www.kostenloses-gehaltskonto.info Open in urlscan Pro
85.13.154.215 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.kostenloses-gehaltskonto.info/
Submission: On September 08 via automatic, source certstream-suspicious (September 8th 2021, 3:00:57 am UTC)

Summary HTTP 78 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 18 IPs in 3 countries across 18 domains to perform 78 HTTP transactions. The main IP is 85.13.154.215, located in Germany and belongs to NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE. The main domain is www.kostenloses-gehaltskonto.info.
TLS certificate: Issued by R3 on July 10th 2021. Valid for: 3 months.

This is the only time www.kostenloses-gehaltskonto.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	85.13.154.215 85.13.154.215	34788 (NMM-AS D) (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68)
10	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2 2	85.199.80.233 85.199.80.233	12693 (EDISCOM A...) (EDISCOM Am Kanal 4a)
1 1	217.79.188.54 217.79.188.54	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	217.79.188.10 217.79.188.10	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	2a01:488:42:1... 2a01:488:42:1000:57e6:68d2:a:18a3	20773 (GODADDY) (GODADDY)
9	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	91.228.74.198 91.228.74.198	16509 (AMAZON-02) (AMAZON-02)
1 1	18.195.172.136 18.195.172.136	16509 (AMAZON-02) (AMAZON-02)
6	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
2 2	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2 2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
78	18

14 85.13.154.215 (Germany)

ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE)
PTR: dd38406.kasserver.com

www.kostenloses-gehaltskonto.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kostenloses-gehaltskonto.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.199.80.233 (Dallgow-Doeberitz, Germany) 2 redirects

ASN12693 (EDISCOM Am Kanal 4a, 14467 Potsdam, DE)
PTR: fin-lamp-new.dns.boreus.de

www.financeads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.79.188.54 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: aa.adfarm1.adition.com

ad13.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.79.188.10 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: imagesrv.adition.com

imagesrv.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a01:488:42:1000:57e6:68d2:a:18a3 (Germany)

ASN20773 (GODADDY, DE)

www.fndsda.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.228.74.198 (United Kingdom)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.172.136 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-172-136.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.215.191 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	327 KB
14	doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	65 KB
14	kostenloses-gehaltskonto.info www.kostenloses-gehaltskonto.info kostenloses-gehaltskonto.info	274 KB
11	google.com 1 redirects fundingchoicesmessages.google.com adservice.google.com www.google.com	86 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	71 KB
3	googletagservices.com www.googletagservices.com	101 KB
2	pubmatic.com 2 redirects image6.pubmatic.com	1 KB
2	openx.net 2 redirects rtb.openx.net	758 B
2	addthis.com 2 redirects e.dlx.addthis.com	1 KB
2	googleapis.com fonts.googleapis.com	1 KB
2	google.de adservice.google.de	975 B
2	adition.com 1 redirects ad13.adfarm1.adition.com imagesrv.adition.com	45 KB
2	financeads.net 2 redirects www.financeads.net	759 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com	461 B
1	agkn.com 1 redirects d.agkn.com	763 B
1	quantserve.com cms.quantserve.com	463 B
1	googleadservices.com partner.googleadservices.com	669 B
1	fndsda.net www.fndsda.net	31 KB
78	18

	Domain	Requested by
12	tpc.googlesyndication.com	pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
12	www.kostenloses-gehaltskonto.info	www.kostenloses-gehaltskonto.info
10	pagead2.googlesyndication.com	www.kostenloses-gehaltskonto.info pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
6	cm.g.doubleclick.net	googleads.g.doubleclick.net
6	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
4	www.gstatic.com	googleads.g.doubleclick.net
3	www.google.com	1 redirects tpc.googlesyndication.com googleads.g.doubleclick.net
3	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
2	image6.pubmatic.com	2 redirects
2	rtb.openx.net	2 redirects
2	e.dlx.addthis.com	2 redirects
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	kostenloses-gehaltskonto.info	www.kostenloses-gehaltskonto.info
2	www.financeads.net	2 redirects
1	pixel.rubiconproject.com	1 redirects
1	d.agkn.com	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.fndsda.net	www.kostenloses-gehaltskonto.info
1	imagesrv.adition.com	www.kostenloses-gehaltskonto.info
1	ad13.adfarm1.adition.com	1 redirects
78	25

This site contains links to these domains. Also see Links.

Domain
www.online-girokonto.com
themezee.com

Subject Issuer	Validity	Valid
kostenloses-gehaltskonto.info R3	`2021-07-10` - `2021-10-08`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.adition.com AlphaSSL CA - SHA256 - G2	`2021-04-15` - `2022-05-17`	a year	crt.sh
www.fndsda.net Thawte TLS RSA CA G1	`2021-03-09` - `2022-04-09`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-16` - `2021-11-08`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh

This page contains 10 frames:

Primary Page: https://www.kostenloses-gehaltskonto.info/
Frame ID: AB3331F69586DA5523D3DE7558B657F8
Requests: 34 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210901/r20190131/zrt_lookup.html
Frame ID: 2C53B20C1C2A364AF708D2D12D17D6DB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2543616685264635&output=html&adk=1812271804&adf=3025194257&lmt=1631056680&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&tp=site_kit&format=0x0&url=https%3A%2F%2Fwww.kostenloses-gehaltskonto.info%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1631070039214&bpp=3&bdt=239&idt=73&shv=r20210901&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=600248889390&frm=20&pv=2&ga_vid=1494432372.1631070039&ga_sid=1631070039&ga_hid=330435743&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31060048%2C31062297&oid=3&pvsid=3913625348242709&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=207
Frame ID: 2F24255502C64AF0F48B3897236A8550
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2543616685264635&output=html&h=280&adk=1341286740&adf=1432020658&pi=t.aa~a.456865971~i.33~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1631056680&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8070071204&tp=site_kit&psa=0&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fwww.kostenloses-gehaltskonto.info%2F&flash=0&fwr=0&pra=3&rh=200&rw=1205&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1631070040030&bpp=3&bdt=1055&idt=3&shv=r20210901&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db0ad9ed43d4bd537-225dccb4e2ca0083%3AT%3D1631070039%3ART%3D1631070039%3AS%3DALNI_MaxLC90CLfsH2xNPcvam6UIiRjEwQ&prev_fmts=0x0&nras=2&correlator=600248889390&frm=20&pv=1&ga_vid=1494432372.1631070039&ga_sid=1631070039&ga_hid=330435743&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31060048%2C31062297&oid=3&pvsid=3913625348242709&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Fce4vHVuyF&p=https%3A//www.kostenloses-gehaltskonto.info&dtd=13
Frame ID: 17991BED485CFDC80518F1304EC72D77
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210901/r20110914/zrt_lookup.html?fsb=1
Frame ID: B9EF8C7EFF1E5CAF35E503168428A3AA
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 93CE4FDC887225C1CB5DC47AC8AE15B5
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8460E67F7385C000BF980F86C3F4E330
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: FFBAA02103241F9013314AA52872BCC1
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4910FA7CD98C3DAEB2D42E8275D0D675
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/rWlMBfa9MpU8odUgYO2XS-jQK_KO9aJyNzJvjgjzx8o.js
Frame ID: 313658478C93A41726273749FAA2E6AC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Kostenloses Gehaltskonto - ohne wenn und aber!

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

script /react.*\.js/i

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

78
Requests

99 %
HTTPS

50 %
IPv6

18
Domains

25
Subdomains

18
IPs

3
Countries

1003 kB
Transfer

2187 kB
Size

3
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.online-girokonto.com/studentenkonto/
Title: Studenten, Schüler und Azubis

Search URL Search Domain Scan URL

URL: https://themezee.com/
Title: ThemeZee

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://www.financeads.net/tb.php?t=14432V87024051B&https=1 HTTP 302
https://ad13.adfarm1.adition.com/banner?sid=4529260&kid=3627325&bid=11095756 HTTP 302
https://imagesrv.adition.com/banners/3282/files/00/1f/c0/31/000002080817.gif

Request Chain 15

https://www.financeads.net/tb.php?t=21534V10310033B&https=1 HTTP 302
https://www.fndsda.net/b/DKB/3002501.gif

Request Chain 52

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 71

https://d.agkn.com/pixel/2175/?google_gid=CAESELeQwyBthFjwDideC0Ktgyg&google_cver=1&google_push=AYg5qPJs69DkSWTq-YynUMPikeVzkF5vWPKx1FG_Dpt75vrzApFrCZEwL7KlT0po3OiKXZEapJs-dtD8kFM4mIN8nlCni7pPll0a HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJs69DkSWTq-YynUMPikeVzkF5vWPKx1FG_Dpt75vrzApFrCZEwL7KlT0po3OiKXZEapJs-dtD8kFM4mIN8nlCni7pPll0a&google_hm=Q0FFU0VMZVF3eUJ0aEZqd0RpZGVDMEt0Z3ln

Request Chain 72

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJARDvSd96QzMB50Zlsp2VPbLyO901CfsEfbo8-jOuP1s9f_8DmWBdJmgQX0SlQBd1VY_omyHXy2cL-f9F51nKG6Ne9ggqZ&google_gid=CAESEDirOQF7G18e73hG_QCCZgQ&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJARDvSd96QzMB50Zlsp2VPbLyO901CfsEfbo8-jOuP1s9f_8DmWBdJmgQX0SlQBd1VY_omyHXy2cL-f9F51nKG6Ne9ggqZ&google_gid=CAESEDirOQF7G18e73hG_QCCZgQ&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA5MDgwMzAwNDEwMDA0ODEyMzI4MzU0OA%3D%3D&google_push=AYg5qPJARDvSd96QzMB50Zlsp2VPbLyO901CfsEfbo8-jOuP1s9f_8DmWBdJmgQX0SlQBd1VY_omyHXy2cL-f9F51nKG6Ne9ggqZ

Request Chain 73

https://rtb.openx.net/sync/dds?google_gid=CAESEC6Wr-NR4N0cut6UGmdqeIc&google_cver=1&google_push=AYg5qPL00RwTmxcTFvFaVVPVliy--7GXdoEOUKqas4OaVYB3MWCo7P7VDzBmbHi5haFVCPyAS63YRt_gWY0Q2YoW-tHIwVOpvBo HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEC6Wr-NR4N0cut6UGmdqeIc&google_cver=1&google_push=AYg5qPL00RwTmxcTFvFaVVPVliy--7GXdoEOUKqas4OaVYB3MWCo7P7VDzBmbHi5haFVCPyAS63YRt_gWY0Q2YoW-tHIwVOpvBo&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPL00RwTmxcTFvFaVVPVliy--7GXdoEOUKqas4OaVYB3MWCo7P7VDzBmbHi5haFVCPyAS63YRt_gWY0Q2YoW-tHIwVOpvBo&google_hm=ouR377qVy-Qf27_kdTlBFg==

Request Chain 74

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECaVV7ZkMGqSigG9Oiw-yXg&google_cver=1&google_push=AYg5qPLunWuR2B4KbrnMgDdQUs_i4WoNyhF2ExRyw_yLcuwWOxdoi37CcN1iW9zgRNMZubbD5oH1KfYQeG0rCwOaDIrcndckFfUE HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECaVV7ZkMGqSigG9Oiw-yXg&google_cver=1&google_push=AYg5qPLunWuR2B4KbrnMgDdQUs_i4WoNyhF2ExRyw_yLcuwWOxdoi37CcN1iW9zgRNMZubbD5oH1KfYQeG0rCwOaDIrcndckFfUE&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Q05ShEduRyOs1qtbeyf00w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLunWuR2B4KbrnMgDdQUs_i4WoNyhF2ExRyw_yLcuwWOxdoi37CcN1iW9zgRNMZubbD5oH1KfYQeG0rCwOaDIrcndckFfUE

Request Chain 75

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIcgOJPDJWBlj8Fulb6LKEI&google_cver=1&google_push=AYg5qPJE4F7cylOAsanDxZ1hr7r1UJThNy1ALL1mSonGvKWjwOKgyP3zsk7XMaM7_b1hJP-woaN7OzWAQcjqcHFxM3L_1VpamplT HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1RBV1pNODktMUotOERFOQ==&google_push=AYg5qPJE4F7cylOAsanDxZ1hr7r1UJThNy1ALL1mSonGvKWjwOKgyP3zsk7XMaM7_b1hJP-woaN7OzWAQcjqcHFxM3L_1VpamplT

Request Chain 76

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGJ2VMsko2GmTNfTqnBAG8U&google_cver=1&google_push=AYg5qPJGnz4vObxeC6a4-juOoHjZ8zYCxVQPBUlPukLKSGvjHnejR0Muci_ARwt1Rx6c56tizrcosCIbNgQVxSEVWWCP9qHzbQW8 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEGJ2VMsko2GmTNfTqnBAG8U&google_push=AYg5qPJGnz4vObxeC6a4-juOoHjZ8zYCxVQPBUlPukLKSGvjHnejR0Muci_ARwt1Rx6c56tizrcosCIbNgQVxSEVWWCP9qHzbQW8&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTgnWCTQOZCQbVGvfwwVsAAABKwAAAIB&google_gid=CAESEGJ2VMsko2GmTNfTqnBAG8U&google_cver=1&google_push=AYg5qPJGnz4vObxeC6a4-juOoHjZ8zYCxVQPBUlPukLKSGvjHnejR0Muci_ARwt1Rx6c56tizrcosCIbNgQVxSEVWWCP9qHzbQW8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTgnWCTQOZCQbVGvfwwVsAAABKwAAAIB&google_gid=CAESEGJ2VMsko2GmTNfTqnBAG8U&google_cver=1&google_push=AYg5qPJGnz4vObxeC6a4-juOoHjZ8zYCxVQPBUlPukLKSGvjHnejR0Muci_ARwt1Rx6c56tizrcosCIbNgQVxSEVWWCP9qHzbQW8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTgnWCTQOZCQbVGvfwwVsAAABKwAAAIB&google_gid=CAESEGJ2VMsko2GmTNfTqnBAG8U&google_cver=1&google_push=AYg5qPJGnz4vObxeC6a4-juOoHjZ8zYCxVQPBUlPukLKSGvjHnejR0Muci_ARwt1Rx6c56tizrcosCIbNgQVxSEVWWCP9qHzbQW8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTgnWCTQOZCQbVGvfwwVsAAABKwAAAIB&google_gid=CAESEGJ2VMsko2GmTNfTqnBAG8U&google_cver=1&google_push=AYg5qPJGnz4vObxeC6a4-juOoHjZ8zYCxVQPBUlPukLKSGvjHnejR0Muci_ARwt1Rx6c56tizrcosCIbNgQVxSEVWWCP9qHzbQW8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTgnWCTQOZCQbVGvfwwVsAAABKwAAAIB&google_gid=CAESEGJ2VMsko2GmTNfTqnBAG8U&google_cver=1&google_push=AYg5qPJGnz4vObxeC6a4-juOoHjZ8zYCxVQPBUlPukLKSGvjHnejR0Muci_ARwt1Rx6c56tizrcosCIbNgQVxSEVWWCP9qHzbQW8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTgnWCTQOZCQbVGvfwwVsAAABKwAAAIB&google_gid=CAESEGJ2VMsko2GmTNfTqnBAG8U&google_cver=1&google_push=AYg5qPJGnz4vObxeC6a4-juOoHjZ8zYCxVQPBUlPukLKSGvjHnejR0Muci_ARwt1Rx6c56tizrcosCIbNgQVxSEVWWCP9qHzbQW8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTgnWCTQOZCQbVGvfwwVsAAABKwAAAIB&google_gid=CAESEGJ2VMsko2GmTNfTqnBAG8U&google_cver=1&google_push=AYg5qPJGnz4vObxeC6a4-juOoHjZ8zYCxVQPBUlPukLKSGvjHnejR0Muci_ARwt1Rx6c56tizrcosCIbNgQVxSEVWWCP9qHzbQW8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTgnWCTQOZCQbVGvfwwVsAAABKwAAAIB&google_gid=CAESEGJ2VMsko2GmTNfTqnBAG8U&google_cver=1&google_push=AYg5qPJGnz4vObxeC6a4-juOoHjZ8zYCxVQPBUlPukLKSGvjHnejR0Muci_ARwt1Rx6c56tizrcosCIbNgQVxSEVWWCP9qHzbQW8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTgnWCTQOZCQbVGvfwwVsAAABKwAAAIB&google_gid=CAESEGJ2VMsko2GmTNfTqnBAG8U&google_cver=1&google_push=AYg5qPJGnz4vObxeC6a4-juOoHjZ8zYCxVQPBUlPukLKSGvjHnejR0Muci_ARwt1Rx6c56tizrcosCIbNgQVxSEVWWCP9qHzbQW8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTgnWCTQOZCQbVGvfwwVsAAABKwAAAIB&google_gid=CAESEGJ2VMsko2GmTNfTqnBAG8U&google_cver=1&google_push=AYg5qPJGnz4vObxeC6a4-juOoHjZ8zYCxVQPBUlPukLKSGvjHnejR0Muci_ARwt1Rx6c56tizrcosCIbNgQVxSEVWWCP9qHzbQW8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTgnWCTQOZCQbVGvfwwVsAAABKwAAAIB&google_gid=CAESEGJ2VMsko2GmTNfTqnBAG8U&google_cver=1&google_push=AYg5qPJGnz4vObxeC6a4-juOoHjZ8zYCxVQPBUlPukLKSGvjHnejR0Muci_ARwt1Rx6c56tizrcosCIbNgQVxSEVWWCP9qHzbQW8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTgnWCTQOZCQbVGvfwwVsAAABKwAAAIB&google_gid=CAESEGJ2VMsko2GmTNfTqnBAG8U&google_cver=1&google_push=AYg5qPJGnz4vObxeC6a4-juOoHjZ8zYCxVQPBUlPukLKSGvjHnejR0Muci_ARwt1Rx6c56tizrcosCIbNgQVxSEVWWCP9qHzbQW8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTgnWCTQOZCQbVGvfwwVsAAABKwAAAIB&google_gid=CAESEGJ2VMsko2GmTNfTqnBAG8U&google_cver=1&google_push=AYg5qPJGnz4vObxeC6a4-juOoHjZ8zYCxVQPBUlPukLKSGvjHnejR0Muci_ARwt1Rx6c56tizrcosCIbNgQVxSEVWWCP9qHzbQW8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTgnWCTQOZCQbVGvfwwVsAAABKwAAAIB&google_gid=CAESEGJ2VMsko2GmTNfTqnBAG8U&google_cver=1&google_push=AYg5qPJGnz4vObxeC6a4-juOoHjZ8zYCxVQPBUlPukLKSGvjHnejR0Muci_ARwt1Rx6c56tizrcosCIbNgQVxSEVWWCP9qHzbQW8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTgnWCTQOZCQbVGvfwwVsAAABKwAAAIB&google_gid=CAESEGJ2VMsko2GmTNfTqnBAG8U&google_cver=1&google_push=AYg5qPJGnz4vObxeC6a4-juOoHjZ8zYCxVQPBUlPukLKSGvjHnejR0Muci_ARwt1Rx6c56tizrcosCIbNgQVxSEVWWCP9qHzbQW8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTgnWCTQOZCQbVGvfwwVsAAABKwAAAIB&google_gid=CAESEGJ2VMsko2GmTNfTqnBAG8U&google_cver=1&google_push=AYg5qPJGnz4vObxeC6a4-juOoHjZ8zYCxVQPBUlPukLKSGvjHnejR0Muci_ARwt1Rx6c56tizrcosCIbNgQVxSEVWWCP9qHzbQW8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTgnWCTQOZCQbVGvfwwVsAAABKwAAAIB&google_gid=CAESEGJ2VMsko2GmTNfTqnBAG8U&google_cver=1&google_push=AYg5qPJGnz4vObxeC6a4-juOoHjZ8zYCxVQPBUlPukLKSGvjHnejR0Muci_ARwt1Rx6c56tizrcosCIbNgQVxSEVWWCP9qHzbQW8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTgnWCTQOZCQbVGvfwwVsAAABKwAAAIB&google_gid=CAESEGJ2VMsko2GmTNfTqnBAG8U&google_cver=1&google_push=AYg5qPJGnz4vObxeC6a4-juOoHjZ8zYCxVQPBUlPukLKSGvjHnejR0Muci_ARwt1Rx6c56tizrcosCIbNgQVxSEVWWCP9qHzbQW8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTgnWCTQOZCQbVGvfwwVsAAABKwAAAIB&google_gid=CAESEGJ2VMsko2GmTNfTqnBAG8U&google_cver=1&google_push=AYg5qPJGnz4vObxeC6a4-juOoHjZ8zYCxVQPBUlPukLKSGvjHnejR0Muci_ARwt1Rx6c56tizrcosCIbNgQVxSEVWWCP9qHzbQW8

78 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.kostenloses-gehaltskonto.info/ 26 KB
7 KB 136ms
37ms Document
text/html 85.13.154.215
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kostenloses-gehaltskonto.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 85.13.154.215 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd38406.kasserver.com
Software: Apache /
Resource Hash: d4ba8a0e32b18363b0f4d5d4c6834394bc221906943c85d379b266ea6fc94e1a

Request headers

:method: GET
:authority: www.kostenloses-gehaltskonto.info
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 03:00:38 GMT
server: Apache
vary: User-Agent,Accept-Encoding
last-modified: Tue, 07 Sep 2021 23:18:00 GMT
accept-ranges: bytes
content-encoding: br
cache-control: max-age=0, no-cache, no-store, must-revalidate
pragma: no-cache
expires: Mon, 29 Oct 1923 20:30:00 GMT
content-length: 7142
content-type: text/html; charset=UTF-8

GET
H2 200 a3ozg.css
www.kostenloses-gehaltskonto.info/wp-content/cache/wpfc-minified/dono8ug/ 110 KB
16 KB 101ms
100ms Stylesheet
text/css 85.13.154.215
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kostenloses-gehaltskonto.info/wp-content/cache/wpfc-minified/dono8ug/a3ozg.css
Requested by: Host: www.kostenloses-gehaltskonto.info
URL: https://www.kostenloses-gehaltskonto.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 85.13.154.215 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd38406.kasserver.com
Software: Apache /
Resource Hash: 7e6cfcd0eeff652443341f02008abd4bda6e1f0a61051ee16bfb95b825e030cd

Request headers

:path: /wp-content/cache/wpfc-minified/dono8ug/a3ozg.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.kostenloses-gehaltskonto.info
referer: https://www.kostenloses-gehaltskonto.info/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.kostenloses-gehaltskonto.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 03:00:38 GMT
content-encoding: br
last-modified: Fri, 12 Mar 2021 14:59:18 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 15920
expires: max-age=A10368000, public

GET
H2 200 4bjdt.css
www.kostenloses-gehaltskonto.info/wp-content/cache/wpfc-minified/87wbuga4/ 5 KB
2 KB 103ms
103ms Stylesheet
text/css 85.13.154.215
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kostenloses-gehaltskonto.info/wp-content/cache/wpfc-minified/87wbuga4/4bjdt.css
Requested by: Host: www.kostenloses-gehaltskonto.info
URL: https://www.kostenloses-gehaltskonto.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 85.13.154.215 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd38406.kasserver.com
Software: Apache /
Resource Hash: 11ccc0a424aecd62bfd266bdd4e9219a3c7cf7d3489b401699d636ec4bb8f26c

Request headers

:path: /wp-content/cache/wpfc-minified/87wbuga4/4bjdt.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.kostenloses-gehaltskonto.info
referer: https://www.kostenloses-gehaltskonto.info/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.kostenloses-gehaltskonto.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 03:00:38 GMT
content-encoding: br
last-modified: Wed, 09 Jun 2021 16:46:41 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 2161
expires: max-age=A10368000, public

GET
H2 200 a3ozg.js Show response
www.kostenloses-gehaltskonto.info/wp-content/cache/wpfc-minified/2mtuovpc/ 102 KB
34 KB 114ms
114ms Script
application/javascript 85.13.154.215
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kostenloses-gehaltskonto.info/wp-content/cache/wpfc-minified/2mtuovpc/a3ozg.js
Requested by: Host: www.kostenloses-gehaltskonto.info
URL: https://www.kostenloses-gehaltskonto.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 85.13.154.215 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd38406.kasserver.com
Software: Apache /
Resource Hash: 5c6d205e00151c569fa7befdff412e63efc57b98256e9e2f81be98b45e4759f0

Request headers

:path: /wp-content/cache/wpfc-minified/2mtuovpc/a3ozg.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.kostenloses-gehaltskonto.info
referer: https://www.kostenloses-gehaltskonto.info/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.kostenloses-gehaltskonto.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 03:00:38 GMT
content-encoding: br
last-modified: Fri, 12 Mar 2021 14:59:18 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 34394
expires: max-age=A10368000, public

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 138 KB
49 KB 46ms
24ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.kostenloses-gehaltskonto.info
URL: https://www.kostenloses-gehaltskonto.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f91c0368ad1a0e7d13c698b8386d77446632e1eab541eba9a1e8ca08ba80257e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kostenloses-gehaltskonto.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 03:00:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49534
x-xss-protection: 0
server: cafe
etag: 8723469944949578949
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 08 Sep 2021 03:00:39 GMT

GET
H2

200

000002080817.gif
imagesrv.adition.com/banners/3282/files/00/1f/c0/31/
Redirect Chain

https://www.financeads.net/tb.php?t=14432V87024051B&https=1
https://ad13.adfarm1.adition.com/banner?sid=4529260&kid=3627325&bid=11095756
https://imagesrv.adition.com/banners/3282/files/00/1f/c0/31/000002080817.gif

44 KB
45 KB

42ms
17ms

Image
image/gif

217.79.188.10
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/banners/3282/files/00/1f/c0/31/000002080817.gif
Requested by: Host: www.kostenloses-gehaltskonto.info
URL: https://www.kostenloses-gehaltskonto.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: db5b0322622e261d0b5e4402fd562ea9b734e8c3bb4e9b15e1e9896d7d2c9d06

Request headers

Referer: https://www.kostenloses-gehaltskonto.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 08 Sep 2021 03:00:39 GMT
last-modified: Fri, 18 Jun 2021 15:50:30 GMT
accept-ranges: bytes
etag: "1309295430"
content-length: 45470
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 08 Sep 2021 05:00:39 +0200
server: ADITIONSERVER v1.0
etag: 7005392474993132774
p3p: policyref="https://imagesrv.adition.com/w3c/p3p-ssl.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
location: https://imagesrv.adition.com/banners/3282/files/00/1f/c0/31/000002080817.gif
cache-control: no-cache
content-type: text/plain
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 DKB.png
kostenloses-gehaltskonto.info/images/ 2 KB
2 KB 113ms
80ms Image
image/png 85.13.154.215
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kostenloses-gehaltskonto.info/images/DKB.png
Requested by: Host: www.kostenloses-gehaltskonto.info
URL: https://www.kostenloses-gehaltskonto.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 85.13.154.215 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd38406.kasserver.com
Software: Apache /
Resource Hash: 03f53060bae589b5abaacc33187ca111bb50becfe726bf03c28b5aeb30302ad0

Request headers

Referer: https://www.kostenloses-gehaltskonto.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 03:00:39 GMT
last-modified: Sat, 29 Feb 2020 08:39:57 GMT
server: Apache
content-type: image/png
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 2422
expires: max-age=A10368000, public

GET
H2 200 comdirect.png
www.kostenloses-gehaltskonto.info/images/ 2 KB
2 KB 67ms
66ms Image
image/png 85.13.154.215
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kostenloses-gehaltskonto.info/images/comdirect.png
Requested by: Host: www.kostenloses-gehaltskonto.info
URL: https://www.kostenloses-gehaltskonto.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 85.13.154.215 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd38406.kasserver.com
Software: Apache /
Resource Hash: 8a62462c9d59233753c6196a3fce0ea5b1261f404324d2463ed30eefdba68164

Request headers

:path: /images/comdirect.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.kostenloses-gehaltskonto.info
referer: https://www.kostenloses-gehaltskonto.info/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.kostenloses-gehaltskonto.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 03:00:39 GMT
last-modified: Sat, 29 Feb 2020 08:39:56 GMT
server: Apache
content-type: image/png
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 2108
expires: max-age=A10368000, public

GET
H2 200 norisbank.png
kostenloses-gehaltskonto.info/images/ 1 KB
1 KB 112ms
80ms Image
image/png 85.13.154.215
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kostenloses-gehaltskonto.info/images/norisbank.png
Requested by: Host: www.kostenloses-gehaltskonto.info
URL: https://www.kostenloses-gehaltskonto.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 85.13.154.215 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd38406.kasserver.com
Software: Apache /
Resource Hash: 7ab0dedbc6ec3d4d93dce2f047b634bb655782bf46fee848d63e571d26ce4131

Request headers

Referer: https://www.kostenloses-gehaltskonto.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 03:00:39 GMT
last-modified: Sat, 29 Feb 2020 08:39:58 GMT
server: Apache
content-type: image/png
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 1143
expires: max-age=A10368000, public

GET
H2 200 navigation.min.js Show response
www.kostenloses-gehaltskonto.info/wp-content/themes/tortuga/assets/js/ 2 KB
710 B 47ms
47ms Script
application/javascript 85.13.154.215
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kostenloses-gehaltskonto.info/wp-content/themes/tortuga/assets/js/navigation.min.js?ver=20200822
Requested by: Host: www.kostenloses-gehaltskonto.info
URL: https://www.kostenloses-gehaltskonto.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 85.13.154.215 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd38406.kasserver.com
Software: Apache /
Resource Hash: 294250100f6d8e424a4e75c49539f5281bd308b22039e01f1cc86f94dee17e79

Request headers

:path: /wp-content/themes/tortuga/assets/js/navigation.min.js?ver=20200822
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.kostenloses-gehaltskonto.info
referer: https://www.kostenloses-gehaltskonto.info/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.kostenloses-gehaltskonto.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 03:00:39 GMT
content-encoding: br
last-modified: Thu, 26 Aug 2021 12:08:26 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 630
expires: max-age=A10368000, public

GET
H2 200 wp-embed.min.js Show response
www.kostenloses-gehaltskonto.info/wp-includes/js/ 1 KB
720 B 57ms
56ms Script
application/javascript 85.13.154.215
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kostenloses-gehaltskonto.info/wp-includes/js/wp-embed.min.js?ver=5.8
Requested by: Host: www.kostenloses-gehaltskonto.info
URL: https://www.kostenloses-gehaltskonto.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 85.13.154.215 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd38406.kasserver.com
Software: Apache /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

:path: /wp-includes/js/wp-embed.min.js?ver=5.8
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.kostenloses-gehaltskonto.info
referer: https://www.kostenloses-gehaltskonto.info/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.kostenloses-gehaltskonto.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 03:00:39 GMT
content-encoding: br
last-modified: Wed, 03 Feb 2021 22:12:31 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 663
expires: max-age=A10368000, public

GET
H2 200 genericons-neue.svg
www.kostenloses-gehaltskonto.info/wp-content/themes/tortuga/assets/icons/ 27 KB
8 KB 90ms
90ms Other
image/svg+xml 85.13.154.215
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kostenloses-gehaltskonto.info/wp-content/themes/tortuga/assets/icons/genericons-neue.svg
Requested by: Host: www.kostenloses-gehaltskonto.info
URL: https://www.kostenloses-gehaltskonto.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 85.13.154.215 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd38406.kasserver.com
Software: Apache /
Resource Hash: 1ef564b89fc8b8baa6609f30535c85a5f7e793f16879169cbf7a8987fd85405d

Request headers

:path: /wp-content/themes/tortuga/assets/icons/genericons-neue.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: same-origin
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.kostenloses-gehaltskonto.info
referer: https://www.kostenloses-gehaltskonto.info/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.kostenloses-gehaltskonto.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 03:00:39 GMT
content-encoding: gzip
last-modified: Thu, 26 Aug 2021 12:08:26 GMT
server: Apache
vary: Accept-Encoding,User-Agent
content-type: image/svg+xml
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 8122
expires: max-age=A10368000, public

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
www.kostenloses-gehaltskonto.info/wp-content/fonts/open-sans/ 14 KB
14 KB 85ms
85ms Font
application/font-woff2 85.13.154.215
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kostenloses-gehaltskonto.info/wp-content/fonts/open-sans/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by: Host: www.kostenloses-gehaltskonto.info
URL: https://www.kostenloses-gehaltskonto.info/wp-content/cache/wpfc-minified/dono8ug/a3ozg.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 85.13.154.215 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd38406.kasserver.com
Software: Apache /
Resource Hash: 9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Request headers

:path: /wp-content/fonts/open-sans/mem8YaGs126MiZpBA-UFVZ0b.woff2
pragma: no-cache
origin: https://www.kostenloses-gehaltskonto.info
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.kostenloses-gehaltskonto.info
referer: https://www.kostenloses-gehaltskonto.info/wp-content/cache/wpfc-minified/dono8ug/a3ozg.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.kostenloses-gehaltskonto.info
Referer: https://www.kostenloses-gehaltskonto.info/wp-content/cache/wpfc-minified/dono8ug/a3ozg.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 03:00:39 GMT
last-modified: Tue, 16 Feb 2021 17:24:09 GMT
server: Apache
content-type: application/font-woff2
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 14380
expires: max-age=A10368000, public

GET
H2 200 NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2
www.kostenloses-gehaltskonto.info/wp-content/fonts/titillium-web/ 12 KB
12 KB 85ms
84ms Font
application/font-woff2 85.13.154.215
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kostenloses-gehaltskonto.info/wp-content/fonts/titillium-web/NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2
Requested by: Host: www.kostenloses-gehaltskonto.info
URL: https://www.kostenloses-gehaltskonto.info/wp-content/cache/wpfc-minified/dono8ug/a3ozg.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 85.13.154.215 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd38406.kasserver.com
Software: Apache /
Resource Hash: 5fa20d91c9e94f0dcd1398f5e8909706c437748ca1800616ee76deb6cefbdf03

Request headers

:path: /wp-content/fonts/titillium-web/NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2
pragma: no-cache
origin: https://www.kostenloses-gehaltskonto.info
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.kostenloses-gehaltskonto.info
referer: https://www.kostenloses-gehaltskonto.info/wp-content/cache/wpfc-minified/dono8ug/a3ozg.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.kostenloses-gehaltskonto.info
Referer: https://www.kostenloses-gehaltskonto.info/wp-content/cache/wpfc-minified/dono8ug/a3ozg.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 03:00:39 GMT
last-modified: Tue, 16 Feb 2021 17:24:10 GMT
server: Apache
content-type: application/font-woff2
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 12356
expires: max-age=A10368000, public

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
www.kostenloses-gehaltskonto.info/wp-content/fonts/open-sans/ 15 KB
15 KB 85ms
84ms Font
application/font-woff2 85.13.154.215
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kostenloses-gehaltskonto.info/wp-content/fonts/open-sans/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
Requested by: Host: www.kostenloses-gehaltskonto.info
URL: https://www.kostenloses-gehaltskonto.info/wp-content/cache/wpfc-minified/dono8ug/a3ozg.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 85.13.154.215 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd38406.kasserver.com
Software: Apache /
Resource Hash: 74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b

Request headers

:path: /wp-content/fonts/open-sans/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
pragma: no-cache
origin: https://www.kostenloses-gehaltskonto.info
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.kostenloses-gehaltskonto.info
referer: https://www.kostenloses-gehaltskonto.info/wp-content/cache/wpfc-minified/dono8ug/a3ozg.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.kostenloses-gehaltskonto.info
Referer: https://www.kostenloses-gehaltskonto.info/wp-content/cache/wpfc-minified/dono8ug/a3ozg.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 03:00:39 GMT
last-modified: Tue, 16 Feb 2021 17:24:09 GMT
server: Apache
content-type: application/font-woff2
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 15056
expires: max-age=A10368000, public

GET
H2 200 gehaltskonto.png
www.kostenloses-gehaltskonto.info/wp-content/uploads/2021/07/ 157 KB
158 KB 104ms
104ms Image
image/png 85.13.154.215
02742 Friedersdor...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kostenloses-gehaltskonto.info/wp-content/uploads/2021/07/gehaltskonto.png
Requested by: Host: www.kostenloses-gehaltskonto.info
URL: https://www.kostenloses-gehaltskonto.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 85.13.154.215 , Germany, ASN34788 (NMM-AS D - 02742 Friedersdorf Hauptstrasse 68, DE),
Reverse DNS: dd38406.kasserver.com
Software: Apache /
Resource Hash: 7a24ae8b0781e79b1049799806f6b836b4dc8a7cb5e6bdc218bc527fabef0a89

Request headers

:path: /wp-content/uploads/2021/07/gehaltskonto.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.kostenloses-gehaltskonto.info
referer: https://www.kostenloses-gehaltskonto.info/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.kostenloses-gehaltskonto.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 03:00:39 GMT
last-modified: Fri, 30 Jul 2021 14:58:40 GMT
server: Apache
content-type: image/png
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 160747
expires: max-age=A10368000, public

GET
H/1.1

200
OK

3002501.gif
www.fndsda.net/b/DKB/
Redirect Chain

https://www.financeads.net/tb.php?t=21534V10310033B&https=1
https://www.fndsda.net/b/DKB/3002501.gif

31 KB
31 KB

65ms
22ms

Image
image/gif

2a01:488:42:1000:57e6:68d2:a:18a3
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fndsda.net/b/DKB/3002501.gif
Requested by: Host: www.kostenloses-gehaltskonto.info
URL: https://www.kostenloses-gehaltskonto.info/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:488:42:1000:57e6:68d2:a:18a3 , Germany, ASN20773 (GODADDY, DE),
Reverse DNS
Software: Apache /
Resource Hash: 96b66b881e6ba46816cf5bec349223db437dc39c7878788f22e94f36a37dfbea

Request headers

Referer: https://www.kostenloses-gehaltskonto.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 08 Sep 2021 03:00:39 GMT
Last-Modified: Wed, 13 Dec 2017 16:43:32 GMT
Server: Apache
ETag: "7b55-5603b77c8a4b5"
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 31573

Redirect headers

Date: Wed, 08 Sep 2021 03:00:39 GMT
Server: Apache/2.4.48 (Ubuntu)
Location: https://www.fndsda.net/b/DKB/3002501.gif
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, no-store, no-cache, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 0

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109010101/ 250 KB
93 KB 44ms
29ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2543616685264635&plah=www.kostenloses-gehaltskonto.info

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4bbffa1acf6a9075afa65f56d16c43d166357319fd23eed5b196c5a6ebc7bccf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kostenloses-gehaltskonto.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 03:00:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95235
x-xss-protection: 0
server: cafe
etag: 5147314901346136273
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 08 Sep 2021 03:00:39 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210901/r20190131/ Frame 2C53 10 KB
5 KB 27ms
6ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210901/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210901/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kostenloses-gehaltskonto.info/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.kostenloses-gehaltskonto.info/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 07 Sep 2021 04:03:18 GMT
expires: Tue, 21 Sep 2021 04:03:18 GMT
content-type: text/html; charset=UTF-8
etag: 13836150016441684253
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4591
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 82641
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ca-pub-2543616685264635 Show response
fundingchoicesmessages.google.com/i/ 93 KB
35 KB 58ms
39ms Script
application/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-2543616685264635?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109010101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2543616685264635&plah=www.kostenloses-gehaltskonto.info

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

194fb35f86c6693a5fe90ddc958e4ee5cde739a0727cb982b4d8ba65b7c60796

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-dGzzIIZK44/Rd/hmXo+FQw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-dGzzIIZK44/Rd/hmXo+FQw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.kostenloses-gehaltskonto.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: script-src 'report-sample' 'nonce-dGzzIIZK44/Rd/hmXo+FQw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-dGzzIIZK44/Rd/hmXo+FQw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
date: Wed, 08 Sep 2021 03:00:39 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3-29 204 AGSKWxVIpHqIHb63AOohaGXUtJo0cke29kJk1NgFXmjFJPW12PSgB0fW7sBn4aeLLN9pindV5SPbXm7NW3YPKlncc5Y= Show response
fundingchoicesmessages.google.com/el/ 0
26 B 34ms
21ms XHR
text/html 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVIpHqIHb63AOohaGXUtJo0cke29kJk1NgFXmjFJPW12PSgB0fW7sBn4aeLLN9pindV5SPbXm7NW3YPKlncc5Y=?pvid=2F957E0C-5426-4B76-8D56-15BE2F04259C&anonid=76443F17-1D9E-4A92-9A2C-632CA4C385CD

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.en_US.CRPl7cMoOK8.es5.O/d=1/rs=AJlcJMzb_F0mAR5NsX9C4rTyvYc95oDEiA/m=loader_js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5Nepn7t9mmfoFQsbwbzqFg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-5Nepn7t9mmfoFQsbwbzqFg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.kostenloses-gehaltskonto.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 08 Sep 2021 03:00:39 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.kostenloses-gehaltskonto.info
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-5Nepn7t9mmfoFQsbwbzqFg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-5Nepn7t9mmfoFQsbwbzqFg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 AGSKWxXUsZpdrL85m9LC9uiWTj4lBiSaOTKr8ksPHWf9M-RMTAqn6e-S9LQSmEfxjSqZC7anoYBqtscN_l_mfsAzOe0= Show response
fundingchoicesmessages.google.com/f/ 65 KB
25 KB 57ms
43ms Script
application/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXUsZpdrL85m9LC9uiWTj4lBiSaOTKr8ksPHWf9M-RMTAqn6e-S9LQSmEfxjSqZC7anoYBqtscN_l_mfsAzOe0=?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCwyLFsxNjMxMDcwMDM5LDQxMDAwMDAwMF0sIjJGOTU3RTBDLTU0MjYtNEI3Ni04RDU2LTE1QkUyRjA0MjU5QyIsIjc2NDQzRjE3LTFEOUUtNEE5Mi05QTJDLTYzMkNBNEMzODVDRCIsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL3d3dy5rb3N0ZW5sb3Nlcy1nZWhhbHRza29udG8uaW5mby8iXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.en_US.CRPl7cMoOK8.es5.O/d=1/rs=AJlcJMzb_F0mAR5NsX9C4rTyvYc95oDEiA/m=loader_js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

22746a14e8cc7bd60d7aa6abe86d65fb0415846739b2a46c818509f39edd553f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cDuN4f06hS80FlPXhlZkPQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-cDuN4f06hS80FlPXhlZkPQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.kostenloses-gehaltskonto.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Sep 2021 03:00:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-cDuN4f06hS80FlPXhlZkPQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-cDuN4f06hS80FlPXhlZkPQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 219 B
669 B 38ms
16ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.kostenloses-gehaltskonto.info&callback=_gfp_s_&client=ca-pub-2543616685264635

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

7a10f5b0983a5030c2624a206bc486e370909c27849f7cbecb7c06fcaa6920c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kostenloses-gehaltskonto.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 03:00:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 204
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 36ms
15ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.kostenloses-gehaltskonto.info

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kostenloses-gehaltskonto.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 08 Sep 2021 03:00:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 35ms
14ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.kostenloses-gehaltskonto.info

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kostenloses-gehaltskonto.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 08 Sep 2021 03:00:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2F24 97 KB
25 KB 567ms
553ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2543616685264635&output=html&adk=1812271804&adf=3025194257&lmt=1631056680&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&tp=site_kit&format=0x0&url=https%3A%2F%2Fwww.kostenloses-gehaltskonto.info%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1631070039214&bpp=3&bdt=239&idt=73&shv=r20210901&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=600248889390&frm=20&pv=2&ga_vid=1494432372.1631070039&ga_sid=1631070039&ga_hid=330435743&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31060048%2C31062297&oid=3&pvsid=3913625348242709&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=207

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5cef8b108e3cc91a217027830a3ed8aebacc112698edc216f42dd1acf8fe690

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?us_privacy=1---&client=ca-pub-2543616685264635&output=html&adk=1812271804&adf=3025194257&lmt=1631056680&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&tp=site_kit&format=0x0&url=https%3A%2F%2Fwww.kostenloses-gehaltskonto.info%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1631070039214&bpp=3&bdt=239&idt=73&shv=r20210901&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=600248889390&frm=20&pv=2&ga_vid=1494432372.1631070039&ga_sid=1631070039&ga_hid=330435743&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31060048%2C31062297&oid=3&pvsid=3913625348242709&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=207
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kostenloses-gehaltskonto.info/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.kostenloses-gehaltskonto.info/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 08 Sep 2021 03:00:39 GMT
server: cafe
content-length: 25457
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 08-Sep-2021 03:15:39 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 08 Sep 2021 03:00:39 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 36ms
15ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fecb5df18e8faa43dc3aa3f49ffd7224c84e378eb7514326a9ca3757a42daf35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kostenloses-gehaltskonto.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 03:00:39 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630694577084272"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27575
x-xss-protection: 0
expires: Wed, 08 Sep 2021 03:00:39 GMT

POST
H3-29 204 AGSKWxUyMhZEW4nZH5LBeG261FfNZO6TFnMv4KPAIyuQuxU_-IH10yHelTN7bv9sc3aG4gKqb98DjmOe9XxIYSZbk5fR8Tn9_JllnEn2RapyYQf1UccHaL5RWKMz8kZEMgWEV6UXyum8bJJYeU6linQPbxIjV1lKPUZnEMRFZYwoozsL9Ti7wEIiNZfxomtz Show response
fundingchoicesmessages.google.com/el/ 0
26 B 18ms
18ms XHR
text/html 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUyMhZEW4nZH5LBeG261FfNZO6TFnMv4KPAIyuQuxU_-IH10yHelTN7bv9sc3aG4gKqb98DjmOe9XxIYSZbk5fR8Tn9_JllnEn2RapyYQf1UccHaL5RWKMz8kZEMgWEV6UXyum8bJJYeU6linQPbxIjV1lKPUZnEMRFZYwoozsL9Ti7wEIiNZfxomtz

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabCcpaWebSignalJs.en_US.IaibfYlP6rc.es5.O/d=1/rs=AJlcJMzm-c1qVe4uJJc9Q8c-bSJ7QSufKw/m=iabccpawebsignalscript

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8jE8q10v43hVMBJvFO8TZQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-8jE8q10v43hVMBJvFO8TZQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.kostenloses-gehaltskonto.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 08 Sep 2021 03:00:39 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.kostenloses-gehaltskonto.info
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-8jE8q10v43hVMBJvFO8TZQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-8jE8q10v43hVMBJvFO8TZQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3-29 204 AGSKWxUyMhZEW4nZH5LBeG261FfNZO6TFnMv4KPAIyuQuxU_-IH10yHelTN7bv9sc3aG4gKqb98DjmOe9XxIYSZbk5fR8Tn9_JllnEn2RapyYQf1UccHaL5RWKMz8kZEMgWEV6UXyum8bJJYeU6linQPbxIjV1lKPUZnEMRFZYwoozsL9Ti7wEIiNZfxomtz Show response
fundingchoicesmessages.google.com/el/ 0
27 B 57ms
56ms XHR
text/html 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-+Ml/a04FcZZgBm/L57XAZw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-+Ml/a04FcZZgBm/L57XAZw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.kostenloses-gehaltskonto.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 08 Sep 2021 03:00:39 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.kostenloses-gehaltskonto.info
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-+Ml/a04FcZZgBm/L57XAZw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-+Ml/a04FcZZgBm/L57XAZw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 AGSKWxWO5IXdVViuj1N2sBOjK9JV69VJyF43mn_wou78PhBjDnwi2tLSTD1nsnTmRClbHoezncZNHbD7tFLGiWIys23jaDrRee-8nzyoDyMcCDNWHcOFzqMQnE09OS0oADvT7JQVrA79iar_LxFNPHItVhTRoWTS9rz0H2y5bM8k3xbAdBG5T9JxsKDG7plX Show response
fundingchoicesmessages.google.com/f/ 69 KB
25 KB 48ms
48ms Script
application/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWO5IXdVViuj1N2sBOjK9JV69VJyF43mn_wou78PhBjDnwi2tLSTD1nsnTmRClbHoezncZNHbD7tFLGiWIys23jaDrRee-8nzyoDyMcCDNWHcOFzqMQnE09OS0oADvT7JQVrA79iar_LxFNPHItVhTRoWTS9rz0H2y5bM8k3xbAdBG5T9JxsKDG7plX?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCwyLFsxNjMxMDcwMDM5LDUwMjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTBdXSwiaHR0cHM6Ly93d3cua29zdGVubG9zZXMtZ2VoYWx0c2tvbnRvLmluZm8vIl0

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8f8a6a29ff500eb70cb576a426aae9a3f1c003b4bdacd7abe57523cf1c17343b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-VZ9vrKWlLi1VFBReGgeg3g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-VZ9vrKWlLi1VFBReGgeg3g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.kostenloses-gehaltskonto.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 03:00:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-VZ9vrKWlLi1VFBReGgeg3g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-VZ9vrKWlLi1VFBReGgeg3g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2F24 0
20 B 14ms
13ms Ping
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=jca&jc=39&version=r20210901&sample=0.01

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2543616685264635&output=html&adk=1812271804&adf=3025194257&lmt=1631056680&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&tp=site_kit&format=0x0&url=https%3A%2F%2Fwww.kostenloses-gehaltskonto.info%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1631070039214&bpp=3&bdt=239&idt=73&shv=r20210901&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=600248889390&frm=20&pv=2&ga_vid=1494432372.1631070039&ga_sid=1631070039&ga_hid=330435743&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31060048%2C31062297&oid=3&pvsid=3913625348242709&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=207

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 08 Sep 2021 03:00:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 33ms
18ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210901&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a8a60196ba070783797c4fae3d4df9c724bc2fb4c4acf410dfd76df035a2ef3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kostenloses-gehaltskonto.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 08 Sep 2021 03:00:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8455
x-xss-protection: 0

GET
H3-29 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109010101/ 145 KB
52 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109010101/reactive_library_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d2b02eca4e6332789f66abc521c2ad55f0b0f10195faecc3f2c95202caa8113

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kostenloses-gehaltskonto.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 03:00:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53146
x-xss-protection: 0
server: cafe
etag: 14342998749682800385
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Sep 2021 03:00:40 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 31ms
14ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.kostenloses-gehaltskonto.info

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kostenloses-gehaltskonto.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 08 Sep 2021 03:00:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 31ms
15ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.kostenloses-gehaltskonto.info

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kostenloses-gehaltskonto.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 08 Sep 2021 03:00:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1799 88 KB
30 KB 545ms
544ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2543616685264635&output=html&h=280&adk=1341286740&adf=1432020658&pi=t.aa~a.456865971~i.33~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1631056680&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8070071204&tp=site_kit&psa=0&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fwww.kostenloses-gehaltskonto.info%2F&flash=0&fwr=0&pra=3&rh=200&rw=1205&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1631070040030&bpp=3&bdt=1055&idt=3&shv=r20210901&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db0ad9ed43d4bd537-225dccb4e2ca0083%3AT%3D1631070039%3ART%3D1631070039%3AS%3DALNI_MaxLC90CLfsH2xNPcvam6UIiRjEwQ&prev_fmts=0x0&nras=2&correlator=600248889390&frm=20&pv=1&ga_vid=1494432372.1631070039&ga_sid=1631070039&ga_hid=330435743&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31060048%2C31062297&oid=3&pvsid=3913625348242709&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Fce4vHVuyF&p=https%3A//www.kostenloses-gehaltskonto.info&dtd=13

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1206830b4792a25bcbe4d37d201c969547740be84b25e16c3b1c579ddc797dde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?us_privacy=1---&client=ca-pub-2543616685264635&output=html&h=280&adk=1341286740&adf=1432020658&pi=t.aa~a.456865971~i.33~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1631056680&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8070071204&tp=site_kit&psa=0&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fwww.kostenloses-gehaltskonto.info%2F&flash=0&fwr=0&pra=3&rh=200&rw=1205&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1631070040030&bpp=3&bdt=1055&idt=3&shv=r20210901&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db0ad9ed43d4bd537-225dccb4e2ca0083%3AT%3D1631070039%3ART%3D1631070039%3AS%3DALNI_MaxLC90CLfsH2xNPcvam6UIiRjEwQ&prev_fmts=0x0&nras=2&correlator=600248889390&frm=20&pv=1&ga_vid=1494432372.1631070039&ga_sid=1631070039&ga_hid=330435743&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31060048%2C31062297&oid=3&pvsid=3913625348242709&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Fce4vHVuyF&p=https%3A//www.kostenloses-gehaltskonto.info&dtd=13
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kostenloses-gehaltskonto.info/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.kostenloses-gehaltskonto.info/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 08 Sep 2021 03:00:40 GMT
server: cafe
content-length: 30311
x-xss-protection: 0
set-cookie: IDE=AHWqTUkoIDs-6lvRhJhNglYm1m-FSXLMw8VWrsD99bC_KwdcwEQpiR-hSvKyfRanfZ0; expires=Mon, 03-Oct-2022 03:00:40 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 08 Sep 2021 03:00:40 GMT
cache-control: private

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 56ms
28ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kostenloses-gehaltskonto.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 03:00:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Wed, 08 Sep 2021 03:00:40 GMT

GET
H3-29 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210901/r20110914/ Frame B9EF 10 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210901/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210901/r20110914/zrt_lookup.html?fsb=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kostenloses-gehaltskonto.info/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.kostenloses-gehaltskonto.info/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 07 Sep 2021 19:57:03 GMT
expires: Tue, 21 Sep 2021 19:57:03 GMT
content-type: text/html; charset=UTF-8
etag: 13836150016441684253
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4591
x-xss-protection: 0
age: 25417
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 e97fc1f500c2ba07d7ae78e11e245b27.js Show response
www.gstatic.com/mysidia/ Frame B9EF 7 KB
4 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e97fc1f500c2ba07d7ae78e11e245b27.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210901/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8f8cdb5aeedf4b9737a05e36cdff6236915390471280befa4ead41179bdd408

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 13:38:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 134503
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3150
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 06:59:22 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 05 Dec 2021 13:38:57 GMT

GET
H2 200 657081d252e7e20d644f411c068fca8c.js Show response
www.gstatic.com/mysidia/ Frame B9EF 8 KB
3 KB 27ms
7ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/657081d252e7e20d644f411c068fca8c.js?tag=text/vanilla_cta_animation_title_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210901/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c430f644efb55920d9c3d0534971f41cba4f896ab5e58b91e588decf05972731

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 04:37:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 166987
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3417
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 06:59:22 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 05 Dec 2021 04:37:33 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame B9EF 2 KB
616 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210901/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

731ee3bbaa9f2fd92879f9087c9fbbf7438d3a52595c6c8a8020bb2a69b7afd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 08 Sep 2021 01:47:01 GMT
server: ESF
date: Wed, 08 Sep 2021 03:00:40 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Sep 2021 03:00:40 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210901/r20110914/client/ Frame B9EF 1 KB
937 B 8ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210901/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210901/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 02:22:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2294
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 830
x-xss-protection: 0
server: cafe
etag: 3558876194914413708
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Sep 2021 02:22:26 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210901/r20110914/ Frame B9EF 18 KB
8 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210901/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210901/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 02:47:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 806
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7645
x-xss-protection: 0
server: cafe
etag: 13200147268341533873
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Sep 2021 02:47:14 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210901/r20110914/client/ Frame B9EF 2 KB
1 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210901/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210901/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 02:44:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 942
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Sep 2021 02:44:58 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B9EF 122 KB
37 KB 28ms
14ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210901/r20110914/zrt_lookup.html?fsb=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e252ba74aa8caecb5f589b938c9835c9c5bee271acd0db7f6fdaeaaa6f91f310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 03:00:40 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630694592982793"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37796
x-xss-protection: 0
expires: Wed, 08 Sep 2021 03:00:40 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210901/r20110914/client/ Frame B9EF 14 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210901/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210901/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 02:35:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1490
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6183
x-xss-protection: 0
server: cafe
etag: 901432759052127119
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Sep 2021 02:35:50 GMT

GET
H2 200 550517e8bc13b6c9510094b6b7001d9c.js Show response
www.gstatic.com/mysidia/ Frame B9EF 26 KB
11 KB 26ms
7ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/550517e8bc13b6c9510094b6b7001d9c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210901/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5469740595a44003b8884f40783d63ac3c9b57e1a00ad6f29c4fff55153717de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 08:35:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66322
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10776
x-xss-protection: 0
last-modified: Thu, 02 Sep 2021 17:32:58 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 06 Dec 2021 08:35:18 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 93CE 12 KB
5 KB 24ms
6ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kostenloses-gehaltskonto.info/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.kostenloses-gehaltskonto.info/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Tue, 07 Sep 2021 22:52:47 GMT
expires: Wed, 07 Sep 2022 22:52:47 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 14873
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8460 783 B
829 B 18ms
16ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

705f9f58c0bbc4fa3aea96fa6d851983c081310f722732c33a9ac160baed5541

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-sHSVuV7KC5MJOKRpCmu5qA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kostenloses-gehaltskonto.info/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.kostenloses-gehaltskonto.info/

Response headers

expires: Wed, 08 Sep 2021 03:00:40 GMT
date: Wed, 08 Sep 2021 03:00:40 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-sHSVuV7KC5MJOKRpCmu5qA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/12248752810698652184/ Frame B9EF 1 KB
1 KB 13ms
7ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12248752810698652184/downsize_200k_v1?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210901/r20110914/zrt_lookup.html?fsb=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1469bfac3cbb77919db3c1240a038ac2913058898231d9c02500eb68c4f99257

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 11:44:23 GMT
x-content-type-options: nosniff
age: 141377
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1243
x-xss-protection: 0
last-modified: Fri, 03 Jul 2020 15:49:33 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Sep 2022 11:44:23 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame B9EF 0
0 18ms
18ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CBU2MVyc4YefXG5LLx_APs8-o4APk94r7ZJOY1vW9DpaCzYWIFhABIMODzwpglQKgAfbpzr8DyAEBqQKVeWpAXxKAPqgDAaoE2wFP0GCu0D1bsBExXXBM4pYE8GQOPXa7S1MpLsu-7kcyJb9ER31pSJtixAjGlkucBJ8_kHF1XIL22oIXNSSs3sWRIeGuDWrrh8--f0gLZbV4Y-yKXjoT-EVICNP4abDuYiciiqFsO6ElnbCEzOQ5qTh8VtL8Qm348C3WFzo9WDZvGG-CWkgyjJu6iC9skolYsvCh3qhWjBSw2vHf0MfEPFbAy3BaacjEmS-bjriFWLApyLFb9KrIercTqd64myM4YSfk3uekaeNT4R3IjUFs9woV8RlY_8E16ABWtLDABOGx9K_iA5IFBAgEGAGSBQQIBRgEgAfylbFAqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G9gHAfIHBRDmkbsB0ggJCIDhgBAQARgfgAoByAsB2BMNiBQC0BUBmBYBgBcBshccChoIABIUcHViLTI1NDM2MTY2ODUyNjQ2MzUYAA&sigh=bksRJIH95LA&template_id=5001

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210901/r20110914/zrt_lookup.html?fsb=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20210901/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 08 Sep 2021 03:00:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 08 Sep 2021 03:00:40 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FFBA 143 B
163 B 6ms
5ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210901/r20110914/zrt_lookup.html?fsb=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/html/r20210901/r20110914/zrt_lookup.html?fsb=1
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/html/r20210901/r20110914/zrt_lookup.html?fsb=1

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 08 Sep 2021 02:02:16 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 3504
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame B9EF 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b77621fada04dda16329697bdf4775eabe231c6c836892112c1dcb3aaa708e7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FFBA
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

14ms
14ms

Document
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210901/r20110914/zrt_lookup.html?fsb=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmv33brbiwVWMxxdRkeZ4iL1gvmoGUGuAyVujsp3wmJ7lrTTjHJG-b8rXoPvQ4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 08 Sep 2021 03:00:40 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Wed, 08-Sep-2021 04:00:40 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 08 Sep 2021 03:00:40 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 08 Sep 2021 03:00:40 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 rWlMBfa9MpU8odUgYO2XS-jQK_KO9aJyNzJvjgjzx8o.js Show response
pagead2.googlesyndication.com/bg/ Frame 93CE 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rWlMBfa9MpU8odUgYO2XS-jQK_KO9aJyNzJvjgjzx8o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad694c05f6bd32953ca1d52060ed974be8d02bf28ef5a27237326f8e08f3c7ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 14:32:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44887
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13326
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 12:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 07 Sep 2022 14:32:33 GMT

GET
H3-29 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 18ms
18ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20210901&jk=3913625348242709&bg=!QUKlQgbNAAYJpm41CaY7ACkAdvg8WqH2gWarOfluI2ls8-Ls-TIwqSIH46KJhOGJH6fwjMEei8349wIAAABZUgAAAAtoAQcKAEyqW_wIleftOmFLEt8uclx0058J_UQtGd0kQjRiRLGPFyEGopl-cooYH8qqyncFYv5eQ5FPGg-ctFXFwNndY3nmAUfoSVy56tEqdsR3mQKPcbIJPEPZbzhCUmlsVw9rQPlNRc4AwRcMHLYEWAa1Uci1lFz1pNC2wWPSV-WdnygdDN8eUiCg9k4PU-EhjOIVVdAVyX7QvUoHSlNpDhXaQ3megq1usJlbUC_1Q7DT-2GGWPiVCBMxq5zzX33fzQbUoYkRTPyz52nTw4093Dcv2PC6LxIHDBqPt7SEn8Yg6hRJA-5dT_4psX-Z555tbAQkwV-GtXbltsAwIg9XrkFZJZlS4zc2EKv_APNeO5_KFUsu75maWBLdp78G3Z5j09DSqfUrkOEb-QWOJjtAIP7lPYJQCW2jphRHTwzMjzN3yT1e3ZftwL7uiHLHQtXTKTOfm_QAqjEHBdJ7gm0fRTzutkCYhURuekh3r1cGJVDY4z0RcMnku2IUc7gQux3MRg_bYJ9rxPB0L-NhYgJivWz25wU19gws54LvxHzXTP8Cldd5oNqFfoN3vGlgDFpa8Qt3_B1BGqa7ou74TzXYQZx2lAvlQ-tl3GlqATPVXddJ4bIdgwNXf1O57AX07--RgYTyXPDF2oFPEhnChrAGDLU3q3FXJzUYfFYUdcpYhVoXn4UoNnE4Y14aLlAKMe7fdmTBBWlmFdwjloklsDqsoplIBt8704a8LweRwYYw8Gf__lgMezl29qFXskupSJ4be4bbRySLJU9nlOTkgqRMV2Iz6glyb8eg6_vo00rwJrSHQzhZ47D3bhSdR9NSGfBA060Ws65WqTXMGS8MgJL8C3fhqAv9HxgkbU0qC4KI2fTLo4HW2Eb6wkYidsaooQy5hvPWtRAe0SSb0ZSKFil4quPfCcpqiZzrLDnAr1nyzlov-288daN56-NVEGXoeg3nHTG7WhYUeF7VqhnVR6NDxn9tWA
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kostenloses-gehaltskonto.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H2 200 css
fonts.googleapis.com/ Frame 1799 3 KB
651 B 17ms
15ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2543616685264635&output=html&h=280&adk=1341286740&adf=1432020658&pi=t.aa~a.456865971~i.33~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1631056680&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8070071204&tp=site_kit&psa=0&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fwww.kostenloses-gehaltskonto.info%2F&flash=0&fwr=0&pra=3&rh=200&rw=1205&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1631070040030&bpp=3&bdt=1055&idt=3&shv=r20210901&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db0ad9ed43d4bd537-225dccb4e2ca0083%3AT%3D1631070039%3ART%3D1631070039%3AS%3DALNI_MaxLC90CLfsH2xNPcvam6UIiRjEwQ&prev_fmts=0x0&nras=2&correlator=600248889390&frm=20&pv=1&ga_vid=1494432372.1631070039&ga_sid=1631070039&ga_hid=330435743&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31060048%2C31062297&oid=3&pvsid=3913625348242709&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Fce4vHVuyF&p=https%3A//www.kostenloses-gehaltskonto.info&dtd=13

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 08 Sep 2021 01:46:39 GMT
server: ESF
date: Wed, 08 Sep 2021 03:00:40 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Sep 2021 03:00:40 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210901/r20110914/client/ Frame 1799 1 KB
891 B 8ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210901/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2543616685264635&output=html&h=280&adk=1341286740&adf=1432020658&pi=t.aa~a.456865971~i.33~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1631056680&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8070071204&tp=site_kit&psa=0&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fwww.kostenloses-gehaltskonto.info%2F&flash=0&fwr=0&pra=3&rh=200&rw=1205&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1631070040030&bpp=3&bdt=1055&idt=3&shv=r20210901&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db0ad9ed43d4bd537-225dccb4e2ca0083%3AT%3D1631070039%3ART%3D1631070039%3AS%3DALNI_MaxLC90CLfsH2xNPcvam6UIiRjEwQ&prev_fmts=0x0&nras=2&correlator=600248889390&frm=20&pv=1&ga_vid=1494432372.1631070039&ga_sid=1631070039&ga_hid=330435743&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31060048%2C31062297&oid=3&pvsid=3913625348242709&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Fce4vHVuyF&p=https%3A//www.kostenloses-gehaltskonto.info&dtd=13

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 02:22:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2294
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 830
x-xss-protection: 0
server: cafe
etag: 3558876194914413708
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Sep 2021 02:22:26 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210901/r20110914/ Frame 1799 18 KB
7 KB 12ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210901/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2543616685264635&output=html&h=280&adk=1341286740&adf=1432020658&pi=t.aa~a.456865971~i.33~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1631056680&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8070071204&tp=site_kit&psa=0&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fwww.kostenloses-gehaltskonto.info%2F&flash=0&fwr=0&pra=3&rh=200&rw=1205&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1631070040030&bpp=3&bdt=1055&idt=3&shv=r20210901&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db0ad9ed43d4bd537-225dccb4e2ca0083%3AT%3D1631070039%3ART%3D1631070039%3AS%3DALNI_MaxLC90CLfsH2xNPcvam6UIiRjEwQ&prev_fmts=0x0&nras=2&correlator=600248889390&frm=20&pv=1&ga_vid=1494432372.1631070039&ga_sid=1631070039&ga_hid=330435743&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31060048%2C31062297&oid=3&pvsid=3913625348242709&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Fce4vHVuyF&p=https%3A//www.kostenloses-gehaltskonto.info&dtd=13

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 02:47:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 806
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7645
x-xss-protection: 0
server: cafe
etag: 13200147268341533873
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Sep 2021 02:47:14 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210901/r20110914/client/ Frame 1799 2 KB
1 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210901/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2543616685264635&output=html&h=280&adk=1341286740&adf=1432020658&pi=t.aa~a.456865971~i.33~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1631056680&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8070071204&tp=site_kit&psa=0&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fwww.kostenloses-gehaltskonto.info%2F&flash=0&fwr=0&pra=3&rh=200&rw=1205&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1631070040030&bpp=3&bdt=1055&idt=3&shv=r20210901&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db0ad9ed43d4bd537-225dccb4e2ca0083%3AT%3D1631070039%3ART%3D1631070039%3AS%3DALNI_MaxLC90CLfsH2xNPcvam6UIiRjEwQ&prev_fmts=0x0&nras=2&correlator=600248889390&frm=20&pv=1&ga_vid=1494432372.1631070039&ga_sid=1631070039&ga_hid=330435743&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31060048%2C31062297&oid=3&pvsid=3913625348242709&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Fce4vHVuyF&p=https%3A//www.kostenloses-gehaltskonto.info&dtd=13

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 02:44:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 942
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Sep 2021 02:44:58 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1799 122 KB
37 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2543616685264635&output=html&h=280&adk=1341286740&adf=1432020658&pi=t.aa~a.456865971~i.33~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1631056680&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8070071204&tp=site_kit&psa=0&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fwww.kostenloses-gehaltskonto.info%2F&flash=0&fwr=0&pra=3&rh=200&rw=1205&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1631070040030&bpp=3&bdt=1055&idt=3&shv=r20210901&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db0ad9ed43d4bd537-225dccb4e2ca0083%3AT%3D1631070039%3ART%3D1631070039%3AS%3DALNI_MaxLC90CLfsH2xNPcvam6UIiRjEwQ&prev_fmts=0x0&nras=2&correlator=600248889390&frm=20&pv=1&ga_vid=1494432372.1631070039&ga_sid=1631070039&ga_hid=330435743&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31060048%2C31062297&oid=3&pvsid=3913625348242709&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Fce4vHVuyF&p=https%3A//www.kostenloses-gehaltskonto.info&dtd=13

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e252ba74aa8caecb5f589b938c9835c9c5bee271acd0db7f6fdaeaaa6f91f310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 03:00:40 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630694592982793"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37796
x-xss-protection: 0
expires: Wed, 08 Sep 2021 03:00:40 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210901/r20110914/client/ Frame 1799 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210901/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2543616685264635&output=html&h=280&adk=1341286740&adf=1432020658&pi=t.aa~a.456865971~i.33~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1631056680&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8070071204&tp=site_kit&psa=0&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fwww.kostenloses-gehaltskonto.info%2F&flash=0&fwr=0&pra=3&rh=200&rw=1205&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1631070040030&bpp=3&bdt=1055&idt=3&shv=r20210901&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db0ad9ed43d4bd537-225dccb4e2ca0083%3AT%3D1631070039%3ART%3D1631070039%3AS%3DALNI_MaxLC90CLfsH2xNPcvam6UIiRjEwQ&prev_fmts=0x0&nras=2&correlator=600248889390&frm=20&pv=1&ga_vid=1494432372.1631070039&ga_sid=1631070039&ga_hid=330435743&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31060048%2C31062297&oid=3&pvsid=3913625348242709&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Fce4vHVuyF&p=https%3A//www.kostenloses-gehaltskonto.info&dtd=13

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 02:35:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1490
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6183
x-xss-protection: 0
server: cafe
etag: 901432759052127119
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Sep 2021 02:35:50 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 1799 0
0 14ms
13ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSgtS2T_E0Z_9qeDdIa75rsHBQlSEvJPdGxVjBQfDf7Tvyd2mAKSJI0S71D6S6-6tvjo2AYfWEQcybcn92BkcA9u_LOIA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2543616685264635&output=html&h=280&adk=1341286740&adf=1432020658&pi=t.aa~a.456865971~i.33~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1631056680&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8070071204&tp=site_kit&psa=0&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fwww.kostenloses-gehaltskonto.info%2F&flash=0&fwr=0&pra=3&rh=200&rw=1205&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1631070040030&bpp=3&bdt=1055&idt=3&shv=r20210901&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db0ad9ed43d4bd537-225dccb4e2ca0083%3AT%3D1631070039%3ART%3D1631070039%3AS%3DALNI_MaxLC90CLfsH2xNPcvam6UIiRjEwQ&prev_fmts=0x0&nras=2&correlator=600248889390&frm=20&pv=1&ga_vid=1494432372.1631070039&ga_sid=1631070039&ga_hid=330435743&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31060048%2C31062297&oid=3&pvsid=3913625348242709&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Fce4vHVuyF&p=https%3A//www.kostenloses-gehaltskonto.info&dtd=13
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H2 200 8b8c639f95e935c054a6465040a495ee.js Show response
www.gstatic.com/mysidia/ Frame 1799 26 KB
11 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8b8c639f95e935c054a6465040a495ee.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2543616685264635&output=html&h=280&adk=1341286740&adf=1432020658&pi=t.aa~a.456865971~i.33~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1631056680&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8070071204&tp=site_kit&psa=0&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fwww.kostenloses-gehaltskonto.info%2F&flash=0&fwr=0&pra=3&rh=200&rw=1205&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1631070040030&bpp=3&bdt=1055&idt=3&shv=r20210901&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db0ad9ed43d4bd537-225dccb4e2ca0083%3AT%3D1631070039%3ART%3D1631070039%3AS%3DALNI_MaxLC90CLfsH2xNPcvam6UIiRjEwQ&prev_fmts=0x0&nras=2&correlator=600248889390&frm=20&pv=1&ga_vid=1494432372.1631070039&ga_sid=1631070039&ga_hid=330435743&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31060048%2C31062297&oid=3&pvsid=3913625348242709&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Fce4vHVuyF&p=https%3A//www.kostenloses-gehaltskonto.info&dtd=13

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42dc9aece188c290c3303813e9f91c1d596f1267899f3b3357280be43c16ab53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 22:08:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 103920
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10883
x-xss-protection: 0
last-modified: Fri, 03 Sep 2021 02:45:39 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 05 Dec 2021 22:08:40 GMT

GET
H3-29 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/6769205953573135288/ Frame 1799 53 KB
53 KB 10ms
9ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6769205953573135288/downsize_200k_v1?w=600&h=314

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2543616685264635&output=html&h=280&adk=1341286740&adf=1432020658&pi=t.aa~a.456865971~i.33~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1631056680&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8070071204&tp=site_kit&psa=0&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fwww.kostenloses-gehaltskonto.info%2F&flash=0&fwr=0&pra=3&rh=200&rw=1205&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1631070040030&bpp=3&bdt=1055&idt=3&shv=r20210901&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db0ad9ed43d4bd537-225dccb4e2ca0083%3AT%3D1631070039%3ART%3D1631070039%3AS%3DALNI_MaxLC90CLfsH2xNPcvam6UIiRjEwQ&prev_fmts=0x0&nras=2&correlator=600248889390&frm=20&pv=1&ga_vid=1494432372.1631070039&ga_sid=1631070039&ga_hid=330435743&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31060048%2C31062297&oid=3&pvsid=3913625348242709&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Fce4vHVuyF&p=https%3A//www.kostenloses-gehaltskonto.info&dtd=13

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

319e665d854d370e60396a0d09e854ad737ab804a86895a5a289f2c2d2ed1fdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 11:05:46 GMT
x-content-type-options: nosniff
age: 402894
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53864
x-xss-protection: 0
last-modified: Wed, 07 Jul 2021 13:50:52 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Sep 2022 11:05:46 GMT

GET
DATA 200
OK truncated
/ Frame 1799 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9782d217d5e1b45e6f769e8aa0dceb5e6acf7dbbeddecf31ad2377581516c2fc

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1799 0
0 17ms
16ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CV_oVWCc4Yen5A8q9x_APv5qX6AThpbrlY9DR6LCaDrSmyKu4JRABIMODzwpglQKgAaeSt8ADyAEJqQIrrnCWz92zPqgDAcgDywSqBNwBT9ALJSdc5XK3kNgVHtfQbLkOuDPLpZN3Zc90WrGGLxINVFKbUzihehfYhgVL3nRmvIrDieLTVjqhwzqMBUfTjvcC31JVGZHJE8YsQPMriZMY88gPc798Fbl2oufqpkLxesmmw0yeBXmmTu72qtawZhbPLYUqIzjbUGgQ4CtRFDg639ntYIdqqEM0EajzVoBbLG_NyHARMg5x3zfGqyBakJIbWYV9idLY_JszT-g7e5FD65qM7mlwP3eB_cusjsdtW_NCAShRF8M93duab0qS3_rFFvN_qHchhN1_EMAEgbyhyNMDkgUECAQYAZIFBAgFGASgBi6AB_WCj_8BqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G9gHAPIHBBDtqBnSCAkIgOGAEBABGB-ACgHICwG4E4gn2BMMiBQH0BUBgBcBshccChoIABIUcHViLTI1NDM2MTY2ODUyNjQ2MzUYAA&sigh=-No70ZUSyWo&template_id=5000

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2543616685264635&output=html&h=280&adk=1341286740&adf=1432020658&pi=t.aa~a.456865971~i.33~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1631056680&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8070071204&tp=site_kit&psa=0&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fwww.kostenloses-gehaltskonto.info%2F&flash=0&fwr=0&pra=3&rh=200&rw=1205&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1631070040030&bpp=3&bdt=1055&idt=3&shv=r20210901&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db0ad9ed43d4bd537-225dccb4e2ca0083%3AT%3D1631070039%3ART%3D1631070039%3AS%3DALNI_MaxLC90CLfsH2xNPcvam6UIiRjEwQ&prev_fmts=0x0&nras=2&correlator=600248889390&frm=20&pv=1&ga_vid=1494432372.1631070039&ga_sid=1631070039&ga_hid=330435743&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31060048%2C31062297&oid=3&pvsid=3913625348242709&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Fce4vHVuyF&p=https%3A//www.kostenloses-gehaltskonto.info&dtd=13

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2543616685264635&output=html&h=280&adk=1341286740&adf=1432020658&pi=t.aa~a.456865971~i.33~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1631056680&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8070071204&tp=site_kit&psa=0&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fwww.kostenloses-gehaltskonto.info%2F&flash=0&fwr=0&pra=3&rh=200&rw=1205&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1631070040030&bpp=3&bdt=1055&idt=3&shv=r20210901&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db0ad9ed43d4bd537-225dccb4e2ca0083%3AT%3D1631070039%3ART%3D1631070039%3AS%3DALNI_MaxLC90CLfsH2xNPcvam6UIiRjEwQ&prev_fmts=0x0&nras=2&correlator=600248889390&frm=20&pv=1&ga_vid=1494432372.1631070039&ga_sid=1631070039&ga_hid=330435743&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31060048%2C31062297&oid=3&pvsid=3913625348242709&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Fce4vHVuyF&p=https%3A//www.kostenloses-gehaltskonto.info&dtd=13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 08 Sep 2021 03:00:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 08 Sep 2021 03:00:40 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4910 1 KB
864 B 6ms
6ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2543616685264635&output=html&h=280&adk=1341286740&adf=1432020658&pi=t.aa~a.456865971~i.33~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1631056680&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8070071204&tp=site_kit&psa=0&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fwww.kostenloses-gehaltskonto.info%2F&flash=0&fwr=0&pra=3&rh=200&rw=1205&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1631070040030&bpp=3&bdt=1055&idt=3&shv=r20210901&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db0ad9ed43d4bd537-225dccb4e2ca0083%3AT%3D1631070039%3ART%3D1631070039%3AS%3DALNI_MaxLC90CLfsH2xNPcvam6UIiRjEwQ&prev_fmts=0x0&nras=2&correlator=600248889390&frm=20&pv=1&ga_vid=1494432372.1631070039&ga_sid=1631070039&ga_hid=330435743&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31060048%2C31062297&oid=3&pvsid=3913625348242709&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Fce4vHVuyF&p=https%3A//www.kostenloses-gehaltskonto.info&dtd=13

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 07 Sep 2021 21:06:15 GMT
expires: Wed, 08 Sep 2021 21:06:15 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 21265
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 1799 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa63a02922dbda0e9d12c3c3eba6f8c72f5a2634291eb0fc4499e63f7abe3e3e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 1799 21 KB
21 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 08:44:05 GMT
x-content-type-options: nosniff
age: 65795
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21660
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:07:18 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Sep 2022 08:44:05 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 1799 21 KB
21 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 04:08:17 GMT
x-content-type-options: nosniff
age: 82343
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21424
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:08:24 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Sep 2022 04:08:17 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 4910 35 B
463 B 781ms
28ms Image
image/gif 91.228.74.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAnAqmtP77m-o85OddMA9_g&google_cver=1&google_push=AYg5qPKM503UKzH-Z8p9gqaTlLLnID5r7Am85W5QaeAbchClV17cP9tA9I8yXX8cMfQVSP7z6adiTbIaz3Fx3mKM-oVZEMh04_dR

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2543616685264635&output=html&h=280&adk=1341286740&adf=1432020658&pi=t.aa~a.456865971~i.33~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1631056680&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8070071204&tp=site_kit&psa=0&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fwww.kostenloses-gehaltskonto.info%2F&flash=0&fwr=0&pra=3&rh=200&rw=1205&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1631070040030&bpp=3&bdt=1055&idt=3&shv=r20210901&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db0ad9ed43d4bd537-225dccb4e2ca0083%3AT%3D1631070039%3ART%3D1631070039%3AS%3DALNI_MaxLC90CLfsH2xNPcvam6UIiRjEwQ&prev_fmts=0x0&nras=2&correlator=600248889390&frm=20&pv=1&ga_vid=1494432372.1631070039&ga_sid=1631070039&ga_hid=330435743&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31060048%2C31062297&oid=3&pvsid=3913625348242709&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Fce4vHVuyF&p=https%3A//www.kostenloses-gehaltskonto.info&dtd=13

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.198 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Sep 2021 03:00:41 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 4910
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESELeQwyBthFjwDideC0Ktgyg&google_cver=1&google_push=AYg5qPJs69DkSWTq-YynUMPikeVzkF5vWPKx1FG_Dpt75vrzApFrCZEwL7KlT0po3OiKXZEapJs-dtD8kFM4mIN8nlCni7pPll0a
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJs69DkSWTq-YynUMPikeVzkF5vWPKx1FG_Dpt75vrzApFrCZEwL7KlT0po3OiKXZEapJs-dtD8kFM4mIN8nlCni7pPll0a&google_hm=Q0FFU0VMZVF3eUJ0aEZqd...

170 B
188 B

31ms
16ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJs69DkSWTq-YynUMPikeVzkF5vWPKx1FG_Dpt75vrzApFrCZEwL7KlT0po3OiKXZEapJs-dtD8kFM4mIN8nlCni7pPll0a&google_hm=Q0FFU0VMZVF3eUJ0aEZqd0RpZGVDMEt0Z3ln

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Sep 2021 03:00:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 08 Sep 2021 03:00:40 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPJs69DkSWTq-YynUMPikeVzkF5vWPKx1FG_Dpt75vrzApFrCZEwL7KlT0po3OiKXZEapJs-dtD8kFM4mIN8nlCni7pPll0a&google_hm=Q0FFU0VMZVF3eUJ0aEZqd0RpZGVDMEt0Z3ln
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 4910
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJARDvS...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJARDvS...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA5MDgwMzAwNDEwMDA0ODEyMzI4MzU0OA%3D%3D&google_push=AYg5qPJARDvSd96QzMB50Zlsp2VPbLyO901CfsEfbo8-jOuP1s9f_8DmWBdJmgQX0SlQBd...

170 B
188 B

17ms
16ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA5MDgwMzAwNDEwMDA0ODEyMzI4MzU0OA%3D%3D&google_push=AYg5qPJARDvSd96QzMB50Zlsp2VPbLyO901CfsEfbo8-jOuP1s9f_8DmWBdJmgQX0SlQBd1VY_omyHXy2cL-f9F51nKG6Ne9ggqZ

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Sep 2021 03:00:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA5MDgwMzAwNDEwMDA0ODEyMzI4MzU0OA%3D%3D&google_push=AYg5qPJARDvSd96QzMB50Zlsp2VPbLyO901CfsEfbo8-jOuP1s9f_8DmWBdJmgQX0SlQBd1VY_omyHXy2cL-f9F51nKG6Ne9ggqZ
pragma: no-cache
date: Wed, 08 Sep 2021 03:00:41 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Wed, 08 Sep 2021 03:00:41 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 4910
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEC6Wr-NR4N0cut6UGmdqeIc&google_cver=1&google_push=AYg5qPL00RwTmxcTFvFaVVPVliy--7GXdoEOUKqas4OaVYB3MWCo7P7VDzBmbHi5haFVCPyAS63YRt_gWY0Q2YoW-tHIwVOpvBo
https://rtb.openx.net/sync/dds?google_gid=CAESEC6Wr-NR4N0cut6UGmdqeIc&google_cver=1&google_push=AYg5qPL00RwTmxcTFvFaVVPVliy--7GXdoEOUKqas4OaVYB3MWCo7P7VDzBmbHi5haFVCPyAS63YRt_gWY0Q2YoW-tHIwVOpvBo&o...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPL00RwTmxcTFvFaVVPVliy--7GXdoEOUKqas4OaVYB3MWCo7P7VDzBmbHi5haFVCPyAS63YRt_gWY0Q2YoW-tHIwVOpvBo&google_hm=ouR377qVy-Qf27_kdTlBFg==

170 B
188 B

18ms
16ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPL00RwTmxcTFvFaVVPVliy--7GXdoEOUKqas4OaVYB3MWCo7P7VDzBmbHi5haFVCPyAS63YRt_gWY0Q2YoW-tHIwVOpvBo&google_hm=ouR377qVy-Qf27_kdTlBFg==

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Sep 2021 03:00:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 08 Sep 2021 03:00:40 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPL00RwTmxcTFvFaVVPVliy--7GXdoEOUKqas4OaVYB3MWCo7P7VDzBmbHi5haFVCPyAS63YRt_gWY0Q2YoW-tHIwVOpvBo&google_hm=ouR377qVy-Qf27_kdTlBFg==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: llu917t5npl99he68eohtrfc5psi63o2

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 4910
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Q05ShEduRyOs1qtbeyf00w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

16ms
16ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Q05ShEduRyOs1qtbeyf00w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLunWuR2B4KbrnMgDdQUs_i4WoNyhF2ExRyw_yLcuwWOxdoi37CcN1iW9zgRNMZubbD5oH1KfYQeG0rCwOaDIrcndckFfUE

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Sep 2021 03:00:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Q05ShEduRyOs1qtbeyf00w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLunWuR2B4KbrnMgDdQUs_i4WoNyhF2ExRyw_yLcuwWOxdoi37CcN1iW9zgRNMZubbD5oH1KfYQeG0rCwOaDIrcndckFfUE
date: Wed, 08 Sep 2021 03:00:40 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 4910
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIcgOJPDJWBlj8Fulb6LKEI&google_cver=1&google_push=AYg5qPJE4F7cylOAsanDxZ1hr7r1UJThNy1ALL1mSonGvKWjwOKgyP3zsk7XMaM7_b1hJP-woaN...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1RBV1pNODktMUotOERFOQ==&google_push=AYg5qPJE4F7cylOAsanDxZ1hr7r1UJThNy1ALL1mSonGvKWjwOKgyP3zsk7XMaM7_b1hJP-woaN7OzWAQcjqcHFxM3L_1VpamplT

170 B
188 B

32ms
18ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1RBV1pNODktMUotOERFOQ==&google_push=AYg5qPJE4F7cylOAsanDxZ1hr7r1UJThNy1ALL1mSonGvKWjwOKgyP3zsk7XMaM7_b1hJP-woaN7OzWAQcjqcHFxM3L_1VpamplT

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Sep 2021 03:00:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1RBV1pNODktMUotOERFOQ==&google_push=AYg5qPJE4F7cylOAsanDxZ1hr7r1UJThNy1ALL1mSonGvKWjwOKgyP3zsk7XMaM7_b1hJP-woaN7OzWAQcjqcHFxM3L_1VpamplT
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 4910
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGJ2VMsko2GmTNfTqnBAG8U&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEGJ2VMsko2GmTNfTqnBAG8U&google_push=AY...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTgnWCTQOZCQbVGvfwwVsAAABKwAAAIB&google_gid=CAESEGJ2VMsko2GmTNfTqnBAG8U&google_cver=1&google_push=AYg5qPJGnz4vObxeC6a4-juOoHjZ8zYCxVQPB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTgnWCTQOZCQbVGvfwwVsAAABKwAAAIB&google_gid=CAESEGJ2VMsko2GmTNfTqnBAG8U&google_cver=1&google_push=AYg5qPJGnz4vObxeC6a4-juOoHjZ8zYCxVQPB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTgnWCTQOZCQbVGvfwwVsAAABKwAAAIB&google_gid=CAESEGJ2VMsko2GmTNfTqnBAG8U&google_cver=1&google_push=AYg5qPJGnz4vObxeC6a4-juOoHjZ8zYCxVQPB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTgnWCTQOZCQbVGvfwwVsAAABKwAAAIB&google_gid=CAESEGJ2VMsko2GmTNfTqnBAG8U&google_cver=1&google_push=AYg5qPJGnz4vObxeC6a4-juOoHjZ8zYCxVQPB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTgnWCTQOZCQbVGvfwwVsAAABKwAAAIB&google_gid=CAESEGJ2VMsko2GmTNfTqnBAG8U&google_cver=1&google_push=AYg5qPJGnz4vObxeC6a4-juOoHjZ8zYCxVQPB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTgnWCTQOZCQbVGvfwwVsAAABKwAAAIB&google_gid=CAESEGJ2VMsko2GmTNfTqnBAG8U&google_cver=1&google_push=AYg5qPJGnz4vObxeC6a4-juOoHjZ8zYCxVQPB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTgnWCTQOZCQbVGvfwwVsAAABKwAAAIB&google_gid=CAESEGJ2VMsko2GmTNfTqnBAG8U&google_cver=1&google_push=AYg5qPJGnz4vObxeC6a4-juOoHjZ8zYCxVQPB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTgnWCTQOZCQbVGvfwwVsAAABKwAAAIB&google_gid=CAESEGJ2VMsko2GmTNfTqnBAG8U&google_cver=1&google_push=AYg5qPJGnz4vObxeC6a4-juOoHjZ8zYCxVQPB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTgnWCTQOZCQbVGvfwwVsAAABKwAAAIB&google_gid=CAESEGJ2VMsko2GmTNfTqnBAG8U&google_cver=1&google_push=AYg5qPJGnz4vObxeC6a4-juOoHjZ8zYCxVQPB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTgnWCTQOZCQbVGvfwwVsAAABKwAAAIB&google_gid=CAESEGJ2VMsko2GmTNfTqnBAG8U&google_cver=1&google_push=AYg5qPJGnz4vObxeC6a4-juOoHjZ8zYCxVQPB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTgnWCTQOZCQbVGvfwwVsAAABKwAAAIB&google_gid=CAESEGJ2VMsko2GmTNfTqnBAG8U&google_cver=1&google_push=AYg5qPJGnz4vObxeC6a4-juOoHjZ8zYCxVQPB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTgnWCTQOZCQbVGvfwwVsAAABKwAAAIB&google_gid=CAESEGJ2VMsko2GmTNfTqnBAG8U&google_cver=1&google_push=AYg5qPJGnz4vObxeC6a4-juOoHjZ8zYCxVQPB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTgnWCTQOZCQbVGvfwwVsAAABKwAAAIB&google_gid=CAESEGJ2VMsko2GmTNfTqnBAG8U&google_cver=1&google_push=AYg5qPJGnz4vObxeC6a4-juOoHjZ8zYCxVQPB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTgnWCTQOZCQbVGvfwwVsAAABKwAAAIB&google_gid=CAESEGJ2VMsko2GmTNfTqnBAG8U&google_cver=1&google_push=AYg5qPJGnz4vObxeC6a4-juOoHjZ8zYCxVQPB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTgnWCTQOZCQbVGvfwwVsAAABKwAAAIB&google_gid=CAESEGJ2VMsko2GmTNfTqnBAG8U&google_cver=1&google_push=AYg5qPJGnz4vObxeC6a4-juOoHjZ8zYCxVQPB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTgnWCTQOZCQbVGvfwwVsAAABKwAAAIB&google_gid=CAESEGJ2VMsko2GmTNfTqnBAG8U&google_cver=1&google_push=AYg5qPJGnz4vObxeC6a4-juOoHjZ8zYCxVQPB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTgnWCTQOZCQbVGvfwwVsAAABKwAAAIB&google_gid=CAESEGJ2VMsko2GmTNfTqnBAG8U&google_cver=1&google_push=AYg5qPJGnz4vObxeC6a4-juOoHjZ8zYCxVQPB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTgnWCTQOZCQbVGvfwwVsAAABKwAAAIB&google_gid=CAESEGJ2VMsko2GmTNfTqnBAG8U&google_cver=1&google_push=AYg5qPJGnz4vObxeC6a4-juOoHjZ8zYCxVQPB...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTgnWCTQOZCQbVGvfwwVsAAABKwAAAIB&google_gid=CAESEGJ2VMsko2GmTNfTqnBAG8U&google_cver=1&google_push=AYg5qPJGnz4vObxeC6a4-juOoHjZ8zYCxVQPB...

0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 4910 0
244 B 42ms
15ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LbFzkokl5XhKUbUAm-KvXq08BWIo3llUl7J5w6kRkAXGhlr_YOZ1RVuchveioY3olqsFot

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2543616685264635&output=html&h=280&adk=1341286740&adf=1432020658&pi=t.aa~a.456865971~i.33~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1631056680&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8070071204&tp=site_kit&psa=0&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fwww.kostenloses-gehaltskonto.info%2F&flash=0&fwr=0&pra=3&rh=200&rw=1205&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1631070040030&bpp=3&bdt=1055&idt=3&shv=r20210901&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db0ad9ed43d4bd537-225dccb4e2ca0083%3AT%3D1631070039%3ART%3D1631070039%3AS%3DALNI_MaxLC90CLfsH2xNPcvam6UIiRjEwQ&prev_fmts=0x0&nras=2&correlator=600248889390&frm=20&pv=1&ga_vid=1494432372.1631070039&ga_sid=1631070039&ga_hid=330435743&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31060048%2C31062297&oid=3&pvsid=3913625348242709&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Fce4vHVuyF&p=https%3A//www.kostenloses-gehaltskonto.info&dtd=13

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 03:00:40 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29 200 rWlMBfa9MpU8odUgYO2XS-jQK_KO9aJyNzJvjgjzx8o.js Show response
pagead2.googlesyndication.com/bg/ Frame 3136 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rWlMBfa9MpU8odUgYO2XS-jQK_KO9aJyNzJvjgjzx8o.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-2543616685264635&output=html&h=280&adk=1341286740&adf=1432020658&pi=t.aa~a.456865971~i.33~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1631056680&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8070071204&tp=site_kit&psa=0&ad_type=text_image&format=1200x280&url=https%3A%2F%2Fwww.kostenloses-gehaltskonto.info%2F&flash=0&fwr=0&pra=3&rh=200&rw=1205&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1631070040030&bpp=3&bdt=1055&idt=3&shv=r20210901&mjsv=m202109010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db0ad9ed43d4bd537-225dccb4e2ca0083%3AT%3D1631070039%3ART%3D1631070039%3AS%3DALNI_MaxLC90CLfsH2xNPcvam6UIiRjEwQ&prev_fmts=0x0&nras=2&correlator=600248889390&frm=20&pv=1&ga_vid=1494432372.1631070039&ga_sid=1631070039&ga_hid=330435743&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=2617&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31060048%2C31062297&oid=3&pvsid=3913625348242709&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Fce4vHVuyF&p=https%3A//www.kostenloses-gehaltskonto.info&dtd=13

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad694c05f6bd32953ca1d52060ed974be8d02bf28ef5a27237326f8e08f3c7ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 14:32:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44887
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13326
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 12:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 07 Sep 2022 14:32:33 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B9EF 42 B
64 B 21ms
18ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuvDptRrekyHo4dElHLWdsQbMIb8p5zQ4C69ips0IsveFMrQDFwiPFhMNZktKjbjlQrNXkQApqbWcyaugcRYYymSdmIemGh7JGTBmOWG5gc-G07Y315r-25q_5tPw&sai=AMfl-YSXYpWdpEqhiWspIzFtfEziFLR4136y0PqbXTj3f6iCWcp_Z7IUlry3amxn-s84MFoXajFSLWW9NYO4&sig=Cg0ArKJSzDOZ8ouzqLulEAE&id=lidar2&mcvt=1017&p=1103,298,1227,1303&mtos=95,742,1017,1150,1250&tos=95,647,275,133,100&v=20210903&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1812271801&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1631070040069&rpt=152&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Sep 2021 03:00:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YTgnWCTQOZCQbVGvfwwVsAAABKwAAAIB&google_gid=CAESEGJ2VMsko2GmTNfTqnBAG8U&google_cver=1&google_push=AYg5qPJGnz4vObxeC6a4-juOoHjZ8zYCxVQPBUlPukLKSGvjHnejR0Muci_ARwt1Rx6c56tizrcosCIbNgQVxSEVWWCP9qHzbQW8

Verdicts & Comments Add Verdict or Comment

85 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 21:04:30	Name: test_cookie Value: CheckForPermission
.kostenloses-gehaltskonto.info/	1970-01-20 06:26:06	Name: FCCDCF Value: [null,null,["[[],[],[],[],null,null,true]",1631070039397],null,null]
.kostenloses-gehaltskonto.info/	1970-01-20 06:26:06	Name: __gads Value: ID=b0ad9ed43d4bd537-225dccb4e2ca0083:T=1631070039:RT=1631070039:S=ALNI_MaxLC90CLfsH2xNPcvam6UIiRjEwQ

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.kostenloses-gehaltskonto.info/wp-content/cache/wpfc-minified/2mtuovpc/a3ozg.js(Line 7) Message: JQMIGRATE: Migrate is installed, version 3.3.2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad13.adfarm1.adition.com
adservice.google.com
adservice.google.de
cm.g.doubleclick.net
cms.quantserve.com
d.agkn.com
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
image6.pubmatic.com
imagesrv.adition.com
kostenloses-gehaltskonto.info
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
rtb.openx.net
tpc.googlesyndication.com
www.financeads.net
www.fndsda.net
www.google.com
www.googletagservices.com
www.gstatic.com
www.kostenloses-gehaltskonto.info
cm.g.doubleclick.net
104.111.215.191
142.250.185.66
142.250.185.98
18.195.172.136
185.64.190.78
217.79.188.10
217.79.188.54
2a00:1450:4001:801::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2002
2a00:1450:4001:812::2002
2a00:1450:4001:812::200a
2a00:1450:4001:827::2001
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2002
2a01:488:42:1000:57e6:68d2:a:18a3
35.186.253.211
69.173.144.138
85.13.154.215
85.199.80.233
91.228.74.198
03f53060bae589b5abaacc33187ca111bb50becfe726bf03c28b5aeb30302ad0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5
11ccc0a424aecd62bfd266bdd4e9219a3c7cf7d3489b401699d636ec4bb8f26c
1206830b4792a25bcbe4d37d201c969547740be84b25e16c3b1c579ddc797dde
1469bfac3cbb77919db3c1240a038ac2913058898231d9c02500eb68c4f99257
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
194fb35f86c6693a5fe90ddc958e4ee5cde739a0727cb982b4d8ba65b7c60796
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
1b77621fada04dda16329697bdf4775eabe231c6c836892112c1dcb3aaa708e7
1ef564b89fc8b8baa6609f30535c85a5f7e793f16879169cbf7a8987fd85405d
22746a14e8cc7bd60d7aa6abe86d65fb0415846739b2a46c818509f39edd553f
294250100f6d8e424a4e75c49539f5281bd308b22039e01f1cc86f94dee17e79
319e665d854d370e60396a0d09e854ad737ab804a86895a5a289f2c2d2ed1fdc
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
42dc9aece188c290c3303813e9f91c1d596f1267899f3b3357280be43c16ab53
47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5
4bbffa1acf6a9075afa65f56d16c43d166357319fd23eed5b196c5a6ebc7bccf
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5469740595a44003b8884f40783d63ac3c9b57e1a00ad6f29c4fff55153717de
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c6d205e00151c569fa7befdff412e63efc57b98256e9e2f81be98b45e4759f0
5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a
5fa20d91c9e94f0dcd1398f5e8909706c437748ca1800616ee76deb6cefbdf03
705f9f58c0bbc4fa3aea96fa6d851983c081310f722732c33a9ac160baed5541
731ee3bbaa9f2fd92879f9087c9fbbf7438d3a52595c6c8a8020bb2a69b7afd6
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
7a10f5b0983a5030c2624a206bc486e370909c27849f7cbecb7c06fcaa6920c9
7a24ae8b0781e79b1049799806f6b836b4dc8a7cb5e6bdc218bc527fabef0a89
7ab0dedbc6ec3d4d93dce2f047b634bb655782bf46fee848d63e571d26ce4131
7d2b02eca4e6332789f66abc521c2ad55f0b0f10195faecc3f2c95202caa8113
7e6cfcd0eeff652443341f02008abd4bda6e1f0a61051ee16bfb95b825e030cd
8a62462c9d59233753c6196a3fce0ea5b1261f404324d2463ed30eefdba68164
8f8a6a29ff500eb70cb576a426aae9a3f1c003b4bdacd7abe57523cf1c17343b
96b66b881e6ba46816cf5bec349223db437dc39c7878788f22e94f36a37dfbea
9782d217d5e1b45e6f769e8aa0dceb5e6acf7dbbeddecf31ad2377581516c2fc
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a8a60196ba070783797c4fae3d4df9c724bc2fb4c4acf410dfd76df035a2ef3e
aa63a02922dbda0e9d12c3c3eba6f8c72f5a2634291eb0fc4499e63f7abe3e3e
ad694c05f6bd32953ca1d52060ed974be8d02bf28ef5a27237326f8e08f3c7ca
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
c430f644efb55920d9c3d0534971f41cba4f896ab5e58b91e588decf05972731
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
c5cef8b108e3cc91a217027830a3ed8aebacc112698edc216f42dd1acf8fe690
d4ba8a0e32b18363b0f4d5d4c6834394bc221906943c85d379b266ea6fc94e1a
d8f8cdb5aeedf4b9737a05e36cdff6236915390471280befa4ead41179bdd408
db5b0322622e261d0b5e4402fd562ea9b734e8c3bb4e9b15e1e9896d7d2c9d06
e252ba74aa8caecb5f589b938c9835c9c5bee271acd0db7f6fdaeaaa6f91f310
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f91c0368ad1a0e7d13c698b8386d77446632e1eab541eba9a1e8ca08ba80257e
fecb5df18e8faa43dc3aa3f49ffd7224c84e378eb7514326a9ca3757a42daf35

www.kostenloses-gehaltskonto.info Open in urlscan Pro 85.13.154.215 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

78 Requests

99 %HTTPS

50 %IPv6

18 Domains

25 Subdomains

18 IPs

3 Countries

1003 kBTransfer

2187 kBSize

3 Cookies

2 Outgoing links

Redirected requests

78 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.kostenloses-gehaltskonto.info Open in urlscan Pro
85.13.154.215 Public Scan

Screenshot
Live screenshot

Full Image

78
Requests

99 %
HTTPS

50 %
IPv6

18
Domains

25
Subdomains

18
IPs

3
Countries

1003 kB
Transfer

2187 kB
Size

3
Cookies

78 HTTP transactions
3 data transactions