bd945c049adf380b60cb569218a4be82ace7cd57c0a52ab2f70f891c089

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 18:04:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 246262
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14651
x-xss-protection: 0
last-modified: Mon, 16 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 16 Oct 2024 18:04:27 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 103ms
59ms Preflight
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 20 Oct 2023 14:28:49 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310160101/ 158 KB
54 KB 85ms
85ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310160101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2692224db3626a9c0fc2e7443372dd1ce8357a7a57e119d23e15a1689ea7eee2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://partclone.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 14:28:49 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55131
x-xss-protection: 0
server: cafe
etag: 7228332050091216145
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 Oct 2023 14:28:49 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/ Frame 1A29 10 KB
4 KB 15ms
14ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://partclone.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 14520
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 20 Oct 2023 10:26:49 GMT
etag: 2603938475786422795
expires: Fri, 03 Nov 2023 10:26:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 1A29 4 KB
767 B 25ms
25ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 20 Oct 2023 14:28:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 20 Oct 2023 13:21:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 20 Oct 2023 14:28:49 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 1A29 205 B
519 B 15ms
13ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 08:48:51 GMT
x-content-type-options: nosniff
age: 20398
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 19 Oct 2024 08:48:51 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 1A29 604 B
695 B 15ms
14ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 08:46:37 GMT
x-content-type-options: nosniff
age: 20532
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 19 Oct 2024 08:46:37 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/elements/html/ Frame 1A29 15 KB
6 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

98fefe7f547279bd255dc14dc672ff50e5b5d330f6ae9d2fc3b0784be4b40de4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 23:10:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55082
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6582
x-xss-protection: 0
server: cafe
etag: 15902073051392820161
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Nov 2023 23:10:47 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/elements/html/ Frame 1A29 20 KB
8 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f5676a86af87439536dd10d678b3d458eee7d107a4a9bb0bac62752cc738fb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 18:05:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73373
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8598
x-xss-protection: 0
server: cafe
etag: 10300645532664441910
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Nov 2023 18:05:56 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 5236 6 KB
706 B 28ms
28ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 20 Oct 2023 14:28:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 20 Oct 2023 13:21:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 20 Oct 2023 14:28:49 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 5236 2 KB
825 B 14ms
14ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 00:02:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51975
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 798
x-xss-protection: 0
server: cafe
etag: 15713038447858168282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Nov 2023 00:02:34 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/ Frame 5236 23 KB
9 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 00:02:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51975
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9137
x-xss-protection: 0
server: cafe
etag: 5200559654007170660
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Nov 2023 00:02:34 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 5236 3 KB
1 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 11:21:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11210
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Nov 2023 11:21:59 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 5236 20 KB
8 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f74f99e9fe1027d19c741e71e7a2adf40f49a011d50cb110e45a0511f624fb3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 00:02:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51975
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8427
x-xss-protection: 0
server: cafe
etag: 8504628880869859743
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Nov 2023 00:02:34 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5236 187 KB
59 KB 27ms
25ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 14:28:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60178
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697628223465749"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Oct 2023 14:28:49 GMT

GET
H3 200 ccbada329de78be299cbea1a52c9a584.js Show response
www.gstatic.com/mysidia/ Frame 5236 35 KB
14 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ccbada329de78be299cbea1a52c9a584.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

003fffcd4e614a4719da6f886bd221851da79915061393b248af55fe0ddf9476

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 21:16:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 321155
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14787
x-xss-protection: 0
last-modified: Thu, 12 Oct 2023 21:09:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 14 Jan 2024 21:16:14 GMT

GET
H3 200 Go2L2UXASa3zgLYMtWkhikvoKs581XwKUqsvcPiRwIk.js Show response
pagead2.googlesyndication.com/bg/ Frame A01A 38 KB
14 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Go2L2UXASa3zgLYMtWkhikvoKs581XwKUqsvcPiRwIk.js

Requested by

Host: partclone.org
URL: https://partclone.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a8d8bd945c049adf380b60cb569218a4be82ace7cd57c0a52ab2f70f891c089

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 18:04:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 246262
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14651
x-xss-protection: 0
last-modified: Mon, 16 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 16 Oct 2024 18:04:27 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 0D05 14 KB
1 KB 25ms
24ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9507710613356481&output=html&h=600&slotname=3362518801&adk=584815194&adf=3250391820&pi=t.ma~as.3362518801&w=300&lmt=1697804928&url=https%3A%2F%2Fpartclone.org%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697812127801&bpp=88&bdt=114&idt=372&shv=r20231011&mjsv=m202310160101&ptt=5&saldr=sd&abxe=1&prev_fmts=0x0&prev_slotnames=4907929316&nras=1&correlator=3285374660127&frm=20&pv=1&ga_vid=559999903.1697812128&ga_sid=1697812128&ga_hid=656983882&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1300&ady=95&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44805113%2C44805533%2C44805681%2C44805918%2C44805931%2C31078297%2C21065725%2C31078916&oid=2&pvsid=4022459969056053&tmod=1773388595&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=qaYow3pwwX&p=https%3A//partclone.org&dtd=374

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

682ea4a49bafd3e0e6dfc629d601e44db6975ade7a6d579ef68e3b769a35ae8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 20 Oct 2023 14:28:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 20 Oct 2023 13:09:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 20 Oct 2023 14:28:49 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 0D05 2 KB
825 B 14ms
13ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 00:02:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51975
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 798
x-xss-protection: 0
server: cafe
etag: 15713038447858168282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Nov 2023 00:02:34 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/ Frame 0D05 23 KB
9 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 00:02:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51975
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9137
x-xss-protection: 0
server: cafe
etag: 5200559654007170660
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Nov 2023 00:02:34 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 0D05 3 KB
1 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 11:21:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11210
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Nov 2023 11:21:59 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame 0D05 20 KB
8 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f74f99e9fe1027d19c741e71e7a2adf40f49a011d50cb110e45a0511f624fb3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 00:02:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51975
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8427
x-xss-protection: 0
server: cafe
etag: 8504628880869859743
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Nov 2023 00:02:34 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0D05 187 KB
59 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 14:28:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60178
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697628223465749"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Oct 2023 14:28:49 GMT

GET
H3 200 ccbada329de78be299cbea1a52c9a584.js Show response
www.gstatic.com/mysidia/ Frame 0D05 35 KB
14 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ccbada329de78be299cbea1a52c9a584.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

003fffcd4e614a4719da6f886bd221851da79915061393b248af55fe0ddf9476

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 21:16:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 321155
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14787
x-xss-protection: 0
last-modified: Thu, 12 Oct 2023 21:09:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 14 Jan 2024 21:16:14 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 84AC 143 B
166 B 16ms
15ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9507710613356481&output=html&h=600&slotname=3362518801&adk=584815194&adf=3250391820&pi=t.ma~as.3362518801&w=300&lmt=1697804928&url=https%3A%2F%2Fpartclone.org%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697812127801&bpp=88&bdt=114&idt=372&shv=r20231011&mjsv=m202310160101&ptt=5&saldr=sd&abxe=1&prev_fmts=0x0&prev_slotnames=4907929316&nras=1&correlator=3285374660127&frm=20&pv=1&ga_vid=559999903.1697812128&ga_sid=1697812128&ga_hid=656983882&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1300&ady=95&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44805113%2C44805533%2C44805681%2C44805918%2C44805931%2C31078297%2C21065725%2C31078916&oid=2&pvsid=4022459969056053&tmod=1773388595&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=qaYow3pwwX&p=https%3A//partclone.org&dtd=374
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 291
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 20 Oct 2023 14:23:58 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 0D05 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a663467e111fd2237a1bc5255e8d702b099f29cb553ecab24efe98cbf898b5d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 0D05 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56fbb8155a0e85e89f933b391ca23e58deac778fccc731dcfffa5e326614baf4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 84AC
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

22ms
21ms

Document
text/html

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 20 Oct 2023 14:28:49 GMT
expires: Fri, 20 Oct 2023 14:28:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 20 Oct 2023 14:28:49 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 0D05 33 KB
33 KB 14ms
13ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 09:09:18 GMT
x-content-type-options: nosniff
age: 278371
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Oct 2024 09:09:18 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 0D05
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CEX22oI4yZdOADaK41fAPraGJsAvRtJTfcbe6y8nnD8CNtwEQASDNjK8FYJWCgICwB6ABnu-C_wPIAQGpAuazrFKdvLE-qAMByAPLBKoExgFP0K4H6if6mH00X6VcTs57C6lNLKGAe6MSZqs...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213746795110214046081%22,%22debug_reporting%22:true,%22destination%22:%22https://haufe.de%22,%22event_report_window%22:%222...

0
0

60ms
59ms

Fetch
text/css

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213746795110214046081%22,%22debug_reporting%22:true,%22destination%22:%22https://haufe.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221071691678%22],%224%22:[%2210-20%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222637499087624625937%22}&andc=true

Requested by

Host: partclone.org
URL: https://partclone.org/

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 14:28:49 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"13746795110214046081","debug_reporting":true,"destination":"https://haufe.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1071691678"],"4":["10-20"],"6":["true"]},"priority":"500","source_event_id":"2637499087624625937"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 20 Oct 2023 14:28:49 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 20 Oct 2023 14:28:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"13746795110214046081","debug_reporting":true,"destination":"https://haufe.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1071691678"],"4":["10-20"],"6":["true"]},"priority":"500","source_event_id":"2637499087624625937"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Go2L2UXASa3zgLYMtWkhikvoKs581XwKUqsvcPiRwIk.js Show response
pagead2.googlesyndication.com/bg/ Frame 2BAE 38 KB
14 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Go2L2UXASa3zgLYMtWkhikvoKs581XwKUqsvcPiRwIk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a8d8bd945c049adf380b60cb569218a4be82ace7cd57c0a52ab2f70f891c089

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 18:04:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 246262
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14651
x-xss-protection: 0
last-modified: Mon, 16 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 16 Oct 2024 18:04:27 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 61ms
60ms Preflight
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 20 Oct 2023 14:28:49 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 06ED 42 B
64 B 152ms
122ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsurRU-6MprKuHRTaQHqFZk4oZbTZVQ7NUH4NoqbTYH--tZPi181xZBVGYWh1_CBj31tb_j2qkZBD092tBe1DMXtEi4Wzy_rI1Zxj4KeIebe8bfFZHk1e8_vqzLDVVBTr6KaqonTAfgUoOw8&sai=AMfl-YRE_-2ztsxELoSKgRAgOulwySexw-YKmSiqrqg_BjMVIaoFomnDJCVZV7xfa_v1vOScpCbiP3rH0A2wZJ5nwgxFC9mapc0x_K3UB8KiunoWiBAbGoKidzuV5V8fGAQwwbzZe4Mq5cnZVb24&sig=Cg0ArKJSzKjTJcKar9tJEAE&cid=CAQSSwDICaaNtrtYwl8HSew4VhZtdFDAuqFfCt6tMXQaKrKIkd7p9Wp_f_ofryKk1V_NFuH6mTQVuaJPmFUZVDLziCXKjgTazH-TE9SPLBgB&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231018&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2753577935&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697812128171&rpt=843&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 14:28:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 7930622297059640347
tpc.googlesyndication.com/daca_images/simgad/ Frame DDD1 49 KB
49 KB 15ms
15ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/7930622297059640347

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9507710613356481&output=html&h=90&slotname=6579915600&adk=1525535536&adf=887624740&pi=t.ma~as.6579915600&w=970&lmt=1697804928&url=https%3A%2F%2Fpartclone.org%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697812127804&bpp=85&bdt=117&idt=373&shv=r20231011&mjsv=m202310160101&ptt=5&saldr=sd&abxe=1&prev_fmts=0x0&prev_slotnames=4907929316%2C3362518801&nras=1&correlator=3285374660127&frm=20&pv=1&ga_vid=559999903.1697812128&ga_sid=1697812128&ga_hid=656983882&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=388&ady=806&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44805113%2C44805533%2C44805681%2C44805918%2C44805931%2C31078297%2C21065725%2C31078916&oid=2&pvsid=4022459969056053&tmod=1773388595&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=nVZZaH0kNM&p=https%3A//partclone.org&dtd=376

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16bdb9fac7852959237e46f2d94e4169edf5df72f929ee5388c6c77247bd50f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 23:00:33 GMT
x-content-type-options: nosniff
age: 487697
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50067
x-xss-protection: 0
last-modified: Sat, 14 Oct 2023 12:18:13 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 13 Oct 2024 23:00:33 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/ Frame DDD1 23 KB
9 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 00:02:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51976
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9137
x-xss-protection: 0
server: cafe
etag: 5200559654007170660
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Nov 2023 00:02:34 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame DDD1 3 KB
1 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 11:21:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11211
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Nov 2023 11:21:59 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame DDD1 20 KB
8 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f74f99e9fe1027d19c741e71e7a2adf40f49a011d50cb110e45a0511f624fb3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 00:02:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51976
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8427
x-xss-protection: 0
server: cafe
etag: 8504628880869859743
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 03 Nov 2023 00:02:34 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DDD1 187 KB
59 KB 1000ms
1000ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 14:28:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60178
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697628223465749"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 20 Oct 2023 14:28:51 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/ Frame DDD1 35 KB
14 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231017/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e6377c14fa674c71d4d063d76f484e24ae14ffb448d6012fb7a8ffbfecfc806

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 18:03:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73535
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14404
x-xss-protection: 0
server: cafe
etag: 4553288349416424644
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 02 Nov 2023 18:03:15 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D3E1 143 B
166 B 14ms
13ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9507710613356481&output=html&h=90&slotname=6579915600&adk=1525535536&adf=887624740&pi=t.ma~as.6579915600&w=970&lmt=1697804928&url=https%3A%2F%2Fpartclone.org%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697812127804&bpp=85&bdt=117&idt=373&shv=r20231011&mjsv=m202310160101&ptt=5&saldr=sd&abxe=1&prev_fmts=0x0&prev_slotnames=4907929316%2C3362518801&nras=1&correlator=3285374660127&frm=20&pv=1&ga_vid=559999903.1697812128&ga_sid=1697812128&ga_hid=656983882&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=388&ady=806&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44805113%2C44805533%2C44805681%2C44805918%2C44805931%2C31078297%2C21065725%2C31078916&oid=2&pvsid=4022459969056053&tmod=1773388595&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=nVZZaH0kNM&p=https%3A//partclone.org&dtd=376
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 292
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 20 Oct 2023 14:23:58 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame DDD1 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 38c677e745e4595db1a3ffbcf83cedcaefdfdccec387948460bda5baddecfd11

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D3E1
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

27ms
26ms

Document
text/html

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 20 Oct 2023 14:28:50 GMT
expires: Fri, 20 Oct 2023 14:28:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 20 Oct 2023 14:28:50 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0D05 42 B
64 B 122ms
122ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvTVndLsFmQzgMZ_pWlwqudS6ey3diea7pARk7RQ01ylAtHRKYEZbuWpFjDaosUJ7bKDCFLyuX0mBWFfEzNDivCeM1rFLA0HRE1LOqgD456KqfOdrvTpZvIA6Dh36CwKHj7VatW2cCYDd6w&sai=AMfl-YRkcR5diF2vxzLUi4vmnC-BVU1EYAMDkZtDHoeYXWWMwVs_4Mbu11JYHCGHb5JJXlYwqw67IOUFMEYrnz1Jbo7_We2UzNlAJN_g4tE93gDKfXsLDCuSJuSWDjcSaaZykM1u2yvmnce1Wohb&sig=Cg0ArKJSzDpg51i-BUHqEAE&cid=CAQSSwDICaaNjD9wq2ZjjZZ-IDVFNdtxCrSE3o_1kpZyEneIGOLLLDRG326xlANhXczUtb4ye80OgeRblEu3j34CHBT2VJn8jFDK2XgKSxgB&id=lidar2&mcvt=1000&p=0,0,600,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231018&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=584815194&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697812128176&rpt=1608&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 14:28:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame DDD1
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CN_TxoI4yZbP_DLOo1fAPkJWq0AWloM3Uc6H87puAEobviZWPDhABIM2MrwVglYKAgLAHoAH75N-YA8gBAqkC5rOsUp28sT6oAwHIA8kEqgTHAU_QjVz583DXNsv813y83zt4KJUB5wqyZnp...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229605135865141600657%22,%22debug_reporting%22:true,%22destination%22:%22https://enpal.de%22,%22event_report_window%22:%2225...

0
0

59ms
58ms

Fetch
text/css

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%229605135865141600657%22,%22debug_reporting%22:true,%22destination%22:%22https://enpal.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22857207419%22],%224%22:[%2210-20%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222592518864689782673%22}&andc=true

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 14:28:51 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"9605135865141600657","debug_reporting":true,"destination":"https://enpal.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["857207419"],"4":["10-20"],"6":["true"]},"priority":"500","source_event_id":"2592518864689782673"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 20 Oct 2023 14:28:51 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 20 Oct 2023 14:28:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"9605135865141600657","debug_reporting":true,"destination":"https://enpal.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["857207419"],"4":["10-20"],"6":["true"]},"priority":"500","source_event_id":"2592518864689782673"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 63ms
63ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231011&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b7338ac0db0673c278e09ea8dec2daaa33c2e9e060bb0e5c7851cc5e78d2ad3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://partclone.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 14:28:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12284
x-xss-protection: 0

GET
H3 200 Go2L2UXASa3zgLYMtWkhikvoKs581XwKUqsvcPiRwIk.js Show response
pagead2.googlesyndication.com/bg/ Frame FDA0 38 KB
14 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Go2L2UXASa3zgLYMtWkhikvoKs581XwKUqsvcPiRwIk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a8d8bd945c049adf380b60cb569218a4be82ace7cd57c0a52ab2f70f891c089

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 18:04:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 246264
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14651
x-xss-protection: 0
last-modified: Mon, 16 Oct 2023 11:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 16 Oct 2024 18:04:27 GMT

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 60ms
59ms Preflight
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 20 Oct 2023 14:28:51 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://partclone.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 14:28:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 20 Oct 2023 14:28:51 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EFE6 13 KB
5 KB 16ms
14ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://partclone.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 11186
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 20 Oct 2023 11:22:25 GMT
expires: Sat, 19 Oct 2024 11:22:25 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E86B 829 B
561 B 25ms
24ms Document
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0755f139c8e76c5b675415a5cce53c811f2852a7c11aabb708e79b24e329d9d2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-J5kU3AUX4WKxd-znby42oQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://partclone.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-J5kU3AUX4WKxd-znby42oQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 20 Oct 2023 14:28:51 GMT
expires: Fri, 20 Oct 2023 14:28:51 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js Show response
pagead2.googlesyndication.com/bg/ Frame EFE6 37 KB
14 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 11:21:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11213
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14648
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 07:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 19 Oct 2024 11:21:58 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E86B 0
0 117ms
116ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231011&jk=4022459969056053&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame EFE6 0
10 B 13ms
13ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?AHnLGQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 14:28:51 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 124ms
124ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231011&jk=4022459969056053&bg=!srGlsf7NAAbFpEfJ5aQ7ADQBe5WfOMSiZDSIkLvIzE8q_wpVaZICvmUbS_CQUiVBGmv4RNihZx_g1SmOWwzPlzTbg9uKAgAAAEpSAAAACmgBBwoAePTKuDA4iCY04TFvxGraeyuPDnBOJgt1TGl6q4lsskBlBYJ9C9vJXc5WyQhV-rziKOdMX3b1ZMep8Z9O4dg78OdQEDHm8CTt_r0a2ObwK2aoD3cxl5inB9Go9wpCR9a2oBLErTSkyR4sh8bLN8_FdeAS2_J5koNRZJkC6v3p3lc27gbas3lPY_EcFsYCwobW-lIRaUP8CKDEX2lArkInYN-xXZl4vuIBijlNtLmfg6gBGjQ1J-54fn4ZzWoGqKJSQCUU6-F6b6WLZCm2wlvbkYsOmEEiXC68lEWzyEYwcs6e6X99zEMxLUgL9hWHRwpPaldl2hkRzC077K4_zivM8f2fuePNUG7EQzkS4VESOA1NrQqItKfQq-5xHLmAlfqTjT8oBSPJO5Tvc7JGHbAaEPs7zDWp6UFg22fHHWdkUJASkLKOdd76L6nqHdXbZIqkcKj1qk-aLL-Qp8-tpzdpfWb-6XgbVeioLnph-gnT8k4NjiBPjySYFUrZZK7oO_6gGo4RrRrXSWIb3sZXnOeQbJ6ffR4kqr1cJUP-VZ9GQf8ymWmE4gxC1uqunH-v1ffp6wOWqZRRQZEBbqs_jRG0ErAm1zvtuf_fGPgbwUD-lU7dJROdt1aE85Lip04hE_MbEg7Nt5sKbBDrs-pYjKh7b4dpQq9aJITIEIV0L35sW0rPclXx345r0XSelbb6oFUvovM2Kb-96y0eTf4dtEP2gO_amcCnCD1vpYDjbNYG1aoMtAjMFGaZGBANy1R__wHYBDg5mwyUhoga3sFN-BvT3zoOmLMmXOV-hWRRHT1tiaiG8GT6EJA-YIQz1KgAIC1rX5RY4Db5BfTzWC7xgVJBGR1vp-9j8RfRTT0bSuyb_JXbu-n4ZUsSi0rtaiLgp53VhUVcnG_ND3DDtlWjL0a2Ub9xno3NZJvdZYLFLFGEKcHjsmYNvXeP9NndNb6XzXpbPtcgweOmzcIkNfpms4nPqw6eSl1Z6BybGI3IF5NkEVw0bQqeh90ODN-7bTY2a4wBFmUqihTIr6qqPt3G4PLXFnHiDuWaD1pgEQTcWj_X6k1Bk-PbwESuLLZipqLq5N9Ca59XCjPY2xjqQpB3NwJjK3k8sCyKgIOfwA72v7l0jo7s-yzhMAPKZI9jhLV230Db3alK21gn
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://partclone.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DDD1 42 B
64 B 123ms
122ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstlf7IQyrD3UY0dKZxL4jhuajH-4ikmuJWlGV1JxgrlPqvopk_hAxGfKPm08jCuoK55RKz8qeDilXtpjSK0AqBg1gi9lwB6PJDbtbNFCQjLTV9d1ceqM-58HtnE2L9GyRPoaOWYNaDcCOlK&sai=AMfl-YRXrTcgTqICl9X0aijQyFeFboVw2L79Uae5AjvY93jYw4R4s3bN7Sn4o5iNQWWMXbXIA3GrGeZXf4XhQUnrCkdhLb8F1dJIJkXDPmY2wp6DcpZDL8gGQUkuNgTK7c1hSAHFPN8K0wqb6RtOuQ&sig=Cg0ArKJSzBAPOE35ZHsuEAE&cid=CAQSTADICaaNtZnDzi6wcqqbHwcGFenKOKj7MyZ1eTctHpYDrT6klklPoMochHm4FHuwGzUHMjJoPEW4c2waaUxpaIRWb9lOA1d81LUVLQwYAQ&id=lidar2&mcvt=1000&p=0,0,90,970&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231018&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1525535536&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697812128181&rpt=2930&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 14:28:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

194 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.partclone.org/	1970-01-21 00:58:28	Name: __gads Value: ID=73a638a2b32368fb:T=1697812128:RT=1697812128:S=ALNI_MbxDpuLpaQ6hP6rGGmZC3EOlJ0_ug
.partclone.org/	1970-01-21 00:58:28	Name: __gpi Value: UID=00000cbbda8d1c2e:T=1697812128:RT=1697812128:S=ALNI_MZsWVeTsScxjMaNmMNAsArLd907uw
.doubleclick.net/	1970-01-21 00:58:28	Name: IDE Value: AHWqTUk_K-sdLDJRvWzsMYovfLs7vHLzkZf8MSPb9VOyOG_b4oWg9Lv7I4P3YBceca4
.doubleclick.net/	1970-01-20 15:36:53	Name: test_cookie Value: CheckForPermission
.googleadservices.com/	1970-01-20 17:46:28	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-20 15:36:55	Name: DSID Value: NO_DATA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
clients1.google.com
clustrmaps.com
cse.google.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partclone.org
partner.googleadservices.com
sflogo.sourceforge.net
tpc.googlesyndication.com
www.clustrmaps.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
142.250.185.162
2606:4700:10::6816:3fdb
2606:4700:4400::6812:256f
2606:4700::6811:190e
2a00:1450:4001:800::2002
2a00:1450:4001:802::200e
2a00:1450:4001:803::2004
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::200a
2a00:1450:4001:80e::2002
2a00:1450:4001:81c::200e
2a00:1450:4001:827::2003
2a00:1450:4001:828::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2003
69.163.180.58
003fffcd4e614a4719da6f886bd221851da79915061393b248af55fe0ddf9476
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
045a79796a957e36d2bad67dd0fbf4703156a6accf57956bdcc4e4e26166d5ef
0755f139c8e76c5b675415a5cce53c811f2852a7c11aabb708e79b24e329d9d2
0bbb277600331b9d22a841b5ae444cbe85ebc247270c4f7e06266559873321ab
0e6377c14fa674c71d4d063d76f484e24ae14ffb448d6012fb7a8ffbfecfc806
100e1bd433b0fbe35e8d609395d4f9a1cbafbeddb64a30b6ac6fcc7888f9310a
16bdb9fac7852959237e46f2d94e4169edf5df72f929ee5388c6c77247bd50f5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a8d8bd945c049adf380b60cb569218a4be82ace7cd57c0a52ab2f70f891c089
1b7338ac0db0673c278e09ea8dec2daaa33c2e9e060bb0e5c7851cc5e78d2ad3
24b09f32579c1a750881c826ebd056dc252fe6ae0d8a03f707dfc88a61060d7e
2692224db3626a9c0fc2e7443372dd1ce8357a7a57e119d23e15a1689ea7eee2
27f7baf8979a76d38ead6dbdcbd9cb5611eb28e469c6df19ad1c2fc47dd35f97
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
38c677e745e4595db1a3ffbcf83cedcaefdfdccec387948460bda5baddecfd11
3a663467e111fd2237a1bc5255e8d702b099f29cb553ecab24efe98cbf898b5d
3ccb807aaddf1192c1de0b2f05ac687d4f0180c9c601aa4986ff9b77dd77f4b3
3dff7d321ee2d2e90e4cbd7b21f41d1e8d3e808ded95b27056c86b03e7172bdf
3f5676a86af87439536dd10d678b3d458eee7d107a4a9bb0bac62752cc738fb0
456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4
45edbc85483b4cde24376ffc1a6b93969f8e51cd2e73547f84824c8f54fb79f9
461b36faf1839c7c6e7792bd930238305b27efd84301c2df124780dbdc0fad00
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56fbb8155a0e85e89f933b391ca23e58deac778fccc731dcfffa5e326614baf4
597d9c40aa37d9119adb9925c6f679561cc5731807f826a96e4ba689051fae1c
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5ee9e63e519096342d5899e32f1a38b4880ffba6b2aff64178b955a3b7f3a80d
605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
681ccacfa243772e6b3179d813ae074150839ce30a89ccf12a10d9774d5f8df5
682ea4a49bafd3e0e6dfc629d601e44db6975ade7a6d579ef68e3b769a35ae8f
6e90b2b87607fd178648468c5425c0d6fc14f93e5602e1ffb9c7296dc536b1cf
764b2d0712418f3eab2213e23571bc243683e14e702baca9c4a64f2c795d4a8b
830179b0aa3829a00191b4580a21eac232a09e77d715c919ea7ca0ce0031fc36
94f92bec2e9838967359dfacd950a04c43b074bdd85748794f898b25c9440ec7
98fefe7f547279bd255dc14dc672ff50e5b5d330f6ae9d2fc3b0784be4b40de4
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
c0cb6aab4775552265b22ea0ede4b1c09fbc9e5b9ffe0f894063ed3aadacf09b
c49db62a1c7685552f28189c0b1a6e42d9cdccc0258fe1c5adb6495a1829f6bc
c5aa44b830f9aadda6ac4921cca10a14dde45f9aa086a8b1a32e0c9f4c1bbc14
c78cbc891d36ddcc95ff6786a968ef27edab4085779b578253a42bcb9f8f44af
c965aefdb4c6acf10f46758dc1601a64d811dcf3a378bf9e90278916aa47508f
d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731
d982b7b01a7f7adc59f91910bf48d95f53f85a38e8a1d024f550805e7d8b9f7c
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f74f99e9fe1027d19c741e71e7a2adf40f49a011d50cb110e45a0511f624fb3a
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

partclone.org Open in urlscan Pro 69.163.180.58 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

86 Requests

94 %HTTPS

88 %IPv6

11 Domains

17 Subdomains

17 IPs

2 Countries

1298 kBTransfer

3403 kBSize

6 Cookies

11 Outgoing links

Page URL History

Redirected requests

86 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

partclone.org Open in urlscan Pro
69.163.180.58 Public Scan

Screenshot
Live screenshot

Full Image

86
Requests

94 %
HTTPS

88 %
IPv6

11
Domains

17
Subdomains

17
IPs

2
Countries

1298 kB
Transfer

3403 kB
Size

6
Cookies

86 HTTP transactions
5 data transactions