powershelltutorial.net Open in urlscan Pro
2606:4700:3033::ac43:adc9 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://powershelltutorial.net/
Submission Tags: falconsandbox
Submission: On June 01 via api (June 1st 2022, 11:16:04 pm UTC) from US — Scanned from DE

Summary HTTP 167 Redirects Links 58 Behaviour Indicators

Summary

This website contacted 30 IPs in 6 countries across 22 domains to perform 167 HTTP transactions. The main IP is 2606:4700:3033::ac43:adc9, located in United States and belongs to CLOUDFLARENET, US. The main domain is powershelltutorial.net.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 29th 2021. Valid for: a year.

This is the only time powershelltutorial.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	2606:4700:303... 2606:4700:3033::ac43:adc9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
29	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
5 18	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
5 7	104.102.29.65 104.102.29.65	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 3	37.252.173.22 37.252.173.22	29990 (ASN-APPNEX) (ASN-APPNEX)
2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2	104.89.28.165 104.89.28.165	16625 (AKAMAI-AS) (AKAMAI-AS)
17	2a00:1450:400... 2a00:1450:4001:829::2006	15169 (GOOGLE) (GOOGLE)
4	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:400c:c07::9b	15169 (GOOGLE) (GOOGLE)
1 4	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4007:812::2003	15169 (GOOGLE) (GOOGLE)
2	108.177.15.155 108.177.15.155	15169 (GOOGLE) (GOOGLE)
1 2	2620:116:800d... 2620:116:800d:21:5ed4:8d5d:fed7:f5ef	16509 (AMAZON-02) (AMAZON-02)
2 3	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
2	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
4 4	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	108.128.215.255 108.128.215.255	16509 (AMAZON-02) (AMAZON-02)
2 2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:19::9	15169 (GOOGLE) (GOOGLE)
167	30

12 2606:4700:3033::ac43:adc9 (United States)

ASN13335 (CLOUDFLARENET, US)

powershelltutorial.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 142.250.186.130 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.102.29.65 (Milan, Italy) 5 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-102-29-65.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.173.22 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.89.28.165 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-28-165.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9b (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4007:812::2003 (Ireland)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.177.15.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wr-in-f155.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:5ed4:8d5d:fed7:f5ef (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.190.78 (United Kingdom) 4 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.139 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.128.215.255 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-215-255.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:19::9 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r4---sn-4g5ednds.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
49	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 90 tpc.googlesyndication.com — Cisco Umbrella Rank: 136	490 KB
36	doubleclick.net 6 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 40 cm.g.doubleclick.net — Cisco Umbrella Rank: 191 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 271 stats.g.doubleclick.net — Cisco Umbrella Rank: 84 bid.g.doubleclick.net — Cisco Umbrella Rank: 473	182 KB
23	2mdn.net 2 redirects s0.2mdn.net — Cisco Umbrella Rank: 242 gcdn.2mdn.net — Cisco Umbrella Rank: 886 r4---sn-4g5ednds.c.2mdn.net — Cisco Umbrella Rank: 608084	2 MB
17	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	205 KB
12	powershelltutorial.net powershelltutorial.net	332 KB
10	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 42 imasdk.googleapis.com — Cisco Umbrella Rank: 381	253 KB
7	casalemedia.com 5 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 518 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 494	6 KB
7	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 70 www.google.com — Cisco Umbrella Rank: 2	2 KB
4	pubmatic.com 4 redirects image6.pubmatic.com — Cisco Umbrella Rank: 564	2 KB
4	openx.net us-u.openx.net — Cisco Umbrella Rank: 348 rtb.openx.net — Cisco Umbrella Rank: 1376	834 B
4	google.de adservice.google.de — Cisco Umbrella Rank: 8526 www.google.de — Cisco Umbrella Rank: 6117	2 KB
3	rlcdn.com 2 redirects id.rlcdn.com — Cisco Umbrella Rank: 555	634 B
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 214	3 KB
2	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 306	920 B
2	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 936	795 B
2	google-analytics.com 1 redirects ssl.google-analytics.com — Cisco Umbrella Rank: 286	17 KB
2	teads.tv sync.teads.tv — Cisco Umbrella Rank: 918	344 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 163	86 KB
2	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 818	78 KB
1	everesttech.net 1 redirects pixel.everesttech.net — Cisco Umbrella Rank: 2982	375 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 840	356 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 768	650 B
167	22

	Domain	Requested by
29	pagead2.googlesyndication.com	powershelltutorial.net pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
20	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com imasdk.googleapis.com pagead2.googlesyndication.com
17	s0.2mdn.net	powershelltutorial.net s0.2mdn.net
17	cm.g.doubleclick.net	5 redirects googleads.g.doubleclick.net powershelltutorial.net
12	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
12	powershelltutorial.net	powershelltutorial.net
11	fonts.gstatic.com	fonts.googleapis.com
6	fonts.googleapis.com	powershelltutorial.net s0.2mdn.net googleads.g.doubleclick.net
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
4	r4---sn-4g5ednds.c.2mdn.net
4	image6.pubmatic.com	4 redirects
4	csi.gstatic.com	imasdk.googleapis.com
4	imasdk.googleapis.com	googleads.g.doubleclick.net
4	www.google.com	1 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
4	googleads4.g.doubleclick.net	powershelltutorial.net
3	id.rlcdn.com	2 redirects googleads.g.doubleclick.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
2	gcdn.2mdn.net	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	pixel.rubiconproject.com	2 redirects
2	rtb.openx.net	googleads.g.doubleclick.net
2	cms.quantserve.com	1 redirects googleads.g.doubleclick.net
2	bid.g.doubleclick.net	imasdk.googleapis.com
2	ssl.google-analytics.com	1 redirects powershelltutorial.net
2	www.gstatic.com	s0.2mdn.net
2	sync.teads.tv	googleads.g.doubleclick.net
2	us-u.openx.net	googleads.g.doubleclick.net
2	www.googletagservices.com	googleads.g.doubleclick.net
2	use.fontawesome.com	powershelltutorial.net use.fontawesome.com
1	pixel.everesttech.net	1 redirects
1	odr.mookie1.com	googleads.g.doubleclick.net
1	www.google.de	powershelltutorial.net
1	stats.g.doubleclick.net	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
167	36

This site contains links to these domains. Also see Links.

Domain
www.powershelltutorial.net

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-29` - `2022-06-28`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
teads.tv R3	`2022-06-01` - `2022-08-30`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2022-05-24` - `2022-08-02`	2 months	crt.sh

This page contains 21 frames:

Primary Page: https://powershelltutorial.net/
Frame ID: 52431E6E9C5ADDEF9AF54DE136FDFC8B
Requests: 38 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220526/r20190131/zrt_lookup.html
Frame ID: F6760A97520965FA9D2E755A8F8D9B3E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7249477889959952&output=html&h=50&slotname=9602653203&adk=3525354311&adf=781818832&pi=t.ma~as.9602653203&w=320&lmt=1654125358&psa=0&format=320x50&url=https%3A%2F%2Fpowershelltutorial.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654125358143&bpp=2&bdt=1377&idt=78&shv=r20220526&mjsv=m202205260101&ptt=9&saldr=aa&abxe=1&correlator=1472136115649&frm=20&pv=2&ga_vid=1068015053.1654125358&ga_sid=1654125358&ga_hid=994296361&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=265&ady=123&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531557%2C21066428%2C31067628%2C31067768%2C31060048&oid=2&pvsid=1342139864712756&pem=808&tmod=1819196090&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=ALXRTHu72i&p=https%3A//powershelltutorial.net&dtd=93
Frame ID: 6772A01AD70B20982BFD08F442B2FFD5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7249477889959952&output=html&h=280&slotname=6390426371&adk=1865869767&adf=404996203&pi=t.ma~as.6390426371&w=420&fwrn=4&fwrnh=100&lmt=1654125358&rafmt=1&psa=0&format=420x280&url=https%3A%2F%2Fpowershelltutorial.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654125358146&bpp=2&bdt=1381&idt=97&shv=r20220526&mjsv=m202205260101&ptt=9&saldr=aa&abxe=1&prev_fmts=320x50&correlator=1472136115649&frm=20&pv=1&ga_vid=1068015053.1654125358&ga_sid=1654125358&ga_hid=994296361&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1165&ady=350&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531557%2C21066428%2C31067628%2C31067768%2C31060048&oid=2&pvsid=1342139864712756&pem=808&tmod=1819196090&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=JT9mOeo1EK&p=https%3A//powershelltutorial.net&dtd=102
Frame ID: 6446357220F17CFFB0FB8DBC6992F616
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7249477889959952&output=html&h=280&slotname=6390426371&adk=1865869767&adf=3343277370&pi=t.ma~as.6390426371&w=420&fwrn=4&fwrnh=100&lmt=1654125358&rafmt=1&psa=0&format=420x280&url=https%3A%2F%2Fpowershelltutorial.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654125358148&bpp=1&bdt=1382&idt=103&shv=r20220526&mjsv=m202205260101&ptt=9&saldr=aa&abxe=1&prev_fmts=320x50%2C420x280&correlator=1472136115649&frm=20&pv=1&ga_vid=1068015053.1654125358&ga_sid=1654125358&ga_hid=994296361&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1165&ady=646&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531557%2C21066428%2C31067628%2C31067768%2C31060048&oid=2&pvsid=1342139864712756&pem=808&tmod=1819196090&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=NGQlIlkiox&p=https%3A//powershelltutorial.net&dtd=106
Frame ID: 0AD182A779A5C1B72688779865020048
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COyovN8CEOWWpfsCGIn85sYBMAE&v=APEucNWSa-GuhMjQMtpJupigQirYYvcuW6CjPGuacDNu9Znvb32ByyTuhL-PZbVvGxhdnoY0ATaWK7m3SZQxKuUnN9PJPaan6jq29JdssCf3w6UHmVg2RQ8V9xrgLfYBs4iWPi5rMd4AXHElyYS6FbXIOlCRFONW1r4oTIwztHKMpxcUqUJQ420
Frame ID: EFFDCA2AE412D0A09D6909E07CCAAF47
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COyovN8CEOWWpfsCGNuE3cYBMAE&v=APEucNWMkb8aLd-B2_elW-ojgXkwTlXPhpKyE2kXijOGehejQbu4CMPsxb4Y_ZSpBFawhAHinQPsb8lZSSGt4P4jkqRhiYhK5uCgCyWNi8zPwDOhqWqFnF-zLEyPWf_QFIshAoq4wWbCvrUzGi7ouOF93BFVrstmA8lhPlcHA8IYASVnkQxOSN8
Frame ID: 7F76E699CA8934509ABD0CA8EC3BB540
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: ED1F2469BD3EF15E54F48678BF282525
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_cuecard/responsive/V1/index.html?e=69&leftOffset=0&topOffset=0&c=jyyQFZmcu5&t=1&renderingType=2&ev=01_247
Frame ID: 4990F2B339038D3E43E3512B5C0EC42D
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7623A1EDBA42487B78ED4E85CFC09B77
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_blanket/responsive/V1/index.html?e=69&leftOffset=0&topOffset=0&c=TTRa6Hqezc&t=1&renderingType=2&ev=01_247
Frame ID: C204F842C6BE4F2C67DCB7234F37E0D7
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7249477889959952&output=html&adk=1812271804&adf=3025194257&lmt=1654125358&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fpowershelltutorial.net%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654125358846&bpp=1&bdt=2080&idt=0&shv=r20220526&mjsv=m202205260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da735115aefce5fb9-227d5ad1a3cd0060%3AT%3D1654125358%3ART%3D1654125358%3AS%3DALNI_MZ9P465s6CJatu0TT0M9buZovEvAA&prev_fmts=320x50%2C420x280%2C420x280&nras=1&correlator=1472136115649&frm=20&pv=1&ga_vid=1068015053.1654125358&ga_sid=1654125358&ga_hid=994296361&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531557%2C21066428%2C31067628%2C31067768%2C31060048&oid=2&psts=AGkb-H9c5xBcbXz5LixBYyRWY6pu6MIMRmTTcm731bezoaCGhHmwV-pLcAk4phEybjybrth5b-WSLIYIv_8C1uaB6Q%2CAGkb-H_bnU8oXCFC_5PC0hBIwm8rk7WkjhT0rISabT0RSi98YnMugg9ZWFUwhbJCkZho46S9JwGAsGMTZiq4Sz3WcQ&pvsid=1342139864712756&pem=808&tmod=1819196090&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&dtd=8
Frame ID: 6C546E699D3A73E781A84169B63F6ED7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7249477889959952&output=html&h=280&adk=3840153724&adf=3739818646&pi=t.aa~a.2138233492~rp.4&w=853&fwrn=4&fwrnh=100&lmt=1654125359&rafmt=1&to=qs&pwprc=6911098237&psa=1&format=853x280&url=https%3A%2F%2Fpowershelltutorial.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654125359068&bpp=2&bdt=2303&idt=2&shv=r20220526&mjsv=m202205260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da735115aefce5fb9-227d5ad1a3cd0060%3AT%3D1654125358%3ART%3D1654125358%3AS%3DALNI_MZ9P465s6CJatu0TT0M9buZovEvAA&prev_fmts=320x50%2C420x280%2C420x280%2C0x0&nras=2&correlator=1472136115649&frm=20&pv=1&ga_vid=1068015053.1654125358&ga_sid=1654125358&ga_hid=994296361&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=281&ady=1338&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531557%2C21066428%2C31067628%2C31067768%2C31060048&oid=2&psts=AGkb-H9c5xBcbXz5LixBYyRWY6pu6MIMRmTTcm731bezoaCGhHmwV-pLcAk4phEybjybrth5b-WSLIYIv_8C1uaB6Q%2CAGkb-H_bnU8oXCFC_5PC0hBIwm8rk7WkjhT0rISabT0RSi98YnMugg9ZWFUwhbJCkZho46S9JwGAsGMTZiq4Sz3WcQ&pvsid=1342139864712756&pem=808&tmod=1819196090&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=1&fsb=1&xpc=aYFxVC88sA&p=https%3A//powershelltutorial.net&dtd=17
Frame ID: 4ED2A01C8B9F75CAD2F153C67341F14E
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220526/r20110914/zrt_lookup.html?fsb=1
Frame ID: B0E79AB973DAB633877ADD063754AFCD
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20220531/r20110914/abg_lite_fy2021.js
Frame ID: D61107466CB846BED51BD4BC05D36B58
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C661EA3A19F86C9FEF015ABE37C43692
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3098EFA288A58A81C6A4E9D4721C7AA7
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: D28D922023504229E29414A2588810AA
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 3A15ED4A1B03E9DA5EE752EDEAF31CFD
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FBFCD0BD2BD9C04BC0B1B69C9C8E6981
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3C20A14B6235DE7651D8325320C30D5B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Windows PowerShell Tutorial for Beginners with examples

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

167
Requests

89 %
HTTPS

62 %
IPv6

22
Domains

36
Subdomains

30
IPs

6
Countries

4180 kB
Transfer

8004 kB
Size

20
Cookies

58 Outgoing links

These are links going to different origins than the main page.

URL: http://www.powershelltutorial.net/
Title: Poweshell Tutorial Online

Search URL Search Domain Scan URL

URL: http://www.powershelltutorial.net/PS-Script/index.aspx
Title: Tutorials

Search URL Search Domain Scan URL

URL: http://www.powershelltutorial.net/FileSystem/Powershell-With-FileSystem
Title: File System

Search URL Search Domain Scan URL

URL: http://www.powershelltutorial.net/Language/Powershell-Language-HowTo
Title: Learn PS

Search URL Search Domain Scan URL

URL: http://www.powershelltutorial.net/Scripting/index
Title: Scripting

Search URL Search Domain Scan URL

URL: http://www.powershelltutorial.net/technology/index
Title: PS With Technology

Search URL Search Domain Scan URL

URL: http://www.powershelltutorial.net/Commands/script/
Title: Commands

Search URL Search Domain Scan URL

URL: http://www.powershelltutorial.net/v3/
Title: V6

Search URL Search Domain Scan URL

URL: http://www.powershelltutorial.net/SysAdmin/
Title: Admin

Search URL Search Domain Scan URL

URL: http://www.powershelltutorial.net/ActiveDirectory/
Title: AD

Search URL Search Domain Scan URL

URL: http://www.powershelltutorial.net/questions/powershell-interview-questions/
Title: Questions

Search URL Search Domain Scan URL

URL: http://www.powershelltutorial.net/string/powershell-select-string
Title: String Operations

Search URL Search Domain Scan URL

URL: http://www.powershelltutorial.net/Ps-Script/index.aspx
Title: Tutorials

Search URL Search Domain Scan URL

URL: http://www.powershelltutorial.net/PS-Script/accessing-the-alias-drive-in-powershell-3.aspx
Title: Accessing the alias drive in powershell 3

Search URL Search Domain Scan URL

URL: http://www.powershelltutorial.net/PS-Script/adding-functions-to-the-powershell-ise-menu.aspx
Title: Adding functions to the powershell ise menu

Search URL Search Domain Scan URL

URL: http://www.powershelltutorial.net/PS-Script/basic-line-editing-tricks-powershell.aspx
Title: Basic line editing tricks powershell

Search URL Search Domain Scan URL

URL: http://www.powershelltutorial.net/PS-Script/breaking-down-a-powershell-script.aspx
Title: Breaking down a powershell script

Search URL Search Domain Scan URL

URL: http://www.powershelltutorial.net/PS-Script/casting-values-in-powershell.aspx
Title: Casting values in powershell

Search URL Search Domain Scan URL

URL: http://www.powershelltutorial.net/PS-Script/changing-powershells-look-and-feel.aspx
Title: Changing powershells look and feel

Search URL Search Domain Scan URL

URL: http://www.powershelltutorial.net/PS-Script/constant-and-read-only-variables.aspx
Title: Constant and read only variables

Search URL Search Domain Scan URL

URL: http://www.powershelltutorial.net/PS-Script/create-xml-variable-powershell.aspx
Title: Create xml variable powershell

Search URL Search Domain Scan URL

URL: http://www.powershelltutorial.net/PS-Script/creating-aliases-in-powershell.aspx
Title: Creating aliases in powershell

Search URL Search Domain Scan URL

URL: http://www.powershelltutorial.net/PS-Script/creating-and-changing-a-powershell-profile.aspx
Title: Creating and changing a powershell profile

Search URL Search Domain Scan URL

URL: http://www.powershelltutorial.net/PS-Script/creating-persistent-aliases-in-powershell.aspx
Title: Creating persistent aliases in powershell

Search URL Search Domain Scan URL

URL: http://www.powershelltutorial.net/PS-Script/customizing-the-ise-in-powershell.aspx
Title: Customizing-the-ise-in-powershell

Search URL Search Domain Scan URL

URL: http://www.powershelltutorial.net/PS-Script/deleting-aliases-in-powershell.aspx%3EDeleting-aliases-in-powershell%3C/a%3E%20%3C/li%3E%3Cli%3E%3Ca%20href=
Title: Download-file-website-powershell

Search URL Search Domain Scan URL

URL: http://www.powershelltutorial.net/PS-Script/getting-acquainted-with-the-ise.aspx
Title: Getting-acquainted-with-the-ise

Search URL Search Domain Scan URL

URL: http://www.powershelltutorial.net/PS-Script/getting-the-right-output-in-powershell.aspx
Title: Getting-the-right-output-in-powershell

Search URL Search Domain Scan URL

URL: http://www.powershelltutorial.net/PS-Script/getting-to-know-tab-expansion.aspx
Title: Getting-to-know-tab-expansion

Search URL Search Domain Scan URL

URL: http://www.powershelltutorial.net/PS-Script/growing-arrays-dynamically-in-powershell.aspx
Title: Growing-arrays-dynamically-in-powershell

Search URL Search Domain Scan URL

URL: http://www.powershelltutorial.net/PS-Script/handling-complex-powershell-scripts.aspx
Title: Handling-complex-powershell-scripts

Search URL Search Domain Scan URL

URL: http://www.powershelltutorial.net/PS-Script/hashtables-in-windows-powershell.aspx
Title: Hashtables-in-windows-powershell

Search URL Search Domain Scan URL

URL: http://www.powershelltutorial.net/PS-Script/how-to-impersonate-someone-in-powershell.aspx
Title: How-to-impersonate-someone-in-powershell

Search URL Search Domain Scan URL

URL: http://www.powershelltutorial.net/PS-Script/how-to-use-powershells-invoke-wmimethod.aspx
Title: How-to-use-powershells-invoke-wmimethod

Search URL Search Domain Scan URL

URL: http://www.powershelltutorial.net/PS-Script/installing-windows-powershell-2.aspx
Title: installing-windows-powershell-2

Search URL Search Domain Scan URL

URL: http://www.powershelltutorial.net/PS-Script/query-xml-data-powershell.aspx
Title: query-xml-data-powershell

Search URL Search Domain Scan URL

URL: http://www.powershelltutorial.net/PS-Script/stringing-powershell-commands-together-2.aspx
Title: Stringing-powershell-commands-together-2

Search URL Search Domain Scan URL

URL: http://www.powershelltutorial.net/PS-Script/understanding-automatic-variables-in-powershell.aspx
Title: Understanding-automatic-variables-in-powershell

Search URL Search Domain Scan URL

URL: http://www.powershelltutorial.net/PS-Script/understanding-if-else-statements-in-powershell.aspx
Title: Understanding-if-else-statements-in-powershell

Search URL Search Domain Scan URL

URL: http://www.powershelltutorial.net/PS-Script/understanding-powershell-commands.aspx
Title: Understanding-powershell-commands

Search URL Search Domain Scan URL

URL: http://www.powershelltutorial.net/PS-Script/understanding-powershell-operators.aspx
Title: Understanding-powershell-operators

Search URL Search Domain Scan URL

URL: http://www.powershelltutorial.net/PS-Script/understanding-powershell-variables-and-datatypes.aspx
Title: Understanding-powershell-variables-and-datatypes

Search URL Search Domain Scan URL

URL: http://www.powershelltutorial.net/PS-Script/understanding-the-windows-management-instrumentation-wmi-part-ii.aspx
Title: Understanding-the-windows-management-instrumentation-wmi-part-ii

Search URL Search Domain Scan URL

URL: http://www.powershelltutorial.net/PS-Script/understanding-the-windows-management-instrumentation-wmi.aspx
Title: Understanding-the-windows-management-instrumentation-wmi

Search URL Search Domain Scan URL

URL: http://www.powershelltutorial.net/PS-Script/using-loops-in-powershell-part-i.aspx
Title: Using-loops-in-powershell-part-i

Search URL Search Domain Scan URL

URL: http://www.powershelltutorial.net/PS-Script/using-loops-in-powershell-part-ii.aspx
Title: Using-loops-in-powershell-part-ii

Search URL Search Domain Scan URL

URL: http://www.powershelltutorial.net/PS-Script/using-loops-in-powershell-part-iii.aspx
Title: Using-loops-in-powershell-part-iii

Search URL Search Domain Scan URL

URL: http://www.powershelltutorial.net/PS-Script/using-loops-in-powershell-part-iv.aspx
Title: Using-loops-in-powershell-part-iv

Search URL Search Domain Scan URL

URL: http://www.powershelltutorial.net/PS-Script/using-loops-in-powershell-part-v.aspx
Title: Using-loops-in-powershell-part-v

Search URL Search Domain Scan URL

URL: http://www.powershelltutorial.net/PS-Script/using-pipelines-to-streamline-powershell-commands.aspx
Title: Using-pipelines-to-streamline-powershell-commands

Search URL Search Domain Scan URL

URL: http://www.powershelltutorial.net/PS-Script/using-regular-expressions-in-powershell-part-i.aspx
Title: Using-regular-expressions-in-powershell-part-i

Search URL Search Domain Scan URL

URL: http://www.powershelltutorial.net/PS-Script/using-the-switch-statement-in-powershell.aspx
Title: Using-the-switch-statement-in-powershell

Search URL Search Domain Scan URL

URL: http://www.powershelltutorial.net/PS-Script/working-binary-powershell.aspx
Title: Working-binary-powershell

Search URL Search Domain Scan URL

URL: http://www.powershelltutorial.net/PS-Script/working-with-powershell-objects-via-variables.aspx
Title: Working-with-powershell-objects-via-variables

Search URL Search Domain Scan URL

URL: http://www.powershelltutorial.net/PS-Script/writing-your-first-powershell-command.aspx
Title: Writing-your-first-powershell-command

Search URL Search Domain Scan URL

URL: http://www.powershelltutorial.net/home/Disclaimer/
Title: privacy policy

Search URL Search Domain Scan URL

URL: http://www.powershelltutorial.net/Home/disclaimer
Title: Disclaimer

Search URL Search Domain Scan URL

URL: http://www.powershelltutorial.net/sitemap.html
Title: sitemap

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOHWHtsJ7xXlQYc2LaJTW7g&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOHWHtsJ7xXlQYc2LaJTW7g&google_cver=1&C=1

Request Chain 42

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YpfzLo7J7Du3QgK2tN7yrwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENgBbwW9PgPM_13ss5f4Doc&google_cver=1

Request Chain 43

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEENrZ5IcIMperqUDq5hVTtw&google_cver=1

Request Chain 44

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTU4NTk1ODEyMDk0Nzc3NjQxOQ%3D%3D

Request Chain 45

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHT7CmJBHdzRRhiRY4DICIc&google_cver=1

Request Chain 47

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEK48azteIFmCYxGkfDLwN1Y&google_cver=1

Request Chain 85

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1988243107&utmhn=powershelltutorial.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Windows%20PowerShell%20Tutorial%20for%20Beginners%20with%20examples&utmhid=994296361&utmr=-&utmp=%2F&utmht=1654125358897&utmac=UA-39345382-1&utmcc=__utma%3D149908535.1068015053.1654125358.1654125358.1654125358.1%3B%2B__utmz%3D149908535.1654125359.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=952446340&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAQAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-39345382-1&cid=1068015053.1654125358&jid=952446340&_v=5.7.2&z=1988243107 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-39345382-1&cid=1068015053.1654125358&jid=952446340&_v=5.7.2&z=1988243107 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-39345382-1&cid=1068015053.1654125358&jid=952446340&_v=5.7.2&z=1988243107&slf_rd=1&random=4153357481

Request Chain 118

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPIiMCuT9Sr7Ht8B3Zu5CoGo9NNpJDsS1o1D5XcU7QHQ2czEfGAJq3hP_GRghWT-A5xPKsZHA_bFdBO3Y48X_bTTWvWpBsPZ&google_gid=CAESEBK8JEuG7G23b_Cl8dSA9Ys&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCK_m35QGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BWWc1cVBJaU1DdVQ5U3I3SHQ4QjNadTVDb0dvOU5OcEpEc1MxbzFENVhjVTdRSFEyY3pFZkdBSnEzaFBfR1JnaFdULUE1eFBLc1pIQV9iRmRCTzNZNDhYX2JUVFd2V3BCc1Ba HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwc3I1NFJvb09mcTZWSmtacWlyYnF4aXdGX2VseHRjcld4Qm5EbGRWRUlFSQ==&google_push

Request Chain 121

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEnHpXYWMepOttrYqW55GJQ&google_cver=1&google_push=AYg5qPK_6npxPQG5BuIhpvJGLJAHA6mG3u0LoPm7ic2Bp9wJVlijBoIelnCZHBCHszrBinfX3Xa0lmOuIiAsAS8o54mndqFyOHCd HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEnHpXYWMepOttrYqW55GJQ&google_cver=1&google_push=AYg5qPK_6npxPQG5BuIhpvJGLJAHA6mG3u0LoPm7ic2Bp9wJVlijBoIelnCZHBCHszrBinfX3Xa0lmOuIiAsAS8o54mndqFyOHCd&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=VzOZgSecQ0yIg3QOoLssrw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPK_6npxPQG5BuIhpvJGLJAHA6mG3u0LoPm7ic2Bp9wJVlijBoIelnCZHBCHszrBinfX3Xa0lmOuIiAsAS8o54mndqFyOHCd

Request Chain 122

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDUnHfQQ-sUjUtouSFzBVk8&google_cver=1&google_push=AYg5qPL8WkWpLUcP6t4WnZcSlIYi0IkwWjFIHUP_4rIktiSI8VTJSaRRizaFG52CONktqt-nyhvhyH5cw6HeE69IzfBEb4Gz5Ok HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNXN0ozVDEtMjAtRjgzVA==&google_push=AYg5qPL8WkWpLUcP6t4WnZcSlIYi0IkwWjFIHUP_4rIktiSI8VTJSaRRizaFG52CONktqt-nyhvhyH5cw6HeE69IzfBEb4Gz5Ok

Request Chain 123

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECAqrQiVqm9UK6SlhIVxOCw&google_cver=1&google_push=AYg5qPLLiZKM9tpR-LVoh3b-mUCfhQr4kLqq30Efm2l1UvHY60NNJGv1-T02BmoPuJezQqvk7dT8rQu-X1vBNPxMMiE1F9hSe9ku HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YpfzLo7J7Du3QgK2tN7yrwAABHYAAAAB&google_push=AYg5qPLLiZKM9tpR-LVoh3b-mUCfhQr4kLqq30Efm2l1UvHY60NNJGv1-T02BmoPuJezQqvk7dT8rQu-X1vBNPxMMiE1F9hSe9ku&google_gid=CAESECAqrQiVqm9UK6SlhIVxOCw&google_cver=1

Request Chain 139

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEPxK2qz7b4DxKHRpLhFl5sY&google_cver=1&google_push=AYg5qPIpiKRp3-YexVQ6cJlBVwGazj4049Shk8rzU61hrhqETYNK2halvrUVjqKoYkZTWj6PT6xACCpYSniZqMH_B4uSFFm8n2M HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPIpiKRp3-YexVQ6cJlBVwGazj4049Shk8rzU61hrhqETYNK2halvrUVjqKoYkZTWj6PT6xACCpYSniZqMH_B4uSFFm8n2M&google_hm=cQDE9MNdT48HoUgUJJzcjA

Request Chain 140

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPKajU5NfjYGz91m81sYY2cddiAkReq52uBNhFfJ27xFgMZiZCUssRP0P7ewMgcZlCAb0bVjPVfzJi8pebRbu-mEkafAYOI&google_gid=CAESEFDZ_7zh7lo7fxr4Vn3HODk&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXBmekx3QUFCRnZGRERmWA&google_push=AYg5qPKajU5NfjYGz91m81sYY2cddiAkReq52uBNhFfJ27xFgMZiZCUssRP0P7ewMgcZlCAb0bVjPVfzJi8pebRbu-mEkafAYOI

Request Chain 143

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEnHpXYWMepOttrYqW55GJQ&google_cver=1&google_push=AYg5qPIgrsGefwnyVHYf8GGSJfo8TdjMnk-amv1M6O9e8Bump5jqoctEMB1gzsoAwIg4FDdVaLkzpEtVqhS-KPRfarc8UZQVYHs HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEnHpXYWMepOttrYqW55GJQ&google_cver=1&google_push=AYg5qPIgrsGefwnyVHYf8GGSJfo8TdjMnk-amv1M6O9e8Bump5jqoctEMB1gzsoAwIg4FDdVaLkzpEtVqhS-KPRfarc8UZQVYHs&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=VdcIFUHASoqCq_bj3Jxe2w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIgrsGefwnyVHYf8GGSJfo8TdjMnk-amv1M6O9e8Bump5jqoctEMB1gzsoAwIg4FDdVaLkzpEtVqhS-KPRfarc8UZQVYHs

Request Chain 144

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDUnHfQQ-sUjUtouSFzBVk8&google_cver=1&google_push=AYg5qPIzBIFet6Dv6Mhvmncwpv3HQxuNO8eGfV9JY5jdeRxQRQTf60X0LvNP_OYkLx6wF4krY4jJTTWIHqj9-Xn3AqDLScFfvqs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNXN0ozVEMtMVEtQTJWRQ==&google_push=AYg5qPIzBIFet6Dv6Mhvmncwpv3HQxuNO8eGfV9JY5jdeRxQRQTf60X0LvNP_OYkLx6wF4krY4jJTTWIHqj9-Xn3AqDLScFfvqs

Request Chain 145

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECAqrQiVqm9UK6SlhIVxOCw&google_cver=1&google_push=AYg5qPJBJsaSlX9pc4x9QqhvF1SoNNZBBE1osupgA98cVbfendGhfSwnYDXaAskEq82KJtrZb9qGplUkMWeA6nvwkFCgv-vNcRk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YpfzLo7J7Du3QgK2tN7yrwAABHYAAAAB&google_cver=1&google_gid=CAESECAqrQiVqm9UK6SlhIVxOCw&google_push=AYg5qPJBJsaSlX9pc4x9QqhvF1SoNNZBBE1osupgA98cVbfendGhfSwnYDXaAskEq82KJtrZb9qGplUkMWeA6nvwkFCgv-vNcRk

Request Chain 148

https://gcdn.2mdn.net/videoplayback/id/820af5fca6f1a1cd/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1685661359/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/3154D153C864D0871576E2D73949918F70EE2C9B.78169872160F1D5B9333E58DF99BBE32A46D9071/key/ck2/file/file.mp4 HTTP 302
https://r4---sn-4g5ednds.c.2mdn.net/videoplayback/id/820af5fca6f1a1cd/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1685661359/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/3FA77AB26DD3AD6521DD773E779CBEBBA7E2665D.5E2F61A1D5ADDD592C2271669D7A868F26EF4BFA/key/cms1/cms_redirect/yes/mh/Bn/mip/2001:ac8:20:3d00:1011:ffcc:1941:7332/mm/42/mn/sn-4g5ednds/ms/onc/mt/1654124922/mv/m/mvi/4/pl/49/file/file.mp4

Request Chain 151

https://gcdn.2mdn.net/videoplayback/id/820af5fca6f1a1cd/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1685661359/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/A692D7A7BE225FB297BFA89367D6244C5FC407C9.3E936EE569D179512827FF367DBE4BF21418A669/key/ck2/file/file.mp4 HTTP 302
https://r4---sn-4g5ednds.c.2mdn.net/videoplayback/id/820af5fca6f1a1cd/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1685661359/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/21FC00AA04AD003F7F2C69CE5E3EAA5FAD3E59EE.020FD47135A2C136BCDB1D9A3A4AF25598342F11/key/cms1/cms_redirect/yes/mh/Bn/mip/2001:ac8:20:3d00:1011:ffcc:1941:7332/mm/42/mn/sn-4g5ednds/ms/onc/mt/1654124922/mv/m/mvi/4/pl/49/file/file.mp4

167 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
powershelltutorial.net/ 35 KB
9 KB 412ms
342ms Document
text/html 2606:4700:3033::ac43:adc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://powershelltutorial.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:adc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: a05504d6a8d2d02891d360f6d0e54cf1332513382102951f2a1080fac0f948e3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 714ba775a9025a19-MXP
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 01 Jun 2022 23:15:56 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JDLrh6fIMfzkSjlsC4FcXV0Waa0sscPSTe%2FfyXtdePG0Zkd4m1iQURpwgGzYsF5d%2BW1NivCPLHl8WuHIDK8xqrv73F%2F5L%2FuRNg%2B%2BYyumeTpefj5jy9xueqp%2Fs0YvcGRTAnscFlfihVmW1IsKkpg4mIEY2WRH"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 4.0
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin

GET
H2 200 bootstrap.min.css
powershelltutorial.net/Content/ 139 KB
22 KB 1250ms
1245ms Stylesheet
text/css 2606:4700:3033::ac43:adc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://powershelltutorial.net/Content/bootstrap.min.css
Requested by: Host: powershelltutorial.net
URL: https://powershelltutorial.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:adc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 3c2b31ee53b21a1c869b3b0ee4c197873c15e94a4d4e535fd69e95eb0d82a694

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://powershelltutorial.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 23:15:58 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-powered-by-plesk: PleskWin
last-modified: Sun, 28 Oct 2018 17:30:07 GMT
server: cloudflare
etag: W/"4cc3e9dee36ed41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MKuBRPzVFwQfkOge82MWNQN0Bao%2B3TqUSLE%2BWmH6Z%2BOQ353zt%2F2JEgHVM77lXX1BVF4gG02ow5kqwwFsfLGnVPvX%2BKKQqKeZ%2B2NQZBicCXfYRWKqeCbfqYEPIuLvctSxlYMyOiPlE0T6twu%2F8AIEOkN70jEc"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 714ba777ed5a5a19-MXP

GET
H2 200 eftstyle.css
powershelltutorial.net/Content/ 23 KB
6 KB 890ms
887ms Stylesheet
text/css 2606:4700:3033::ac43:adc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://powershelltutorial.net/Content/eftstyle.css
Requested by: Host: powershelltutorial.net
URL: https://powershelltutorial.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:adc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 3323a115aa882d119d3be8154735c3d130d7e2d6715401571f1a7e844ce11545

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://powershelltutorial.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 23:15:57 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-powered-by-plesk: PleskWin
last-modified: Sun, 28 Oct 2018 17:30:10 GMT
server: cloudflare
etag: W/"449753e0e36ed41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0A3fAA17MUj7zneb4kWaTJS930NAeCTfy0GCKOmJyBsJ4f%2FdXY15Dt4EpZa9fPw8mJqFgp4lNFdiXF24%2Bty6BriHJDLqTvnS4hjkKlDF07Q%2FZoGV%2FcxXxel3sQCkYQQGdKFHgRbzUGNXjxA8dJhStkdEhe3G"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 714ba777ed5d5a19-MXP

GET
H2 200 csharp.css
powershelltutorial.net/Content/ 2 KB
1 KB 464ms
461ms Stylesheet
text/css 2606:4700:3033::ac43:adc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://powershelltutorial.net/Content/csharp.css
Requested by: Host: powershelltutorial.net
URL: https://powershelltutorial.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:adc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d3bebabe54b334e816823bd5dae6a446a9b469cc95a1bde67fe393e2b8ea12bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://powershelltutorial.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 23:15:57 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-powered-by-plesk: PleskWin
last-modified: Sun, 28 Oct 2018 17:30:08 GMT
server: cloudflare
etag: W/"fa211edfe36ed41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h1mkGY41WoOTL8PrPO8xDMiJ6FAe%2B7w4H%2BEpxZZzzMsBGiFx%2BLjmaqaZO0bFf%2F3htUclMDMhlLO4qmQ2IPKt7DmWsF5E1O6yjnL36WVElw%2Bw5GTlQLy9sxtTz7Sva8ugseCSkWtVY4CO9Ssdn%2F8dSCEjK11u"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 714ba777ed5e5a19-MXP

GET
H2 200 font-awesome.min.css
powershelltutorial.net/Content/ 30 KB
7 KB 886ms
883ms Stylesheet
text/css 2606:4700:3033::ac43:adc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://powershelltutorial.net/Content/font-awesome.min.css
Requested by: Host: powershelltutorial.net
URL: https://powershelltutorial.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:adc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://powershelltutorial.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 23:15:57 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-powered-by-plesk: PleskWin
last-modified: Sun, 28 Oct 2018 17:30:11 GMT
server: cloudflare
etag: W/"c6d429e1e36ed41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zj3tP9LqVPejKI6wik91JivpsHZBZVP7u%2BtuGsCxEqkKWa4i06VhsFekmff7yNlPalWUuO3ZhSTflxl2wR%2BShCvMorxEARM2NhjuJDg3V2kmhh46G2m%2BDQVeZ4p8PyOsgQgrd0MW9Jx%2BVGvtE3RRk%2B490a9w"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 714ba777ed5f5a19-MXP

GET
H2 200 all.css
use.fontawesome.com/releases/v5.3.1/css/ 48 KB
11 KB 507ms
445ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.3.1/css/all.css
Requested by: Host: powershelltutorial.net
URL: https://powershelltutorial.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 604dcf1f11698655f75046bb92f98aaa9477e1c16b01c5fc415e78794393ffb9

Request headers

Referer: https://powershelltutorial.net/
Origin: https://powershelltutorial.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 23:15:57 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 5GS2SQFFZBKYZC4Z
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: MgKRHnrhNSC7+E7xpmG7lDMgQVw6Vu4k9tDdHXY3+1QxQ/FjX2s0718spgA6G1T6WHDqab6IhIs=
last-modified: Wed, 30 Jun 2021 15:42:14 GMT
server: cloudflare
etag: W/"10519cfd3206802f58315b877a9beab5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mkbUwErPCVfwCfYx0HMnwwIKjo4jssZMLRmwT0nw4a54EApHy3Uw%2BGmnPGzee45Yce3b66UWXZMMg0VJv2G4zOfS%2BXEoi7%2BlV2dPy53a8%2FQMJpFyNWkJfExBczDy6yuvNDMEeHKAOD1YCJ5sjtdVqKvI"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 714ba7784b9f599b-MXP

GET
H2 200 jquery.min.js Show response
powershelltutorial.net/Scripts/ 102 KB
33 KB 1223ms
1222ms Script
application/javascript 2606:4700:3033::ac43:adc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://powershelltutorial.net/Scripts/jquery.min.js
Requested by: Host: powershelltutorial.net
URL: https://powershelltutorial.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:adc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: fad84131cb4accb04cb2f709e6047b2fe2862e7a0d62df7ca2e053d2a4e5d034

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://powershelltutorial.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 23:15:57 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-powered-by-plesk: PleskWin
last-modified: Sun, 28 Oct 2018 17:29:45 GMT
server: cloudflare
etag: W/"413662d1e36ed41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XXS6O3%2Bn46jbZuxxVANP2B873dkPFhl%2FzsdcMbZsplxkJHZZULi6v27oJEoWdhkm3T6w5BsbCRRdIrcKngKkOUUu3YGIKQA0YR5ZeMPycBkQjWMfffRx2jWz3hkuJG2xosTlCpCoXms80vB5M9RPOQyVSexa"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 714ba777ed615a19-MXP

GET
H3 200 logo2.png
powershelltutorial.net/images/ 2 KB
3 KB 345ms
344ms Image
image/png 2606:4700:3033::ac43:adc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://powershelltutorial.net/images/logo2.png
Requested by: Host: powershelltutorial.net
URL: https://powershelltutorial.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:adc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 087e39a2d9e83d5341b3fbf8e7add03a6cffde9ae84dee680535c196ce2b1072

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://powershelltutorial.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 23:15:58 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2075
x-powered-by-plesk: PleskWin
last-modified: Sat, 21 Mar 2015 13:12:12 GMT
server: cloudflare
etag: "2a3be1a4d863d01:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lAgcHDm%2BI31m0psSGBEio7BW54CTh2zk9sq8Ih8DIr7gKMq36Jvsa987IPGwMaWFygSnkDo1SE2wu3SJOSO43LqlNMlJuAwl03qwG1a9clfRhqIbdcVGOu5T0EMHogxHWaZWVLaWKmL9FSoOZozpgYPRsOSV"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 714ba77fdff483b2-MXP

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 160 KB
55 KB 71ms
38ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: powershelltutorial.net
URL: https://powershelltutorial.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

67d10aea8992d9283c084bae0f10a2faba5a1126a2148a0012de871b1f4654da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://powershelltutorial.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 23:15:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56253
x-xss-protection: 0
server: cafe
etag: 1632540511164059691
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 01 Jun 2022 23:15:58 GMT

GET
H3 200 Get-member-help.png
powershelltutorial.net/Images/Home/ 161 KB
162 KB 644ms
644ms Image
image/png 2606:4700:3033::ac43:adc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://powershelltutorial.net/Images/Home/Get-member-help.png
Requested by: Host: powershelltutorial.net
URL: https://powershelltutorial.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:adc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c5b4f5c17aecbca4f455d898a1ea9df67ed92d89f6c7db2b60b5395bc28eaba2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://powershelltutorial.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 23:15:58 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 164790
x-powered-by-plesk: PleskWin
last-modified: Sun, 21 Sep 2014 11:26:38 GMT
server: cloudflare
etag: "28c58de88ed5cf1:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ipUFa%2FR7vft0praLGCGrgq9npLNPTvclrrbEca0KpCrybDDjgQKhA3WIgFurOZlQ5jrDbgT8ClfAbXLA0pxwWN1eD2CHIUJuEl0BkGCfeSDOvPBaV%2BA7grVy9uHtO1xoyeQXkEl7GniYkEozcz%2BqY%2BaNGXtJ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 714ba77fdff883b2-MXP

GET
H3 200 Windows-PowerShell-Home-Page.png
powershelltutorial.net/Images/powershell/ 74 KB
75 KB 677ms
676ms Image
image/png 2606:4700:3033::ac43:adc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://powershelltutorial.net/Images/powershell/Windows-PowerShell-Home-Page.png
Requested by: Host: powershelltutorial.net
URL: https://powershelltutorial.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:adc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 4912e55ddf4b962580e28f4b50461c1310d98f68ecda8c6598911185564e4125

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://powershelltutorial.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 23:15:58 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 75951
x-powered-by-plesk: PleskWin
last-modified: Sun, 21 Sep 2014 09:25:55 GMT
server: cloudflare
etag: "645c68b7ed5cf1:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rcatIyu41pB2YfU%2FjExGePlssmQaTedKxHBXVcMjIhvHW5%2FBJQcufZtPVKwo%2BkbDb6YhblyS1h1SPSMaFKaGBMOeRCR1qqx8HyrqSqzMzqgbv9Gt%2ByqdGVR397DCP8wKB56U7BXfR%2BB62aqwPYkLWfszXv43"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 714ba77fdffc83b2-MXP

GET
H3 200 email-decode.min.js Show response
powershelltutorial.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 19ms
18ms Script
application/javascript 2606:4700:3033::ac43:adc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://powershelltutorial.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: powershelltutorial.net
URL: https://powershelltutorial.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::ac43:adc9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://powershelltutorial.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 23:15:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 27 May 2022 19:22:11 GMT
server: cloudflare
etag: W/"629124e3-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ml80zRsEcEmrId2hyBZHpymkz0NgFN1m9Bd06diMXjuyp2eQXmynl%2FjWUnOtkME8ixW613dI4yEz%2BsbDey3467m%2BhjEbSd0QHvNrxTFtdhLLiLpNHS4aVVKoYmG8uHkQBWoRyWnawsnEsqktdelRZjrUdyh2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 714ba77fbfa483b2-MXP
vary: Accept-Encoding
expires: Fri, 03 Jun 2022 23:15:58 GMT

GET
H3 200 bootstrap.min.js Show response
powershelltutorial.net/Scripts/ 48 KB
14 KB 723ms
723ms Script
application/javascript 2606:4700:3033::ac43:adc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://powershelltutorial.net/Scripts/bootstrap.min.js
Requested by: Host: powershelltutorial.net
URL: https://powershelltutorial.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:adc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 24dcae4f742c60177278ac4a0709c624026200259ca30d938e136bb881453cc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://powershelltutorial.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 23:15:58 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-powered-by-plesk: PleskWin
last-modified: Sun, 28 Oct 2018 17:29:15 GMT
server: cloudflare
etag: W/"89f8e6bfe36ed41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=THxEdoWhfU0%2ByovcazH3pOPad6l%2Ft5rQe9wUbdfIBLgEmbJB5X1BZz9W8Ru1FYdisTYNIb6Pzgf2%2BBCLM6fyHJPixXElgJ0Afm4umFCZp2wsPVhSdNC6L04%2FmoRe5BmRvHt%2BsZUj1dM7mCtqlz1fnIYXR4yx"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 714ba77fcfb283b2-MXP

GET
H3 200 eftGeneralScript.js Show response
powershelltutorial.net/Scripts/ 1 KB
1 KB 346ms
346ms Script
application/javascript 2606:4700:3033::ac43:adc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://powershelltutorial.net/Scripts/eftGeneralScript.js
Requested by: Host: powershelltutorial.net
URL: https://powershelltutorial.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:adc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2c986bc4fd9ff95bb30e427ee7238b2d515dc08d38874d1522b278bd7812a1a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://powershelltutorial.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 23:15:58 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-powered-by-plesk: PleskWin
last-modified: Sun, 28 Oct 2018 17:29:15 GMT
server: cloudflare
etag: W/"1f996bfe36ed41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xMC0PG%2Fd695SJ2zPFRW5L8fR2dwh9miSRZQrUBbkRTPGdQdf5fc5T%2FAA50DLRAF0M%2FTS4IpKOsCjBEFPCg5z%2Flo15SB0lSMX1pmugcjIavRGQy7r%2BiCVeRWaBVaOb84nzBCcV7xOFcw2L%2FEWiKm9zv3h90VF"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 714ba77fdff183b2-MXP

GET
H2 200 css
fonts.googleapis.com/ 10 KB
1 KB 50ms
15ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,700|Roboto:300,400,500,700

Requested by

Host: powershelltutorial.net
URL: https://powershelltutorial.net/Content/eftstyle.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7a88c732ccd26f96f6d93945118cb01afe8b13d0ddc3d274a8eb500e78657b6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://powershelltutorial.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 22:39:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 01 Jun 2022 23:15:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 01 Jun 2022 23:15:57 GMT

GET
H3 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.3.1/webfonts/ 66 KB
67 KB 504ms
483ms Font
font/woff2 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.3.1/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.3.1/css/all.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca3ea16761b7d443c64cfd99dd1cf8aa84790a25bb4709582935956fe71d014d

Request headers

Referer: https://use.fontawesome.com/releases/v5.3.1/css/all.css
Origin: https://powershelltutorial.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 23:15:58 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: A9CVAJWWJY2HBKTA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 67400
x-amz-id-2: XuzMqnRquU42bPm5bny3x/vwhbM3tQod3sWp8v3eyaTmCkudJehIgdSb3TTCmcVnoOhmlgq1joc=
last-modified: Wed, 30 Jun 2021 15:42:33 GMT
server: cloudflare
etag: "14a08198ec7d1eb96d515362293fed36"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kl30%2BWN0zWzASgB9EB76qnhaUw1NMG51oFUUxKUKMTCNG3neWG52P9c8zg5mfUzuatF1Oec1xOv05pRGPYKw4MJPeYNgNdTSIbTa4QLi5iZn9nA5cf%2Bj410rptaxskGTDUqxKzpUfoSO7pj%2BSHknr3Bf"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 714ba7800e850f56-MXP

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 28ms
8ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700|Roboto:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://powershelltutorial.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 11:47:17 GMT
x-content-type-options: nosniff
age: 214121
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 May 2023 11:47:17 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 17ms
7ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700|Roboto:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://powershelltutorial.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 11:07:47 GMT
x-content-type-options: nosniff
age: 216491
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 May 2023 11:07:47 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 18ms
15ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700|Roboto:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://powershelltutorial.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 17:08:09 GMT
x-content-type-options: nosniff
age: 108469
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 May 2023 17:08:09 GMT

GET
H2 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 21ms
18ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700|Roboto:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://powershelltutorial.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 17:12:19 GMT
x-content-type-options: nosniff
age: 108219
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23236
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:04:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 May 2023 17:12:19 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 16ms
13ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700|Roboto:300,400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://powershelltutorial.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 12:43:04 GMT
x-content-type-options: nosniff
age: 210774
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 May 2023 12:43:04 GMT

GET
H3 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 21ms
7ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,700|Roboto:300,400,500,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://powershelltutorial.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 17:08:09 GMT
x-content-type-options: nosniff
age: 108469
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 May 2023 17:08:09 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205260101/ 320 KB
114 KB 48ms
34ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205260101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7249477889959952&plah=powershelltutorial.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

030d724f8976851e0d93229fe0a941d7946f47aaddc36ec8b04c4f5eb4e3cacc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://powershelltutorial.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 23:15:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116404
x-xss-protection: 0
server: cafe
etag: 10362601789949162776
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 01 Jun 2022 23:15:58 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220526/r20190131/ Frame F676 10 KB
5 KB 33ms
6ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220526/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db3985c4d5ae08ac22f3958d29da53f4edcd150439f74c668074c65ea0981da6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://powershelltutorial.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 70810
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4402
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 01 Jun 2022 03:35:48 GMT
etag: 1327746537699501093
expires: Wed, 15 Jun 2022 03:35:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 226 B
650 B 35ms
14ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=powershelltutorial.net&callback=_gfp_s_&client=ca-pub-7249477889959952

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205260101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7249477889959952&plah=powershelltutorial.net

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

43331fd5b8aafda7bd6f687b64b6a6078e481ff97dcdba174ad9c348ea9fbc3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://powershelltutorial.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 23:15:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 206
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 88ms
17ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=powershelltutorial.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://powershelltutorial.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 01 Jun 2022 23:15:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 49ms
15ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=powershelltutorial.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://powershelltutorial.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 01 Jun 2022 23:15:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6772 436 B
236 B 191ms
177ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7249477889959952&output=html&h=50&slotname=9602653203&adk=3525354311&adf=781818832&pi=t.ma~as.9602653203&w=320&lmt=1654125358&psa=0&format=320x50&url=https%3A%2F%2Fpowershelltutorial.net%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654125358143&bpp=2&bdt=1377&idt=78&shv=r20220526&mjsv=m202205260101&ptt=9&saldr=aa&abxe=1&correlator=1472136115649&frm=20&pv=2&ga_vid=1068015053.1654125358&ga_sid=1654125358&ga_hid=994296361&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=265&ady=123&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531557%2C21066428%2C31067628%2C31067768%2C31060048&oid=2&pvsid=1342139864712756&pem=808&tmod=1819196090&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=ALXRTHu72i&p=https%3A//powershelltutorial.net&dtd=93

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

378533748874b10615066a7b8d3574a0bf490dfd451babfd1e743861d4c964e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://powershelltutorial.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 01 Jun 2022 23:15:58 GMT
expires: Wed, 01 Jun 2022 23:15:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6446 14 KB
8 KB 151ms
148ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7249477889959952&output=html&h=280&slotname=6390426371&adk=1865869767&adf=404996203&pi=t.ma~as.6390426371&w=420&fwrn=4&fwrnh=100&lmt=1654125358&rafmt=1&psa=0&format=420x280&url=https%3A%2F%2Fpowershelltutorial.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654125358146&bpp=2&bdt=1381&idt=97&shv=r20220526&mjsv=m202205260101&ptt=9&saldr=aa&abxe=1&prev_fmts=320x50&correlator=1472136115649&frm=20&pv=1&ga_vid=1068015053.1654125358&ga_sid=1654125358&ga_hid=994296361&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1165&ady=350&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531557%2C21066428%2C31067628%2C31067768%2C31060048&oid=2&pvsid=1342139864712756&pem=808&tmod=1819196090&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=JT9mOeo1EK&p=https%3A//powershelltutorial.net&dtd=102

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6ef43538ed462a24508667aac5cb10fdea5cb3cd7f599db5dbd4efbbf967d181

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://powershelltutorial.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 7860
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 01 Jun 2022 23:15:58 GMT
expires: Wed, 01 Jun 2022 23:15:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0AD1 14 KB
8 KB 178ms
178ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7249477889959952&output=html&h=280&slotname=6390426371&adk=1865869767&adf=3343277370&pi=t.ma~as.6390426371&w=420&fwrn=4&fwrnh=100&lmt=1654125358&rafmt=1&psa=0&format=420x280&url=https%3A%2F%2Fpowershelltutorial.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654125358148&bpp=1&bdt=1382&idt=103&shv=r20220526&mjsv=m202205260101&ptt=9&saldr=aa&abxe=1&prev_fmts=320x50%2C420x280&correlator=1472136115649&frm=20&pv=1&ga_vid=1068015053.1654125358&ga_sid=1654125358&ga_hid=994296361&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1165&ady=646&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531557%2C21066428%2C31067628%2C31067768%2C31060048&oid=2&pvsid=1342139864712756&pem=808&tmod=1819196090&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=NGQlIlkiox&p=https%3A//powershelltutorial.net&dtd=106

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb0ac836ac4cfbeff718f9ef001def36f87377698a2cdf5bb241b54e6e7f1aa4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://powershelltutorial.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 7866
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 01 Jun 2022 23:15:58 GMT
expires: Wed, 01 Jun 2022 23:15:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6446 42 B
63 B 40ms
39ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DZ2dtIT2ILBoStcE3Al1dOOXRB-cTy3fLx0uS6UpbHTl_HGFPM6vt7iRouso8zGIwucymtegPXv0S1piUjp85FzhBmXaIhQvvIKy9tVaR-v3Kobsc

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7249477889959952&output=html&h=280&slotname=6390426371&adk=1865869767&adf=404996203&pi=t.ma~as.6390426371&w=420&fwrn=4&fwrnh=100&lmt=1654125358&rafmt=1&psa=0&format=420x280&url=https%3A%2F%2Fpowershelltutorial.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654125358146&bpp=2&bdt=1381&idt=97&shv=r20220526&mjsv=m202205260101&ptt=9&saldr=aa&abxe=1&prev_fmts=320x50&correlator=1472136115649&frm=20&pv=1&ga_vid=1068015053.1654125358&ga_sid=1654125358&ga_hid=994296361&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1165&ady=350&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531557%2C21066428%2C31067628%2C31067768%2C31060048&oid=2&pvsid=1342139864712756&pem=808&tmod=1819196090&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=JT9mOeo1EK&p=https%3A//powershelltutorial.net&dtd=102

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Jun 2022 23:15:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220531/r20110914/client/ Frame 6446 3 KB
1 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220531/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 23:01:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 845
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Jun 2022 23:01:53 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6446 138 KB
43 KB 52ms
17ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9d9b988af19b056f61b0e5d1109acf50936f85cbd450985f803eee206563aed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 23:15:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43440
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1654082998712738"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 01 Jun 2022 23:15:58 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220531/r20110914/client/ Frame 6446 17 KB
8 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220531/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e40cd2f9b3804c4c981db3e8a482687e3a455d780e7b305a5c598809920bcab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 23:04:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 672
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7351
x-xss-protection: 0
server: cafe
etag: 330450436367057301
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Jun 2022 23:04:46 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame EFFD 624 B
300 B 18ms
18ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COyovN8CEOWWpfsCGIn85sYBMAE&v=APEucNWSa-GuhMjQMtpJupigQirYYvcuW6CjPGuacDNu9Znvb32ByyTuhL-PZbVvGxhdnoY0ATaWK7m3SZQxKuUnN9PJPaan6jq29JdssCf3w6UHmVg2RQ8V9xrgLfYBs4iWPi5rMd4AXHElyYS6FbXIOlCRFONW1r4oTIwztHKMpxcUqUJQ420

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7249477889959952&output=html&h=280&slotname=6390426371&adk=1865869767&adf=404996203&pi=t.ma~as.6390426371&w=420&fwrn=4&fwrnh=100&lmt=1654125358&rafmt=1&psa=0&format=420x280&url=https%3A%2F%2Fpowershelltutorial.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654125358146&bpp=2&bdt=1381&idt=97&shv=r20220526&mjsv=m202205260101&ptt=9&saldr=aa&abxe=1&prev_fmts=320x50&correlator=1472136115649&frm=20&pv=1&ga_vid=1068015053.1654125358&ga_sid=1654125358&ga_hid=994296361&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1165&ady=350&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531557%2C21066428%2C31067628%2C31067768%2C31060048&oid=2&pvsid=1342139864712756&pem=808&tmod=1819196090&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=JT9mOeo1EK&p=https%3A//powershelltutorial.net&dtd=102
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 01 Jun 2022 23:15:58 GMT
expires: Wed, 01 Jun 2022 23:15:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 6446 85 KB
33 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CsRjy-92axH-Lg_eYX0XOi9H_I0DOUOxp70PWHgVoHivRg81dQ2K17CMRmePrOOSPBlfN7nPix_jKYaZLtRE-jwxrCih1FFmDHhtu32HXNfBjFYabSYHRNo7GiXbK0B7uvbMvd7b-PvGcf5ROkiTydjNoZqA&dbm_d=AKAmf-BM1e-IaQE7mQjeAKGBmzIc2A0zrPGx1ZiogzV6MemT195uSZz79GBugrsji5x8EIOEyMeGcLpCh0Q4uexrLl62KgKVdQiygoZPCQRHsijsbAi9yFTWwx-ZviZDyZKBoE6mWxZK3fDCPzSM3gcMIEcdn2f-CvZ2SDqAAFUEA9zYcWOTrBZ54f2peJX1ixYC75o8D00_doR183t7gtd2uzGnNhP1uS21YoGgVLIUQigpYAXp0nY8B7SSGgkZfLvzif8g6D67ewf2sI9L1PqdqSXij5mnbixTlZwasaRoRmO2jPU5ZEllfApaAp4YF8BKhgZ1VR2xpfez9wn6dNDytTmD-tHvDL9a5I8sMRWgTkQLZ9hNIv4mkFKfDnhoDKZmq96iKhDfGGi679hDb9epTz-M2Tlya0GmIjwg2NK8EKz4VLCl4GLTF_CE5ospQqnKugdLJHtqFZql48RPcTq9kPsSXzRn8qjS37a9T64UKAzODO7jcKQ-mCbN6jzNwU9ZmmMs2Ycl15j8PxOgWKKb1d-Gx935G6WlV4xAWFGMDBlR0wKNOEr54746nrF6DffkgrU95kAQb5txDhIVVyf_aGKW6i_RjQkXyenD296C4ilrCmyAIieOBo-FoGeJNZjd9-tIC2LCCH2sneVL86118AAPp1ug33WMFvxYvUpU5mKyCTgWNeulkW9-bLD8bdSqkvft04UHdvFZGf56PeuKd5NuoGYK66H-3UmJgNH-zPEIap7kQ09G857BZLMOPuNFxDPIaZTDOdbFCIvfV1yZTtJ4F3LM4Z3QCVKjiswFL-uZLAMpzti694pih-o4dD4sh2v94dfKXX1kft60vSlBzmGeLaLOzthgscW1mO08MPV3GGgI1YdnjYm2cLHleZHN67-0frpYzcmTXktzsrSYAsPWpkT3GewN6QZm3iuU7fG4pDsNT4h9z-V2Hc2qfhz4w64qi6R1z0iO4-bVV3sRo78PIyijqysgbN-_KNhY9yvLcOPZMUkxOTj5fAxte0ZNdVAdfywoq4RanRReOAIdpyaXvp5uz3KDsrdQm5zjXy8Awrfnn2m7y0vQE4e_OT_FalyxzyW9k8ZP1psHTmfXrADWi1EdZrlntFUsZJQlQ7CiCvlkUev054whg-CSR9tJhBx84de4X5qTc5ONl-ec9ha591-T3ZJ-88ycOJ1R_VBv5fKAUK-MFqtsCULqwNx8p9Zvu3dTAwYav9r5-aqltL598rod5VOTxbpq0lArduLSe8V2kvr-5ajCfeoWvID7Ey_s7KKyqS259YMx1MM5yO5_BLK9A7S0turSNv-kUW6uLlHUjryhWp7ChkBo9weIsDkexPvLfp7GnkG3kzz8gclKYx556YH4RQvawagqixnqNtyaFo4ZpYXghsPUVNF_wS20AbAQFGuKQzi3WgRXr2eDJPLLWUzjpVwLVrIXgyUJaTgPJ3nU74_RdpXZloqPEGegIxP4F-ddPeCbvBRhfAY-Q1_z2RczxgbQ4j8TuQjfrafHi7uSp8qNE0yMNvzKckzftRiKsVfVoqDdeAc4uSpHXG-NaNegwidOLZPTn6465r0CHLgxsNKCXtNCjbf6Q4xOgpLY7nmdM9aOCzaA6FC1Zp5EFngEVS9mL3ZAv57u4j9dgJ5KyEV_XV1m7gSpGIC-eNrHFMhCXmUibPAXd0BkU7lfQFx_4MPXrq_mMc7f0qlAoJSvIBgWBOjN0wNgsu3-jUt7IS6RuTOHt--S3mK837muGOec62OkqmwWjehTPCLk_dv3g1kkttNN38VCT-mvSaVorehsee7ojH_UrV0Xqf_MAN2kSYvvWnjwtxptdlQi7M-nrJOEvfArJA89XqqHztkxEwlX0oPErppknYBPVAuF4SY_gYh3tMmCRdBwHIjIy1i6RWjY3zgNG6cwjFbNWHySaUHEZqtMd-zaU8_6eDNtFbVOC3kl0jcxWE-7pP9PksKMqD1DO8GoQK5kPvT5GWmdBjvwLgkXh5DJeEYKMNGqWWF5mU1O16MlYgYCFC6PDvmBmhbILd7lpe3EppHW_ibfTl8FnO5ucNH_R9XEue2dgdzMH3iZHaju_AlAb8n5Ul4cpI4eJadlnUguNiFtsmfQaKtJKEVNVUPdYD_Rn-_CQSN56HdWAfngMV8D4wMCSMFuD1C5K8nC11JNMyYwVUCYPcQSCLNdEJyUSY-Ys84PMaGf37lU7fdiE7tII_k0rDzsPQYv0lI97U_Dt2K4Ul3y_RlHNbugjBgFfYaERQSobAyL7ckZPVQ47cBzp3aiHi6yJ9iyYpBBggFnoD8Nox9kHbMCFqsszU_0d1RWcC0WnxOJU1yZN2NqOcecMgB5BFEI5jGCBLC-pGjeCpU7KbxCJjfRFmuycBTO22DeFxLMkw8bi9rPnfti0Gi6ySpE6SEVg8ySu_ZpaLjHGQ7XcB9kC6hWFOzPg3LDDZVlHJsM1QIbVqIdYa-st5XtW2rcQJJqyoQL8IIvG6LHNy0BGOm554WKhimA2JxhEfimEG4_HgaUQV8YnM0IL9U0IhS07P1P4RCCuEBxbHHhtgexv7ZcR4_qKZdSt8RO-T_0QdRjjukEcrlR_H243kOZozGPwg2NroR9WzdS6ogavydvuKf-i1y2GgdjNCXmdT4FD1qpA0CX2Zg6LVbMJ5-c9tyBGEkkAGpB8vq17eVC2A_hgKsqSolZI2cZ0mBkJDbEFrPZkDI0tt-ru9XF6NfkRhzaFWKX-7BwmqeFQ5Q1a0RFSpg4pyX985H5EJcnEL9ZLLD7N9bKN7qNOVOrJSaqsatrow9pdzHnqpuX5CfghwFepOeMgXdTyKhwaQPb3-sRuz9M5MzqpNBgPOQ_nT9BcdJYsqfkfvGyGTxIqyL1JWEpqpgD2xLUHGxBlMuYbWWOebSERLoxocS5Xhc89D0lqvCxJY0kcVBbcBfRKCdK2pWsiXgj_0pFUif7Cw5_FhR3kJBfKP9kVxC8vbb2GjSk4H4EZ-tUNZmP__QHsONenRKitX4402CzOLh30wTp3vv8L05hPgS7QoCfWo7SXtiM20Lj80LFWxo0Zs9nGL2ZHKz2uDS1MOinrC0BQrBUbQzyj9ewaH7c4LFTNJIIxBxiiK-a1Z6ev27xfeZwPnyU3FmHidUz&cid=CAASBORonL0&rfl=1%2Chttps%253A%252F%252Fpowershelltutorial.net%252F%240

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca6cf99de3dfc96ba5d43a10fc8ab57a75119cdd0252512cbd464d3f10476c19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7249477889959952&output=html&h=280&slotname=6390426371&adk=1865869767&adf=404996203&pi=t.ma~as.6390426371&w=420&fwrn=4&fwrnh=100&lmt=1654125358&rafmt=1&psa=0&format=420x280&url=https%3A%2F%2Fpowershelltutorial.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654125358146&bpp=2&bdt=1381&idt=97&shv=r20220526&mjsv=m202205260101&ptt=9&saldr=aa&abxe=1&prev_fmts=320x50&correlator=1472136115649&frm=20&pv=1&ga_vid=1068015053.1654125358&ga_sid=1654125358&ga_hid=994296361&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1165&ady=350&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531557%2C21066428%2C31067628%2C31067768%2C31060048&oid=2&pvsid=1342139864712756&pem=808&tmod=1819196090&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=JT9mOeo1EK&p=https%3A//powershelltutorial.net&dtd=102
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Jun 2022 23:15:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33903
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0AD1 42 B
63 B 43ms
43ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DOq8j87pLGnOnVe4ttPaBXCcHQKhpjaTmO-FEPrYBHtBF94wUY6c-mwCqXL18m2-4BZf9m6pgBysEtUgnepmiNvOgZVvFmajFCQWCgL9SfCUtVTwE

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7249477889959952&output=html&h=280&slotname=6390426371&adk=1865869767&adf=3343277370&pi=t.ma~as.6390426371&w=420&fwrn=4&fwrnh=100&lmt=1654125358&rafmt=1&psa=0&format=420x280&url=https%3A%2F%2Fpowershelltutorial.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654125358148&bpp=1&bdt=1382&idt=103&shv=r20220526&mjsv=m202205260101&ptt=9&saldr=aa&abxe=1&prev_fmts=320x50%2C420x280&correlator=1472136115649&frm=20&pv=1&ga_vid=1068015053.1654125358&ga_sid=1654125358&ga_hid=994296361&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1165&ady=646&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531557%2C21066428%2C31067628%2C31067768%2C31060048&oid=2&pvsid=1342139864712756&pem=808&tmod=1819196090&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=NGQlIlkiox&p=https%3A//powershelltutorial.net&dtd=106

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Jun 2022 23:15:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220531/r20110914/client/ Frame 0AD1 3 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220531/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7249477889959952&output=html&h=280&slotname=6390426371&adk=1865869767&adf=3343277370&pi=t.ma~as.6390426371&w=420&fwrn=4&fwrnh=100&lmt=1654125358&rafmt=1&psa=0&format=420x280&url=https%3A%2F%2Fpowershelltutorial.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654125358148&bpp=1&bdt=1382&idt=103&shv=r20220526&mjsv=m202205260101&ptt=9&saldr=aa&abxe=1&prev_fmts=320x50%2C420x280&correlator=1472136115649&frm=20&pv=1&ga_vid=1068015053.1654125358&ga_sid=1654125358&ga_hid=994296361&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1165&ady=646&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531557%2C21066428%2C31067628%2C31067768%2C31060048&oid=2&pvsid=1342139864712756&pem=808&tmod=1819196090&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=NGQlIlkiox&p=https%3A//powershelltutorial.net&dtd=106

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 23:01:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 845
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Jun 2022 23:01:53 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0AD1 138 KB
43 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7249477889959952&output=html&h=280&slotname=6390426371&adk=1865869767&adf=3343277370&pi=t.ma~as.6390426371&w=420&fwrn=4&fwrnh=100&lmt=1654125358&rafmt=1&psa=0&format=420x280&url=https%3A%2F%2Fpowershelltutorial.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654125358148&bpp=1&bdt=1382&idt=103&shv=r20220526&mjsv=m202205260101&ptt=9&saldr=aa&abxe=1&prev_fmts=320x50%2C420x280&correlator=1472136115649&frm=20&pv=1&ga_vid=1068015053.1654125358&ga_sid=1654125358&ga_hid=994296361&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1165&ady=646&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531557%2C21066428%2C31067628%2C31067768%2C31060048&oid=2&pvsid=1342139864712756&pem=808&tmod=1819196090&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=NGQlIlkiox&p=https%3A//powershelltutorial.net&dtd=106

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9d9b988af19b056f61b0e5d1109acf50936f85cbd450985f803eee206563aed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 23:15:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43440
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1654082998712738"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 01 Jun 2022 23:15:58 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220531/r20110914/client/ Frame 0AD1 17 KB
7 KB 40ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220531/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7249477889959952&output=html&h=280&slotname=6390426371&adk=1865869767&adf=3343277370&pi=t.ma~as.6390426371&w=420&fwrn=4&fwrnh=100&lmt=1654125358&rafmt=1&psa=0&format=420x280&url=https%3A%2F%2Fpowershelltutorial.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654125358148&bpp=1&bdt=1382&idt=103&shv=r20220526&mjsv=m202205260101&ptt=9&saldr=aa&abxe=1&prev_fmts=320x50%2C420x280&correlator=1472136115649&frm=20&pv=1&ga_vid=1068015053.1654125358&ga_sid=1654125358&ga_hid=994296361&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1165&ady=646&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531557%2C21066428%2C31067628%2C31067768%2C31060048&oid=2&pvsid=1342139864712756&pem=808&tmod=1819196090&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=NGQlIlkiox&p=https%3A//powershelltutorial.net&dtd=106

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e40cd2f9b3804c4c981db3e8a482687e3a455d780e7b305a5c598809920bcab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 23:04:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 672
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7351
x-xss-protection: 0
server: cafe
etag: 330450436367057301
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Jun 2022 23:04:46 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 7F76 640 B
316 B 18ms
17ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COyovN8CEOWWpfsCGNuE3cYBMAE&v=APEucNWMkb8aLd-B2_elW-ojgXkwTlXPhpKyE2kXijOGehejQbu4CMPsxb4Y_ZSpBFawhAHinQPsb8lZSSGt4P4jkqRhiYhK5uCgCyWNi8zPwDOhqWqFnF-zLEyPWf_QFIshAoq4wWbCvrUzGi7ouOF93BFVrstmA8lhPlcHA8IYASVnkQxOSN8

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7249477889959952&output=html&h=280&slotname=6390426371&adk=1865869767&adf=3343277370&pi=t.ma~as.6390426371&w=420&fwrn=4&fwrnh=100&lmt=1654125358&rafmt=1&psa=0&format=420x280&url=https%3A%2F%2Fpowershelltutorial.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654125358148&bpp=1&bdt=1382&idt=103&shv=r20220526&mjsv=m202205260101&ptt=9&saldr=aa&abxe=1&prev_fmts=320x50%2C420x280&correlator=1472136115649&frm=20&pv=1&ga_vid=1068015053.1654125358&ga_sid=1654125358&ga_hid=994296361&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1165&ady=646&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531557%2C21066428%2C31067628%2C31067768%2C31060048&oid=2&pvsid=1342139864712756&pem=808&tmod=1819196090&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=NGQlIlkiox&p=https%3A//powershelltutorial.net&dtd=106

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7249477889959952&output=html&h=280&slotname=6390426371&adk=1865869767&adf=3343277370&pi=t.ma~as.6390426371&w=420&fwrn=4&fwrnh=100&lmt=1654125358&rafmt=1&psa=0&format=420x280&url=https%3A%2F%2Fpowershelltutorial.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654125358148&bpp=1&bdt=1382&idt=103&shv=r20220526&mjsv=m202205260101&ptt=9&saldr=aa&abxe=1&prev_fmts=320x50%2C420x280&correlator=1472136115649&frm=20&pv=1&ga_vid=1068015053.1654125358&ga_sid=1654125358&ga_hid=994296361&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1165&ady=646&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531557%2C21066428%2C31067628%2C31067768%2C31060048&oid=2&pvsid=1342139864712756&pem=808&tmod=1819196090&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=NGQlIlkiox&p=https%3A//powershelltutorial.net&dtd=106
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 295
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 01 Jun 2022 23:15:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 0AD1 84 KB
33 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DNqGjwKhbfoIkNnFNQwFxtLgYJ7VX0z9MUiMZprmm17bmDt4WG8VC0yzIDLJth_1rjayQeAIT9b5tsKVJ_eKBSM1H4Qa6oYtvdF1FR4EgSg-zhp9EtDv-NufHXXsobXMlZg0wTOItH4FrZFxLOuPSKIL7iLw&dbm_d=AKAmf-A0MtFtu8cEVtMGGysWfuYoYgZrmvRJ6r8C_ObN-8ZpckGlb7BnHmHjS6bflbG0RklJuFTUuocMOKaSKoixAVF4c8-hufQNvLw-c3J0qsHoqIIRoLBGCyQNc9CdyiSWUuH6PBvx7HP4B0cqOWVrHYbPNP47LaXHrD11rgBH6LR04CWIN5SN0YqNvmGysdB1JAxG4vNiQjlOoh6X7xsE7MGOlLaGI6Vtyk8X--cP8ZUZLLXWkNl22vRrOou9lPQitBWJdrScAgmdTJEMKnmQrKAQEuXDpK-Kl5buUz8sgAHweD3M8M735HTCNRI7dgpn2rtvsa6Vz5NLjOM3-Dl36vMjr0nq3qP4cHKPCpUp9uBDF-5n_RY3zPVJR5onOcozMXW4AfDf8eirwDz0FAl1-UMYFMYQ98Aco4WkazRiL8Q6zwL8L1HJU0S1D_Dma2ok82nAfp1ZB8Kjxch0jp9VTlQiyCBULc9QKX91LeHiCnV0yNxFW8P--vvWhs9DUyymVl6oNtEBbAR-vzbg7zIQpLdCONha2HD-pRYvRCJ4_xolFsoDkUyLal8Q1xyWJmPMk5Ql_lXv6E1XPp_v4GeudztPJ5spxxX0AdecyAXgPJBEv9FFz6Ba4YFt7H-gpDEU0MwitQfKaZbU9yNyXi7wlmkq7G5TCEwBcGdiSc5n0N1zeDGgVJD-88G5vm8ZPprjAbZ72p4MjDeVruGA7Exmgi5xoQ8jf55ewpvR3EV0qxCuevNsUXzbA2DnBo7cb5c_UD_5_Nnvi_TaZ_ZAcZuOuiC8EmBdSi43OMmnpYmU3X5QBR8YUkYksTSabv26BEZfaVqk91SRpbGIYsSs8UIT2vKo_1pujTcwgck34iDG2xR684i9DfPLqVTO-9X2wudLgMj3MFxwuZvFWA9EZ-g8n2ooEYlaTFb20aLvXEb-flVeTL_iYn3TQ8TaKvKnP_vGh98DiJFeFxUBUyVCGm1Ipno3J0B2f1ZQme4HWfn8pSaYwz3hWvcUs-5kDLNPtjtkzQJ5RqpY_t0eMuey5L7_wPmD_7W9_5FaFa1pnvpEiEhOnpdTivgdKK7BJFPygRDtb1wxZ8T5isqJDaflBynzXItooa1zcUEv71guaF7CBxwdGLOM1l8CrIeOECl5yA2o8Q4MZHaSxWULXSD8y7aKVIV8YE40oOZ03rgWU94n7iuwgFBwFEtMFYpgtSXlFaDmEqmtyMCGGqFVSZz3gemDH5RmuYbljub4rDiA5Koy3_F1zcwHEr2SNwPNlt-q8d6uqHl-x75o3B6zkbkQXaDnbfIeLa-cW1ryCUcnhuYYZf5zJnfxmEhaIBEz2dKWW_BwyHmNbEhgyitLCCpWT2jkqQP2IT4uUFCKs89CRicWjogZo3i7ZBfFx5P7GuVPCwRj2XFZPTIKsuqPQIBwe_jZWs5ODwD6aMdx0TypZYPYdLbTEVskGegIqqn3VQEWNTp8jTxb3tDgZq9hv0gqzQvWtW_PlEobtioe_yfNwgq_V0yb7yCLzboCBLcpNxKjchIcgVRuKGapi3QlFHK62_K5iA70jqDSb_Ddoi9iZOKX8pn8XBfS2oSbHiEEl3KMyLKoWx_pTgnZugjSNZG0F2ivuZ3Y0RJ1w1GnTaYUPPZtU1giBABg0Yyfw0M-w8Fr4Dxf1Iac7o4MuLjIXRZbdzGTnWZhr-VsihdljjfM3GTu49lANm93nFHuGz9rjZqeURvsa7UTxUJQYkn-PdeUAMWsx-p-bzkFKLJr6jt7o70Q-zvx5b6nX5NjR4YnvQzlS40dorxWJZBmmgBSPJ4L1nL1V1koyo28fP_cAkAU_DJpPuxNSr8V_hWIw3E-6ZZnOJVdYPusSfJUbYCL5ZpYVHFVgWNtrfcZ_axHwLaO0aE4m4NHuk7EysELNzr9lqkn81f3kY5DZpW2A9Ux4F4TXBvCvCc5WnYMrzdSpad6tiPUKahyFUA0uNC8_uaPgDQg3ncZBIApWJCXtPDJ-BQPUQLDZzBU3lU_xvAek31itApiHpfVdJwEh_r_v6AJv4D2ITYINmPYDhq7aRDS6Ewq2QrQiu8cUN2aytlvxeEBg6NMwexBFDJCco7Q9Seqw76yiVAzDWvnJ3yVMi-Nq0vwiojMJ5BqKyLVaPdPcbrxN5TyZ3Z_oQ-JLsohqrdeKSO2Gi7Q01re1iKHH6OzBFK-MLux-xUjq5Rg60WbnyieR5OOxXlGNFa5gke9nUCfSdfYtu-p0IgGOI4sqlh621DZAQR4ePPTm9axXEPDjm50yD-oMb_LqGlI5XuqfRjWVIXXqX1FyJl7KSUPftqZSth6n3ZYvvx3AfEZX21uJnhWwSRc5qI8yKVwQ-5F2G7829bCmW0uNB05uwVbDH_LiKYf-CIgVFsppY_9GyjUJQMRQtXl-ki1wj1wzzAXAnARMeGn8XcKIghpxI_iiveFkVDW3ia8gP-V0BrWGkAV5XtY-2Cs9zEgldH64ybuUGWbUO9W9Vou2YlrLfWb5GSRy0BVwa0t7_mzCAeskE5kFv8oOdkELGO2aPD9vn0gO2HwP9pl21Inp9ONtD9ODHdonDych_rvcNCt5y0FSql1BDBjnkiiNlVyvH1S5w04cTZXyYka0olVRRiyjWDtTmJ4sf3ecwD5gnBDnwkTz-h-l8XsrWxrNHC2EwTaA9wNnQi3TPbdevrc8YSnfkxH_265Dr1YjijH9SDiZIEyJ17nsQWoR1qSIneI8-7cyfPIK-wpUNpoQVSH7J5JZbhcK_Z2j3778MRMICAEzPOs1LfMX4MxVxmWua5s2TqLWzVN2EyWId5_wfByGB_x_g9Sle0kHCymF2q5LhzIzqctOJ0t8KUGXnGYkhtWcCwzCiWrhICT4V89wmh9YNnkboQCP-SXt4g6SjKyJwbcmfTz3rV8cwJ3IgM8aHMJ7ENozxBKGMroVZ7446V6v-gzqui_aSC4uusluBp0EPjwSx3sGjekvNLOT8mpuwpepJUrFKt3ldFwATxiveK1ekqRvXJDP2bR30wSY-d9mxoAFl7abG8ikSrnE_EIt1phgXzN8C7b2NYxL03T__7qq0Ot-ianM_5OAydY_FnBuc5mEg8qSwLBFvLQOmnc4FFjFSpTlQKgX--QW5yu3A3V4saXOVraMPyNd-V2GNR_2nf9rFItDg&cid=CAASBORoIFM&rfl=1%2Chttps%253A%252F%252Fpowershelltutorial.net%252F%240

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7249477889959952&output=html&h=280&slotname=6390426371&adk=1865869767&adf=3343277370&pi=t.ma~as.6390426371&w=420&fwrn=4&fwrnh=100&lmt=1654125358&rafmt=1&psa=0&format=420x280&url=https%3A%2F%2Fpowershelltutorial.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654125358148&bpp=1&bdt=1382&idt=103&shv=r20220526&mjsv=m202205260101&ptt=9&saldr=aa&abxe=1&prev_fmts=320x50%2C420x280&correlator=1472136115649&frm=20&pv=1&ga_vid=1068015053.1654125358&ga_sid=1654125358&ga_hid=994296361&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1165&ady=646&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531557%2C21066428%2C31067628%2C31067768%2C31060048&oid=2&pvsid=1342139864712756&pem=808&tmod=1819196090&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=NGQlIlkiox&p=https%3A//powershelltutorial.net&dtd=106

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f4ac9334edcf5f7c599caaeac0f43e8c46324eb8a37436fd65f1fbd519c140b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7249477889959952&output=html&h=280&slotname=6390426371&adk=1865869767&adf=3343277370&pi=t.ma~as.6390426371&w=420&fwrn=4&fwrnh=100&lmt=1654125358&rafmt=1&psa=0&format=420x280&url=https%3A%2F%2Fpowershelltutorial.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654125358148&bpp=1&bdt=1382&idt=103&shv=r20220526&mjsv=m202205260101&ptt=9&saldr=aa&abxe=1&prev_fmts=320x50%2C420x280&correlator=1472136115649&frm=20&pv=1&ga_vid=1068015053.1654125358&ga_sid=1654125358&ga_hid=994296361&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1165&ady=646&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531557%2C21066428%2C31067628%2C31067768%2C31060048&oid=2&pvsid=1342139864712756&pem=808&tmod=1819196090&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=NGQlIlkiox&p=https%3A//powershelltutorial.net&dtd=106
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Jun 2022 23:15:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34073
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame EFFD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOHWHtsJ7xXlQYc2LaJTW7g&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOHWHtsJ7xXlQYc2LaJTW7g&google_cver=1&C=1

43 B
1014 B

48ms
48ms

Image
image/gif

104.102.29.65
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOHWHtsJ7xXlQYc2LaJTW7g&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COyovN8CEOWWpfsCGIn85sYBMAE&v=APEucNWSa-GuhMjQMtpJupigQirYYvcuW6CjPGuacDNu9Znvb32ByyTuhL-PZbVvGxhdnoY0ATaWK7m3SZQxKuUnN9PJPaan6jq29JdssCf3w6UHmVg2RQ8V9xrgLfYBs4iWPi5rMd4AXHElyYS6FbXIOlCRFONW1r4oTIwztHKMpxcUqUJQ420
Protocol: HTTP/1.1
Server: 104.102.29.65 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-102-29-65.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Jun 2022 23:15:58 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 01 Jun 2022 23:15:58 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 01 Jun 2022 23:15:58 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOHWHtsJ7xXlQYc2LaJTW7g&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Wed, 01 Jun 2022 23:15:58 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame EFFD
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YpfzLo7J7Du3QgK2tN7yrwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENgBbwW9PgPM_13ss5f4Doc&google_cver=1

43 B
894 B

29ms
29ms

Image
image/gif

104.102.29.65
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENgBbwW9PgPM_13ss5f4Doc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COyovN8CEOWWpfsCGIn85sYBMAE&v=APEucNWSa-GuhMjQMtpJupigQirYYvcuW6CjPGuacDNu9Znvb32ByyTuhL-PZbVvGxhdnoY0ATaWK7m3SZQxKuUnN9PJPaan6jq29JdssCf3w6UHmVg2RQ8V9xrgLfYBs4iWPi5rMd4AXHElyYS6FbXIOlCRFONW1r4oTIwztHKMpxcUqUJQ420
Protocol: HTTP/1.1
Server: 104.102.29.65 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-102-29-65.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Jun 2022 23:15:58 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 01 Jun 2022 23:15:58 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Jun 2022 23:15:58 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENgBbwW9PgPM_13ss5f4Doc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame EFFD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEENrZ5IcIMperqUDq5hVTtw&google_cver=1

43 B
1016 B

15ms
7ms

Image
image/gif

37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEENrZ5IcIMperqUDq5hVTtw&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COyovN8CEOWWpfsCGIn85sYBMAE&v=APEucNWSa-GuhMjQMtpJupigQirYYvcuW6CjPGuacDNu9Znvb32ByyTuhL-PZbVvGxhdnoY0ATaWK7m3SZQxKuUnN9PJPaan6jq29JdssCf3w6UHmVg2RQ8V9xrgLfYBs4iWPi5rMd4AXHElyYS6FbXIOlCRFONW1r4oTIwztHKMpxcUqUJQ420

Protocol

HTTP/1.1

Server

37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Jun 2022 23:15:58 GMT
X-Proxy-Origin: 217.64.151.67; 217.64.151.67; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 6dfff4e2-4b80-48ef-a15d-44bab646aad2
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Jun 2022 23:15:58 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEENrZ5IcIMperqUDq5hVTtw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EFFD
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTU4NTk1ODEyMDk0Nzc3NjQxOQ%3D%3D

170 B
188 B

30ms
16ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTU4NTk1ODEyMDk0Nzc3NjQxOQ%3D%3D

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Jun 2022 23:15:58 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 01 Jun 2022 23:15:58 GMT
X-Proxy-Origin: 217.64.151.67; 217.64.151.67; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 9994f4b7-baaa-4b16-b930-2a4d285fb4ee
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTU4NTk1ODEyMDk0Nzc3NjQxOQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 7F76
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHT7CmJBHdzRRhiRY4DICIc&google_cver=1

43 B
274 B

36ms
22ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHT7CmJBHdzRRhiRY4DICIc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COyovN8CEOWWpfsCGNuE3cYBMAE&v=APEucNWMkb8aLd-B2_elW-ojgXkwTlXPhpKyE2kXijOGehejQbu4CMPsxb4Y_ZSpBFawhAHinQPsb8lZSSGt4P4jkqRhiYhK5uCgCyWNi8zPwDOhqWqFnF-zLEyPWf_QFIshAoq4wWbCvrUzGi7ouOF93BFVrstmA8lhPlcHA8IYASVnkQxOSN8
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/eecec1e /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Jun 2022 23:15:58 GMT
via: 1.1 google
server: OXGW/eecec1e
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Jun 2022 23:15:58 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHT7CmJBHdzRRhiRY4DICIc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 7F76 43 B
145 B 58ms
22ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COyovN8CEOWWpfsCGNuE3cYBMAE&v=APEucNWMkb8aLd-B2_elW-ojgXkwTlXPhpKyE2kXijOGehejQbu4CMPsxb4Y_ZSpBFawhAHinQPsb8lZSSGt4P4jkqRhiYhK5uCgCyWNi8zPwDOhqWqFnF-zLEyPWf_QFIshAoq4wWbCvrUzGi7ouOF93BFVrstmA8lhPlcHA8IYASVnkQxOSN8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/eecec1e /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Jun 2022 23:15:58 GMT
content-encoding: gzip
server: OXGW/eecec1e
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 7F76
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEK48azteIFmCYxGkfDLwN1Y&google_cver=1

23 B
172 B

76ms
46ms

Image
image/gif

104.89.28.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEK48azteIFmCYxGkfDLwN1Y&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COyovN8CEOWWpfsCGNuE3cYBMAE&v=APEucNWMkb8aLd-B2_elW-ojgXkwTlXPhpKyE2kXijOGehejQbu4CMPsxb4Y_ZSpBFawhAHinQPsb8lZSSGt4P4jkqRhiYhK5uCgCyWNi8zPwDOhqWqFnF-zLEyPWf_QFIshAoq4wWbCvrUzGi7ouOF93BFVrstmA8lhPlcHA8IYASVnkQxOSN8
Protocol: H2
Server: 104.89.28.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-89-28-165.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Jun 2022 23:15:58 GMT
cache-control: max-age=0, no-cache, no-store
expires: Wed, 01 Jun 2022 23:15:58 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 01 Jun 2022 23:15:58 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESEK48azteIFmCYxGkfDLwN1Y&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 7F76 23 B
172 B 85ms
36ms Image
image/gif 104.89.28.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COyovN8CEOWWpfsCGNuE3cYBMAE&v=APEucNWMkb8aLd-B2_elW-ojgXkwTlXPhpKyE2kXijOGehejQbu4CMPsxb4Y_ZSpBFawhAHinQPsb8lZSSGt4P4jkqRhiYhK5uCgCyWNi8zPwDOhqWqFnF-zLEyPWf_QFIshAoq4wWbCvrUzGi7ouOF93BFVrstmA8lhPlcHA8IYASVnkQxOSN8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.89.28.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-89-28-165.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Jun 2022 23:15:58 GMT
cache-control: max-age=0, no-cache, no-store
expires: Wed, 01 Jun 2022 23:15:58 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 6446 170 KB
59 KB 55ms
6ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: powershelltutorial.net
URL: https://powershelltutorial.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 12:04:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40299
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Jun 2022 12:04:19 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220531/r20110914/elements/html/ Frame 6446 8 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220531/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CsRjy-92axH-Lg_eYX0XOi9H_I0DOUOxp70PWHgVoHivRg81dQ2K17CMRmePrOOSPBlfN7nPix_jKYaZLtRE-jwxrCih1FFmDHhtu32HXNfBjFYabSYHRNo7GiXbK0B7uvbMvd7b-PvGcf5ROkiTydjNoZqA&dbm_d=AKAmf-BM1e-IaQE7mQjeAKGBmzIc2A0zrPGx1ZiogzV6MemT195uSZz79GBugrsji5x8EIOEyMeGcLpCh0Q4uexrLl62KgKVdQiygoZPCQRHsijsbAi9yFTWwx-ZviZDyZKBoE6mWxZK3fDCPzSM3gcMIEcdn2f-CvZ2SDqAAFUEA9zYcWOTrBZ54f2peJX1ixYC75o8D00_doR183t7gtd2uzGnNhP1uS21YoGgVLIUQigpYAXp0nY8B7SSGgkZfLvzif8g6D67ewf2sI9L1PqdqSXij5mnbixTlZwasaRoRmO2jPU5ZEllfApaAp4YF8BKhgZ1VR2xpfez9wn6dNDytTmD-tHvDL9a5I8sMRWgTkQLZ9hNIv4mkFKfDnhoDKZmq96iKhDfGGi679hDb9epTz-M2Tlya0GmIjwg2NK8EKz4VLCl4GLTF_CE5ospQqnKugdLJHtqFZql48RPcTq9kPsSXzRn8qjS37a9T64UKAzODO7jcKQ-mCbN6jzNwU9ZmmMs2Ycl15j8PxOgWKKb1d-Gx935G6WlV4xAWFGMDBlR0wKNOEr54746nrF6DffkgrU95kAQb5txDhIVVyf_aGKW6i_RjQkXyenD296C4ilrCmyAIieOBo-FoGeJNZjd9-tIC2LCCH2sneVL86118AAPp1ug33WMFvxYvUpU5mKyCTgWNeulkW9-bLD8bdSqkvft04UHdvFZGf56PeuKd5NuoGYK66H-3UmJgNH-zPEIap7kQ09G857BZLMOPuNFxDPIaZTDOdbFCIvfV1yZTtJ4F3LM4Z3QCVKjiswFL-uZLAMpzti694pih-o4dD4sh2v94dfKXX1kft60vSlBzmGeLaLOzthgscW1mO08MPV3GGgI1YdnjYm2cLHleZHN67-0frpYzcmTXktzsrSYAsPWpkT3GewN6QZm3iuU7fG4pDsNT4h9z-V2Hc2qfhz4w64qi6R1z0iO4-bVV3sRo78PIyijqysgbN-_KNhY9yvLcOPZMUkxOTj5fAxte0ZNdVAdfywoq4RanRReOAIdpyaXvp5uz3KDsrdQm5zjXy8Awrfnn2m7y0vQE4e_OT_FalyxzyW9k8ZP1psHTmfXrADWi1EdZrlntFUsZJQlQ7CiCvlkUev054whg-CSR9tJhBx84de4X5qTc5ONl-ec9ha591-T3ZJ-88ycOJ1R_VBv5fKAUK-MFqtsCULqwNx8p9Zvu3dTAwYav9r5-aqltL598rod5VOTxbpq0lArduLSe8V2kvr-5ajCfeoWvID7Ey_s7KKyqS259YMx1MM5yO5_BLK9A7S0turSNv-kUW6uLlHUjryhWp7ChkBo9weIsDkexPvLfp7GnkG3kzz8gclKYx556YH4RQvawagqixnqNtyaFo4ZpYXghsPUVNF_wS20AbAQFGuKQzi3WgRXr2eDJPLLWUzjpVwLVrIXgyUJaTgPJ3nU74_RdpXZloqPEGegIxP4F-ddPeCbvBRhfAY-Q1_z2RczxgbQ4j8TuQjfrafHi7uSp8qNE0yMNvzKckzftRiKsVfVoqDdeAc4uSpHXG-NaNegwidOLZPTn6465r0CHLgxsNKCXtNCjbf6Q4xOgpLY7nmdM9aOCzaA6FC1Zp5EFngEVS9mL3ZAv57u4j9dgJ5KyEV_XV1m7gSpGIC-eNrHFMhCXmUibPAXd0BkU7lfQFx_4MPXrq_mMc7f0qlAoJSvIBgWBOjN0wNgsu3-jUt7IS6RuTOHt--S3mK837muGOec62OkqmwWjehTPCLk_dv3g1kkttNN38VCT-mvSaVorehsee7ojH_UrV0Xqf_MAN2kSYvvWnjwtxptdlQi7M-nrJOEvfArJA89XqqHztkxEwlX0oPErppknYBPVAuF4SY_gYh3tMmCRdBwHIjIy1i6RWjY3zgNG6cwjFbNWHySaUHEZqtMd-zaU8_6eDNtFbVOC3kl0jcxWE-7pP9PksKMqD1DO8GoQK5kPvT5GWmdBjvwLgkXh5DJeEYKMNGqWWF5mU1O16MlYgYCFC6PDvmBmhbILd7lpe3EppHW_ibfTl8FnO5ucNH_R9XEue2dgdzMH3iZHaju_AlAb8n5Ul4cpI4eJadlnUguNiFtsmfQaKtJKEVNVUPdYD_Rn-_CQSN56HdWAfngMV8D4wMCSMFuD1C5K8nC11JNMyYwVUCYPcQSCLNdEJyUSY-Ys84PMaGf37lU7fdiE7tII_k0rDzsPQYv0lI97U_Dt2K4Ul3y_RlHNbugjBgFfYaERQSobAyL7ckZPVQ47cBzp3aiHi6yJ9iyYpBBggFnoD8Nox9kHbMCFqsszU_0d1RWcC0WnxOJU1yZN2NqOcecMgB5BFEI5jGCBLC-pGjeCpU7KbxCJjfRFmuycBTO22DeFxLMkw8bi9rPnfti0Gi6ySpE6SEVg8ySu_ZpaLjHGQ7XcB9kC6hWFOzPg3LDDZVlHJsM1QIbVqIdYa-st5XtW2rcQJJqyoQL8IIvG6LHNy0BGOm554WKhimA2JxhEfimEG4_HgaUQV8YnM0IL9U0IhS07P1P4RCCuEBxbHHhtgexv7ZcR4_qKZdSt8RO-T_0QdRjjukEcrlR_H243kOZozGPwg2NroR9WzdS6ogavydvuKf-i1y2GgdjNCXmdT4FD1qpA0CX2Zg6LVbMJ5-c9tyBGEkkAGpB8vq17eVC2A_hgKsqSolZI2cZ0mBkJDbEFrPZkDI0tt-ru9XF6NfkRhzaFWKX-7BwmqeFQ5Q1a0RFSpg4pyX985H5EJcnEL9ZLLD7N9bKN7qNOVOrJSaqsatrow9pdzHnqpuX5CfghwFepOeMgXdTyKhwaQPb3-sRuz9M5MzqpNBgPOQ_nT9BcdJYsqfkfvGyGTxIqyL1JWEpqpgD2xLUHGxBlMuYbWWOebSERLoxocS5Xhc89D0lqvCxJY0kcVBbcBfRKCdK2pWsiXgj_0pFUif7Cw5_FhR3kJBfKP9kVxC8vbb2GjSk4H4EZ-tUNZmP__QHsONenRKitX4402CzOLh30wTp3vv8L05hPgS7QoCfWo7SXtiM20Lj80LFWxo0Zs9nGL2ZHKz2uDS1MOinrC0BQrBUbQzyj9ewaH7c4LFTNJIIxBxiiK-a1Z6ev27xfeZwPnyU3FmHidUz&cid=CAASBORonL0&rfl=1%2Chttps%253A%252F%252Fpowershelltutorial.net%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 23:09:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 365
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Jun 2022 23:09:53 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220531/r20110914/ Frame 6446 27 KB
10 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220531/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75782eed76b2c74403b9ef1a9c9f02bf5d868730365942b745755fc1dfa2b362

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 23:12:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 203
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10539
x-xss-protection: 0
server: cafe
etag: 1532328290632562463
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Jun 2022 23:12:35 GMT

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 0AD1 170 KB
59 KB 46ms
12ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: powershelltutorial.net
URL: https://powershelltutorial.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 12:04:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40299
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Jun 2022 12:04:19 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220531/r20110914/elements/html/ Frame 0AD1 8 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220531/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DNqGjwKhbfoIkNnFNQwFxtLgYJ7VX0z9MUiMZprmm17bmDt4WG8VC0yzIDLJth_1rjayQeAIT9b5tsKVJ_eKBSM1H4Qa6oYtvdF1FR4EgSg-zhp9EtDv-NufHXXsobXMlZg0wTOItH4FrZFxLOuPSKIL7iLw&dbm_d=AKAmf-A0MtFtu8cEVtMGGysWfuYoYgZrmvRJ6r8C_ObN-8ZpckGlb7BnHmHjS6bflbG0RklJuFTUuocMOKaSKoixAVF4c8-hufQNvLw-c3J0qsHoqIIRoLBGCyQNc9CdyiSWUuH6PBvx7HP4B0cqOWVrHYbPNP47LaXHrD11rgBH6LR04CWIN5SN0YqNvmGysdB1JAxG4vNiQjlOoh6X7xsE7MGOlLaGI6Vtyk8X--cP8ZUZLLXWkNl22vRrOou9lPQitBWJdrScAgmdTJEMKnmQrKAQEuXDpK-Kl5buUz8sgAHweD3M8M735HTCNRI7dgpn2rtvsa6Vz5NLjOM3-Dl36vMjr0nq3qP4cHKPCpUp9uBDF-5n_RY3zPVJR5onOcozMXW4AfDf8eirwDz0FAl1-UMYFMYQ98Aco4WkazRiL8Q6zwL8L1HJU0S1D_Dma2ok82nAfp1ZB8Kjxch0jp9VTlQiyCBULc9QKX91LeHiCnV0yNxFW8P--vvWhs9DUyymVl6oNtEBbAR-vzbg7zIQpLdCONha2HD-pRYvRCJ4_xolFsoDkUyLal8Q1xyWJmPMk5Ql_lXv6E1XPp_v4GeudztPJ5spxxX0AdecyAXgPJBEv9FFz6Ba4YFt7H-gpDEU0MwitQfKaZbU9yNyXi7wlmkq7G5TCEwBcGdiSc5n0N1zeDGgVJD-88G5vm8ZPprjAbZ72p4MjDeVruGA7Exmgi5xoQ8jf55ewpvR3EV0qxCuevNsUXzbA2DnBo7cb5c_UD_5_Nnvi_TaZ_ZAcZuOuiC8EmBdSi43OMmnpYmU3X5QBR8YUkYksTSabv26BEZfaVqk91SRpbGIYsSs8UIT2vKo_1pujTcwgck34iDG2xR684i9DfPLqVTO-9X2wudLgMj3MFxwuZvFWA9EZ-g8n2ooEYlaTFb20aLvXEb-flVeTL_iYn3TQ8TaKvKnP_vGh98DiJFeFxUBUyVCGm1Ipno3J0B2f1ZQme4HWfn8pSaYwz3hWvcUs-5kDLNPtjtkzQJ5RqpY_t0eMuey5L7_wPmD_7W9_5FaFa1pnvpEiEhOnpdTivgdKK7BJFPygRDtb1wxZ8T5isqJDaflBynzXItooa1zcUEv71guaF7CBxwdGLOM1l8CrIeOECl5yA2o8Q4MZHaSxWULXSD8y7aKVIV8YE40oOZ03rgWU94n7iuwgFBwFEtMFYpgtSXlFaDmEqmtyMCGGqFVSZz3gemDH5RmuYbljub4rDiA5Koy3_F1zcwHEr2SNwPNlt-q8d6uqHl-x75o3B6zkbkQXaDnbfIeLa-cW1ryCUcnhuYYZf5zJnfxmEhaIBEz2dKWW_BwyHmNbEhgyitLCCpWT2jkqQP2IT4uUFCKs89CRicWjogZo3i7ZBfFx5P7GuVPCwRj2XFZPTIKsuqPQIBwe_jZWs5ODwD6aMdx0TypZYPYdLbTEVskGegIqqn3VQEWNTp8jTxb3tDgZq9hv0gqzQvWtW_PlEobtioe_yfNwgq_V0yb7yCLzboCBLcpNxKjchIcgVRuKGapi3QlFHK62_K5iA70jqDSb_Ddoi9iZOKX8pn8XBfS2oSbHiEEl3KMyLKoWx_pTgnZugjSNZG0F2ivuZ3Y0RJ1w1GnTaYUPPZtU1giBABg0Yyfw0M-w8Fr4Dxf1Iac7o4MuLjIXRZbdzGTnWZhr-VsihdljjfM3GTu49lANm93nFHuGz9rjZqeURvsa7UTxUJQYkn-PdeUAMWsx-p-bzkFKLJr6jt7o70Q-zvx5b6nX5NjR4YnvQzlS40dorxWJZBmmgBSPJ4L1nL1V1koyo28fP_cAkAU_DJpPuxNSr8V_hWIw3E-6ZZnOJVdYPusSfJUbYCL5ZpYVHFVgWNtrfcZ_axHwLaO0aE4m4NHuk7EysELNzr9lqkn81f3kY5DZpW2A9Ux4F4TXBvCvCc5WnYMrzdSpad6tiPUKahyFUA0uNC8_uaPgDQg3ncZBIApWJCXtPDJ-BQPUQLDZzBU3lU_xvAek31itApiHpfVdJwEh_r_v6AJv4D2ITYINmPYDhq7aRDS6Ewq2QrQiu8cUN2aytlvxeEBg6NMwexBFDJCco7Q9Seqw76yiVAzDWvnJ3yVMi-Nq0vwiojMJ5BqKyLVaPdPcbrxN5TyZ3Z_oQ-JLsohqrdeKSO2Gi7Q01re1iKHH6OzBFK-MLux-xUjq5Rg60WbnyieR5OOxXlGNFa5gke9nUCfSdfYtu-p0IgGOI4sqlh621DZAQR4ePPTm9axXEPDjm50yD-oMb_LqGlI5XuqfRjWVIXXqX1FyJl7KSUPftqZSth6n3ZYvvx3AfEZX21uJnhWwSRc5qI8yKVwQ-5F2G7829bCmW0uNB05uwVbDH_LiKYf-CIgVFsppY_9GyjUJQMRQtXl-ki1wj1wzzAXAnARMeGn8XcKIghpxI_iiveFkVDW3ia8gP-V0BrWGkAV5XtY-2Cs9zEgldH64ybuUGWbUO9W9Vou2YlrLfWb5GSRy0BVwa0t7_mzCAeskE5kFv8oOdkELGO2aPD9vn0gO2HwP9pl21Inp9ONtD9ODHdonDych_rvcNCt5y0FSql1BDBjnkiiNlVyvH1S5w04cTZXyYka0olVRRiyjWDtTmJ4sf3ecwD5gnBDnwkTz-h-l8XsrWxrNHC2EwTaA9wNnQi3TPbdevrc8YSnfkxH_265Dr1YjijH9SDiZIEyJ17nsQWoR1qSIneI8-7cyfPIK-wpUNpoQVSH7J5JZbhcK_Z2j3778MRMICAEzPOs1LfMX4MxVxmWua5s2TqLWzVN2EyWId5_wfByGB_x_g9Sle0kHCymF2q5LhzIzqctOJ0t8KUGXnGYkhtWcCwzCiWrhICT4V89wmh9YNnkboQCP-SXt4g6SjKyJwbcmfTz3rV8cwJ3IgM8aHMJ7ENozxBKGMroVZ7446V6v-gzqui_aSC4uusluBp0EPjwSx3sGjekvNLOT8mpuwpepJUrFKt3ldFwATxiveK1ekqRvXJDP2bR30wSY-d9mxoAFl7abG8ikSrnE_EIt1phgXzN8C7b2NYxL03T__7qq0Ot-ianM_5OAydY_FnBuc5mEg8qSwLBFvLQOmnc4FFjFSpTlQKgX--QW5yu3A3V4saXOVraMPyNd-V2GNR_2nf9rFItDg&cid=CAASBORoIFM&rfl=1%2Chttps%253A%252F%252Fpowershelltutorial.net%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 23:09:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 365
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Jun 2022 23:09:53 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220531/r20110914/ Frame 0AD1 27 KB
10 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220531/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75782eed76b2c74403b9ef1a9c9f02bf5d868730365942b745755fc1dfa2b362

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 23:12:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 203
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10539
x-xss-protection: 0
server: cafe
etag: 1532328290632562463
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Jun 2022 23:12:35 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 6446 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 04:50:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 239155
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 May 2023 04:50:03 GMT

GET
DATA 200
OK truncated
/ Frame 6446 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 570b4c96a33fc8d7db6e7cc80af35b14ce763e6d3016ba03bd0bba3d487e107a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 0AD1 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7249477889959952&output=html&h=280&slotname=6390426371&adk=1865869767&adf=3343277370&pi=t.ma~as.6390426371&w=420&fwrn=4&fwrnh=100&lmt=1654125358&rafmt=1&psa=0&format=420x280&url=https%3A%2F%2Fpowershelltutorial.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654125358148&bpp=1&bdt=1382&idt=103&shv=r20220526&mjsv=m202205260101&ptt=9&saldr=aa&abxe=1&prev_fmts=320x50%2C420x280&correlator=1472136115649&frm=20&pv=1&ga_vid=1068015053.1654125358&ga_sid=1654125358&ga_hid=994296361&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1165&ady=646&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531557%2C21066428%2C31067628%2C31067768%2C31060048&oid=2&pvsid=1342139864712756&pem=808&tmod=1819196090&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=NGQlIlkiox&p=https%3A//powershelltutorial.net&dtd=106

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 04:50:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 239155
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 May 2023 04:50:03 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame ED1F 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 132954
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 31 May 2022 10:20:04 GMT
expires: Wed, 31 May 2023 10:20:04 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 0AD1 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8ad203ae3d4ff2bd663dbf2a1ec71916d4a19c63eddcaea7c738c06eba159578

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 index.html Show response
s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_cuecard/responsive/V1/ Frame 4990 113 KB
28 KB 30ms
16ms Document
text/html 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_cuecard/responsive/V1/index.html?e=69&leftOffset=0&topOffset=0&c=jyyQFZmcu5&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

337f6a5456fca744a0de5d36eaba1bf047b9603d2b514929da73d39d0f9739c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 28831
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-richmedia-studio-eng"
cross-origin-resource-policy: cross-origin
date: Wed, 01 Jun 2022 23:15:58 GMT
expires: Thu, 02 Jun 2022 00:05:58 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"ads-richmedia-studio-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-richmedia-studio-eng"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6446 0
622 B 86ms
50ms Ping
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv2FLmDB3scUVVaTfwjxKFVHENqY1hF9VaD3zAbnl8jApXLANm-nZv0NpSHSL1HOJbedZP1xmKhdFYtVP553C2RoPJWYlyekXwzJ9t6ndV1yVVKhyp2Y8fnfKstV8Xjnd2RMlKKrBdKpi47qwda6oyDYLxhgboTDX8ozDoEF5PKg8bBFWEHworv7os8082xHvL4EeVgQAWp5_mZQY19OhkkKQgLFU6l21W3ZuAwJT3LMbQo5RdEMct5AnRIUQWa-g9BruxSG-bLg_r5Ja6N55CPgsloHjbkB5noqSohVB7ZpDsZVrISizQNopaWqcUHCe2QGF4ekYZqbAy5KP4Tf4Xw2HG5gg3k590kOO-fSkMcCyT6DwR0EdwNlV7d3CloxMofJHh85S0swDgqABkcGXPbhHur6GfDFWvz7iLJb2adlDk_EBRSf-XwtndevbYaCfxncwI1fvRFulJxP3c4akR0LUj5w0M6RZwJ1IqfxExPh1Yb6YCijBkUC78EhpQaoo3EwqjAsqG5NWxRPj5X0waTb83psiIPhb-IwVXTjEgPdoJdtCAtlj3kLlmWjeOJklVCcI5QD0TG58wlPjK36tye4-ADLvglfnyGNXlvBOXYFo7LJA6F6s7VhtRKlXqCmRRXsmEhrU2qGgrxDoa6mKV-rnZ7hNSH3mST3kgCPbDkZp4tX6hMZjSzSdNvXRlUtLhqgbcpHn04Nj1zkssEm5NfDixoLBlxpVcqk8s8R8-D4b230tp1RzFB6tCyn7RSsYUaw46B_iZ6cLXBBVn0YTbDRlz4LWUbjzAHfcqw2JZxJrszkJKDn7KdE5YNBQN0U-vFumjr7GBKi4Gey5xT4Mm862SSL083HbFzlX88y291mngdMzMzaFtPB8Uwjr5uCqD6zrbZ9QOng4TGOPUCkW8Xuw4rQ1_zWu1mGLIGlFYXhKD4Iar9VH_3P1KhgI8jrvMD3YnQaaBx6eC7MaKY2GOLV0taRIHlHS7qKrISD9Q_nkFp6qZT00tR60-ueu0SFw8aBv4tQwezE9ziQOwRWAa1BZSAgz_DRkV4nncZuerGkWYd96wDkKKh5w3inxvaD7H2rYhfVi6Zo-uLH56WQGn07kTU51oDvvZane12FZUJTw5Acg9qWIauiK2Oztz6VDyOF0R8kXBNiuA3fr9-m51zC1q5_IyhOdUpakrGXuWkt8AICWibkb7SOPrMs9MYwVHI8S7SeVnvhaAny68il_icUUd0Pswwhp_h-XAX95YNEm020VOGjbnOS0r0CTyw9C2xOVg&sai=AMfl-YSh0cnDYUc326ncYZuAwQtgVEto1Z72B7ERm017YrYs3XDt3CVyTlt6zwEfT5bqtiKHSF7Mq4eQFFqPWODmjVJO4IRazgwKx6Mb-KV1UJfhadzjxZkZFFOJzoyj8bHXhBJO&sig=Cg0ArKJSzPKhSg1l8NRMEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=158&cbvp=1&cstd=153&cisv=r20220531.57556&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: powershelltutorial.net
URL: https://powershelltutorial.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Wed, 01 Jun 2022 23:15:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 7623 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 132954
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 31 May 2022 10:20:04 GMT
expires: Wed, 31 May 2023 10:20:04 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_blanket/responsive/V1/ Frame C204 62 KB
16 KB 17ms
15ms Document
text/html 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_blanket/responsive/V1/index.html?e=69&leftOffset=0&topOffset=0&c=TTRa6Hqezc&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3085aac649fa0d732e9fd1e54e0ce46f115238e1c115a7f7ce9de4bc416ab551

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 16856
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-richmedia-studio-eng"
cross-origin-resource-policy: cross-origin
date: Wed, 01 Jun 2022 23:15:58 GMT
expires: Thu, 02 Jun 2022 00:05:58 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"ads-richmedia-studio-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-richmedia-studio-eng"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0AD1 0
64 B 76ms
51ms Ping
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsueXTVCy8Pgbkch3CbyRPZKkULKwayTBAtTmeuASW-01OQ8I7i4kDz-u7OZPcpivaGcOOC70e46ghu1cWzgoDm043Lod9XTY3DyuowuIN5Ru07TYpE9eFL1UlNutkzw-7j4YGdaM6qoZwIhrqAn4XKtCpez3Lk6smBk-yDym227BuGW0v9DVRH1Vi5zjLXLc-LAHvUXj7C4smsDTkJTXxLhSl0nOPTSHaEWPUE4VpP--KbqeV6rwvQJNpN8uEHWULyOXyhvUCKtIk4w8vGKCFGz9mNIy5r0AQKpy4PIVmUn207ylzXoTcSmMHU1_cIf1BHR38eW96VWNcOIuuRpWPrnjEVWsU_JVlQ2dg2GKw2lL4h8HIEmmJwI5Gsj98vF4ewAthBwBd_0hBNdxLu3PC9K1C7PLyvje4qpEodOYMVFUqvO8JEIv9PwrGEAK-xL9r2JLj4n2__nIQ06K9o92sQWmEX6nofLh3pPqDgHzQfB8KFhh_BqnyVTf0L4QcVbvFcmJ9ZuYVosbg1u8Zh7hduFBXkZCy-dhIlhCoTsDM_koQDmNTu9XY-orhs1C8NtYGOtkxb36FiEqQWFKTKqQJ513Tyf5NSDqmVe-xSqXS7OoAnVB01biFlbVWLavOZHSVCvlsHTGkHA71kW4KR3Q40K1PPs64V8x49AQPETQl7C0ugEOwUN0YoiyQMeE7Y38f4LN1nYoUvc8tWATyAadjnfYzqByI4ciIWnkWVijGgC_22L62Kum3gDre-LCM-dMK5MAM4bvyMeTtV3X7hrCg-FD4taA2mkSYLPu818O_l7d3ljw89Iue50ueKQ_DnLVeN8zOv-fHhW6t2cvazu4EhTybs1a0jC0j-j8KzZanbY6nDy-Jw4byF3MVnwFNSKvwMmIP78mmD9LQmexd4Xjy3VJVQPJ5plGZyFJgLx44A1_O5kDZrLnppTutgXBrNCIVgtRfUI6-PRK9_6tBIAgt74nzFwvV9h4sqxaRrCk6q7EBHeDC8hlUwj-79pOOssBh0nKjULYgAWbve73fhiZJf4ncXuHltVnYtBvYtDIxOt0ZgYOR7jp5tu2q4IsTz5YhImVHg8RPKcMJ8dPafDMCrYCSohNnKlfnOQfIXLyo2Pe1f68sQdZ4vKGwUqs-hIb70CFPcg1xEcEPN6Q-HA-crmox0j0eNfjZESuLhzasbxfHTxlrrxfyq-o7BJyUUSBN6EWbFLDw7vi8tdHOchmcOL2U6j8P2LWChRjPNQwpSpCbGKRDCz9oIPTegMrfznfET8W6xVaCk0A0K-V3sZ&sai=AMfl-YTRBPxSrx-eZ8gZSV_rt8Ss7ka1gvOg7Aoqimi9M_v2Wl7-YKlpM26OVSW_omO-wj8FPJqAzCS6QRrvZI9hegItXNXaNEJocFRBnAEHRI0ZHs71wl2wEVqyvvbW2sNk5dFp&sig=Cg0ArKJSzAFkQL_-wizeEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=154&cbvp=1&cstd=150&cisv=r20220531.05304&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: powershelltutorial.net
URL: https://powershelltutorial.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Wed, 01 Jun 2022 23:15:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 QVskxRw7CvsogGZyHRgqudPcMMWoBc1HqTdFrXgdWFU.js Show response
pagead2.googlesyndication.com/bg/ Frame ED1F 35 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QVskxRw7CvsogGZyHRgqudPcMMWoBc1HqTdFrXgdWFU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

415b24c51c3b0afb288066721d182ab9d3dc30c5a805cd47a93745ad781d5855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 16:01:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26083
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13800
x-xss-protection: 0
last-modified: Tue, 24 May 2022 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Jun 2023 16:01:15 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame C204 2 KB
537 B 29ms
15ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_blanket/responsive/V1/index.html?e=69&leftOffset=0&topOffset=0&c=TTRa6Hqezc&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e80a28e260de3fa02ff629d2ae4a84c50a5e159f40807ca8c61b108cb2899880

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 21:28:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 01 Jun 2022 23:15:58 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 01 Jun 2022 23:15:58 GMT

GET
H2 200 gwd_webcomponents_min.js Show response
www.gstatic.com/external_hosted/gwd_webcomponents/ Frame C204 17 KB
6 KB 34ms
14ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/external_hosted/gwd_webcomponents/gwd_webcomponents_min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

124c07b4e8796fd121878e84b052e054d9bf8d1049180a88667ba9e9f2083daf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 23:15:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5622
x-xss-protection: 0
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=0
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 01 Jun 2022 23:15:58 GMT

GET
H3 200 Enabler_01_238.js Show response
s0.2mdn.net/879366/ Frame C204 106 KB
36 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_238.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80c7fe7749a6e8c85fa6473e7bbba5c5dc6ffe20a86036de26d91bd4b9a4e8d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_blanket/responsive/V1/index.html?e=69&leftOffset=0&topOffset=0&c=TTRa6Hqezc&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 10:03:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47524
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36751
x-xss-protection: 0
last-modified: Tue, 11 Jun 2019 21:21:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Jun 2022 10:03:54 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 4990 4 KB
659 B 28ms
16ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed:700|Roboto:regular

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_cuecard/responsive/V1/index.html?e=69&leftOffset=0&topOffset=0&c=jyyQFZmcu5&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a9f01d5bd205a636623a907951acc43edaedb0113d21d9876be7157014e284b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 22:24:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 01 Jun 2022 23:15:58 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 01 Jun 2022 23:15:58 GMT

GET
H2 200 gwd_webcomponents_min.js Show response
www.gstatic.com/external_hosted/gwd_webcomponents/ Frame 4990 17 KB
6 KB 33ms
15ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/external_hosted/gwd_webcomponents/gwd_webcomponents_min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

124c07b4e8796fd121878e84b052e054d9bf8d1049180a88667ba9e9f2083daf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 23:15:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5622
x-xss-protection: 0
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=0
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 01 Jun 2022 23:15:58 GMT

GET
H3 200 Enabler_01_238.js Show response
s0.2mdn.net/879366/ Frame 4990 106 KB
36 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_238.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80c7fe7749a6e8c85fa6473e7bbba5c5dc6ffe20a86036de26d91bd4b9a4e8d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_cuecard/responsive/V1/index.html?e=69&leftOffset=0&topOffset=0&c=jyyQFZmcu5&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 10:03:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47524
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36751
x-xss-protection: 0
last-modified: Tue, 11 Jun 2019 21:21:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Jun 2022 10:03:54 GMT

GET
H3 200 QVskxRw7CvsogGZyHRgqudPcMMWoBc1HqTdFrXgdWFU.js Show response
pagead2.googlesyndication.com/bg/ Frame 7623 35 KB
14 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QVskxRw7CvsogGZyHRgqudPcMMWoBc1HqTdFrXgdWFU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

415b24c51c3b0afb288066721d182ab9d3dc30c5a805cd47a93745ad781d5855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 16:01:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26083
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13800
x-xss-protection: 0
last-modified: Tue, 24 May 2022 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Jun 2023 16:01:15 GMT

GET
H3 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/ Frame 4990 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700|Roboto:regular

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 22:18:51 GMT
x-content-type-options: nosniff
age: 89827
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15660
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:42:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 May 2023 22:18:51 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4990 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700|Roboto:regular

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 11:07:47 GMT
x-content-type-options: nosniff
age: 216491
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 May 2023 11:07:47 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C204 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 11:07:47 GMT
x-content-type-options: nosniff
age: 216491
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 May 2023 11:07:47 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: powershelltutorial.net
URL: https://powershelltutorial.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://powershelltutorial.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6701
date: Wed, 01 Jun 2022 21:24:17 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Wed, 01 Jun 2022 23:24:17 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0AD1 0
26 B 58ms
42ms Ping
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsueXTVCy8Pgbkch3CbyRPZKkULKwayTBAtTmeuASW-01OQ8I7i4kDz-u7OZPcpivaGcOOC70e46ghu1cWzgoDm043Lod9XTY3DyuowuIN5Ru07TYpE9eFL1UlNutkzw-7j4YGdaM6qoZwIhrqAn4XKtCpez3Lk6smBk-yDym227BuGW0v9DVRH1Vi5zjLXLc-LAHvUXj7C4smsDTkJTXxLhSl0nOPTSHaEWPUE4VpP--KbqeV6rwvQJNpN8uEHWULyOXyhvUCKtIk4w8vGKCFGz9mNIy5r0AQKpy4PIVmUn207ylzXoTcSmMHU1_cIf1BHR38eW96VWNcOIuuRpWPrnjEVWsU_JVlQ2dg2GKw2lL4h8HIEmmJwI5Gsj98vF4ewAthBwBd_0hBNdxLu3PC9K1C7PLyvje4qpEodOYMVFUqvO8JEIv9PwrGEAK-xL9r2JLj4n2__nIQ06K9o92sQWmEX6nofLh3pPqDgHzQfB8KFhh_BqnyVTf0L4QcVbvFcmJ9ZuYVosbg1u8Zh7hduFBXkZCy-dhIlhCoTsDM_koQDmNTu9XY-orhs1C8NtYGOtkxb36FiEqQWFKTKqQJ513Tyf5NSDqmVe-xSqXS7OoAnVB01biFlbVWLavOZHSVCvlsHTGkHA71kW4KR3Q40K1PPs64V8x49AQPETQl7C0ugEOwUN0YoiyQMeE7Y38f4LN1nYoUvc8tWATyAadjnfYzqByI4ciIWnkWVijGgC_22L62Kum3gDre-LCM-dMK5MAM4bvyMeTtV3X7hrCg-FD4taA2mkSYLPu818O_l7d3ljw89Iue50ueKQ_DnLVeN8zOv-fHhW6t2cvazu4EhTybs1a0jC0j-j8KzZanbY6nDy-Jw4byF3MVnwFNSKvwMmIP78mmD9LQmexd4Xjy3VJVQPJ5plGZyFJgLx44A1_O5kDZrLnppTutgXBrNCIVgtRfUI6-PRK9_6tBIAgt74nzFwvV9h4sqxaRrCk6q7EBHeDC8hlUwj-79pOOssBh0nKjULYgAWbve73fhiZJf4ncXuHltVnYtBvYtDIxOt0ZgYOR7jp5tu2q4IsTz5YhImVHg8RPKcMJ8dPafDMCrYCSohNnKlfnOQfIXLyo2Pe1f68sQdZ4vKGwUqs-hIb70CFPcg1xEcEPN6Q-HA-crmox0j0eNfjZESuLhzasbxfHTxlrrxfyq-o7BJyUUSBN6EWbFLDw7vi8tdHOchmcOL2U6j8P2LWChRjPNQwpSpCbGKRDCz9oIPTegMrfznfET8W6xVaCk0A0K-V3sZ&sai=AMfl-YTRBPxSrx-eZ8gZSV_rt8Ss7ka1gvOg7Aoqimi9M_v2Wl7-YKlpM26OVSW_omO-wj8FPJqAzCS6QRrvZI9hegItXNXaNEJocFRBnAEHRI0ZHs71wl2wEVqyvvbW2sNk5dFp&sig=Cg0ArKJSzAFkQL_-wizeEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=320&vt=11&dtpt=166&dett=3&cstd=150&cisv=r20220531.05304&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: powershelltutorial.net
URL: https://powershelltutorial.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 01 Jun 2022 23:15:58 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 29ms
14ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=powershelltutorial.net

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://powershelltutorial.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 01 Jun 2022 23:15:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 30ms
16ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=powershelltutorial.net

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://powershelltutorial.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 01 Jun 2022 23:15:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 39ms
39ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fpowershelltutorial.net%2F&tn=DIV&cls=menuVerticalParent&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: powershelltutorial.net
URL: https://powershelltutorial.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://powershelltutorial.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Jun 2022 23:15:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 39ms
39ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fpowershelltutorial.net%2F&tn=DIV&cls=menuVerticalParent&ign=false&pw=1600&ph=1200&x=0&y=139.2

Requested by

Host: powershelltutorial.net
URL: https://powershelltutorial.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://powershelltutorial.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Jun 2022 23:15:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6C54 116 KB
32 KB 160ms
160ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7249477889959952&output=html&adk=1812271804&adf=3025194257&lmt=1654125358&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fpowershelltutorial.net%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654125358846&bpp=1&bdt=2080&idt=0&shv=r20220526&mjsv=m202205260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da735115aefce5fb9-227d5ad1a3cd0060%3AT%3D1654125358%3ART%3D1654125358%3AS%3DALNI_MZ9P465s6CJatu0TT0M9buZovEvAA&prev_fmts=320x50%2C420x280%2C420x280&nras=1&correlator=1472136115649&frm=20&pv=1&ga_vid=1068015053.1654125358&ga_sid=1654125358&ga_hid=994296361&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531557%2C21066428%2C31067628%2C31067768%2C31060048&oid=2&psts=AGkb-H9c5xBcbXz5LixBYyRWY6pu6MIMRmTTcm731bezoaCGhHmwV-pLcAk4phEybjybrth5b-WSLIYIv_8C1uaB6Q%2CAGkb-H_bnU8oXCFC_5PC0hBIwm8rk7WkjhT0rISabT0RSi98YnMugg9ZWFUwhbJCkZho46S9JwGAsGMTZiq4Sz3WcQ&pvsid=1342139864712756&pem=808&tmod=1819196090&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&dtd=8

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1f371b34a756788194627c940ec0f2d883ead7fc03f75ca609e15b4e886a1190

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://powershelltutorial.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 32255
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 01 Jun 2022 23:15:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6446 0
26 B 43ms
42ms Ping
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv2FLmDB3scUVVaTfwjxKFVHENqY1hF9VaD3zAbnl8jApXLANm-nZv0NpSHSL1HOJbedZP1xmKhdFYtVP553C2RoPJWYlyekXwzJ9t6ndV1yVVKhyp2Y8fnfKstV8Xjnd2RMlKKrBdKpi47qwda6oyDYLxhgboTDX8ozDoEF5PKg8bBFWEHworv7os8082xHvL4EeVgQAWp5_mZQY19OhkkKQgLFU6l21W3ZuAwJT3LMbQo5RdEMct5AnRIUQWa-g9BruxSG-bLg_r5Ja6N55CPgsloHjbkB5noqSohVB7ZpDsZVrISizQNopaWqcUHCe2QGF4ekYZqbAy5KP4Tf4Xw2HG5gg3k590kOO-fSkMcCyT6DwR0EdwNlV7d3CloxMofJHh85S0swDgqABkcGXPbhHur6GfDFWvz7iLJb2adlDk_EBRSf-XwtndevbYaCfxncwI1fvRFulJxP3c4akR0LUj5w0M6RZwJ1IqfxExPh1Yb6YCijBkUC78EhpQaoo3EwqjAsqG5NWxRPj5X0waTb83psiIPhb-IwVXTjEgPdoJdtCAtlj3kLlmWjeOJklVCcI5QD0TG58wlPjK36tye4-ADLvglfnyGNXlvBOXYFo7LJA6F6s7VhtRKlXqCmRRXsmEhrU2qGgrxDoa6mKV-rnZ7hNSH3mST3kgCPbDkZp4tX6hMZjSzSdNvXRlUtLhqgbcpHn04Nj1zkssEm5NfDixoLBlxpVcqk8s8R8-D4b230tp1RzFB6tCyn7RSsYUaw46B_iZ6cLXBBVn0YTbDRlz4LWUbjzAHfcqw2JZxJrszkJKDn7KdE5YNBQN0U-vFumjr7GBKi4Gey5xT4Mm862SSL083HbFzlX88y291mngdMzMzaFtPB8Uwjr5uCqD6zrbZ9QOng4TGOPUCkW8Xuw4rQ1_zWu1mGLIGlFYXhKD4Iar9VH_3P1KhgI8jrvMD3YnQaaBx6eC7MaKY2GOLV0taRIHlHS7qKrISD9Q_nkFp6qZT00tR60-ueu0SFw8aBv4tQwezE9ziQOwRWAa1BZSAgz_DRkV4nncZuerGkWYd96wDkKKh5w3inxvaD7H2rYhfVi6Zo-uLH56WQGn07kTU51oDvvZane12FZUJTw5Acg9qWIauiK2Oztz6VDyOF0R8kXBNiuA3fr9-m51zC1q5_IyhOdUpakrGXuWkt8AICWibkb7SOPrMs9MYwVHI8S7SeVnvhaAny68il_icUUd0Pswwhp_h-XAX95YNEm020VOGjbnOS0r0CTyw9C2xOVg&sai=AMfl-YSh0cnDYUc326ncYZuAwQtgVEto1Z72B7ERm017YrYs3XDt3CVyTlt6zwEfT5bqtiKHSF7Mq4eQFFqPWODmjVJO4IRazgwKx6Mb-KV1UJfhadzjxZkZFFOJzoyj8bHXhBJO&sig=Cg0ArKJSzPKhSg1l8NRMEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=364&vt=11&dtpt=206&dett=3&cstd=153&cisv=r20220531.57556&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: powershelltutorial.net
URL: https://powershelltutorial.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 01 Jun 2022 23:15:58 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 prod_studio_01_238_configurablemodule.js Show response
s0.2mdn.net/879366/ Frame C204 31 KB
11 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/prod_studio_01_238_configurablemodule.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_238.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf9a6d2d58d42b5239d8c9405c627d9c995f11eb4e2807be1f4f142028dd5f9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_blanket/responsive/V1/index.html?e=69&leftOffset=0&topOffset=0&c=TTRa6Hqezc&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 10:03:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47522
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10829
x-xss-protection: 0
last-modified: Tue, 11 Jun 2019 21:21:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Jun 2022 10:03:56 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1988243107&utmhn=powershelltutorial.net&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utm...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-39345382-1&cid=1068015053.1654125358&jid=952446340&_v=5.7.2&z=1988243107
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-39345382-1&cid=1068015053.1654125358&jid=952446340&_v=5.7.2&z=1988243107
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-39345382-1&cid=1068015053.1654125358&jid=952446340&_v=5.7.2&z=1988243107&slf_rd=1&random=4153357481

42 B
501 B

49ms
22ms

Image
image/gif

2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-39345382-1&cid=1068015053.1654125358&jid=952446340&_v=5.7.2&z=1988243107&slf_rd=1&random=4153357481

Requested by

Host: powershelltutorial.net
URL: https://powershelltutorial.net/

Protocol

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://powershelltutorial.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Jun 2022 23:15:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Jun 2022 23:15:59 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-39345382-1&cid=1068015053.1654125358&jid=952446340&_v=5.7.2&z=1988243107&slf_rd=1&random=4153357481
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 prod_studio_01_238_configurablemodule.js Show response
s0.2mdn.net/879366/ Frame 4990 31 KB
11 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/prod_studio_01_238_configurablemodule.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_238.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf9a6d2d58d42b5239d8c9405c627d9c995f11eb4e2807be1f4f142028dd5f9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_cuecard/responsive/V1/index.html?e=69&leftOffset=0&topOffset=0&c=jyyQFZmcu5&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 10:03:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47522
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10829
x-xss-protection: 0
last-modified: Tue, 11 Jun 2019 21:21:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Jun 2022 10:03:56 GMT

GET
H3 200 12681146202208504861
s0.2mdn.net/simgad/ Frame C204 12 KB
12 KB 7ms
7ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/12681146202208504861

Requested by

Host: powershelltutorial.net
URL: https://powershelltutorial.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e1f4ca40cd6f3919d52a2a1b5e9b29b37adfb59a722faacc8e04047c3f22554

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_blanket/responsive/V1/index.html?e=69&leftOffset=0&topOffset=0&c=TTRa6Hqezc&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 22:01:44 GMT
x-content-type-options: nosniff
age: 90854
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12085
x-xss-protection: 0
last-modified: Mon, 28 Mar 2022 13:14:44 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 31 May 2023 22:01:44 GMT

GET
H3 200 15663363121545611704
s0.2mdn.net/simgad/ Frame C204 554 KB
554 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/15663363121545611704

Requested by

Host: powershelltutorial.net
URL: https://powershelltutorial.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d48b2a315acdb6d4f48a795f3c064c8106246bcdb425d4f27d738f6a245a987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_blanket/responsive/V1/index.html?e=69&leftOffset=0&topOffset=0&c=TTRa6Hqezc&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 22:01:44 GMT
x-content-type-options: nosniff
age: 90854
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 566895
x-xss-protection: 0
last-modified: Mon, 28 Mar 2022 13:14:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 31 May 2023 22:01:44 GMT

GET
DATA 200
OK truncated
/ Frame C204 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 12681146202208504861
s0.2mdn.net/simgad/ Frame C204 12 KB
12 KB 6ms
6ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/12681146202208504861

Requested by

Host: powershelltutorial.net
URL: https://powershelltutorial.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e1f4ca40cd6f3919d52a2a1b5e9b29b37adfb59a722faacc8e04047c3f22554

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_blanket/responsive/V1/index.html?e=69&leftOffset=0&topOffset=0&c=TTRa6Hqezc&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 22:01:44 GMT
x-content-type-options: nosniff
age: 90854
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12085
x-xss-protection: 0
last-modified: Mon, 28 Mar 2022 13:14:44 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 31 May 2023 22:01:44 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame ED1F 0
20 B 43ms
42ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B_jSnLvOXYo_OGqLP7_UPpYSI-AoAAAAAOAHgBAI&bg=!y8ilyIzNAAao8wy8iPM7ACkAdvg8Wr3mLsMlNdVv7RxwyHhxLt6AsZA3rOsJNFHjlUbVDhIpbnNAtAIAAADkUgAAAAFoAQcKAD3prjpXruJJsDkgQWvSLSJUi-ASGEbv_g6nerD-vOAydqGK07dRh1S_I5R8jzF8cusY54slRzyEzET0AIwXmQMidNEuCL0h2Yky02xYNGPO5qH3xa7KiJ7DN4h-fLgNOe2L05Dho2tYuoMFPVss6nMSfExGgKycqrT0bb5QNEUKgG3E-zSOYMdBJTrNYnvcY8rLYZPaMiyisMUFig8MCxQ2DQLezK6Ao6dVyDV2bN36AX3mwnCed2VP-MQEQUm3VGQpSVN_C8jEr7K67KjuyNEAsXxjIssP5zuDcZgWiWoe4W9eQjj2i0yPw8R0GT9D7G1ZzF4PDdR7fBC3ykusHGE3w0GyEUZRcYqLilNZnpRQ0EEcvg8-wlxMmonwYrSO_JYXR_p1h4ZhTBR2a2eC23QGukTgGrRfkWQEfpgAtYnKLOcR-GHDYaJfZUkHtgujSS8ex882UrP6_MYzTKpAtaoOy2pKfgxqEtrROPlW7u2pMInhkqZg-j07T7VPMY5tTeNsp1BzYRP_LsJLndYoRJ2hEoi0mCrzHBjjRsyb_GaLgdeVskqbbrX3kw0fTrbFYWW0ato3rZhCWSs52QEJyQxOS17QZ_ys-OoRKa05tQ9R3JbFrldBNVxE1wZx3r5v2ZV5ViEBGlHjlrbk_3_tHlfPd9thx2HIQAoLBYypxmqQDREAzcM4T8o2kvH659pXoK_2hmegTX-DYfCKEv1kPvuxgUhMwA4d0CSw_GDHRIrw6YABZPMFk4YtsHQdNraLWBvtLWzJGpY-DICj1yzpo8XTp9BVjbKh0y4cALZIri5C5V_0M51Gk2-TgEp7eiOtbfHe0-KAWNoqLlAZ58-3cAdE-E5vb2H3qs3S1cr1mm_uk-05PqnsdW-VPEoY1aa6XTyJWzZuNpYDUa2fTfF1eLK7VazSrVPpV8HtobzvZ3AsKm3tpytceYG7olnuvEYfz0-VqcK382thGZYC1MTIesExbZ5idcbZx7k3rjoZVKyJSGEPTt6bLdLeL1Y6fUoblkYkFn6mbGyJen2mfZz5M1kFO9WXLiK5OAOWadQh1yGevdVvExRIVoIerNZVeNh6P7IuZ7Em8l1stojbgUDRNw2ISkwXM5zY4DhOHoKHR_L1f3rLw9oE_6l4deHbv9EmlgEAsA

Requested by

Host: powershelltutorial.net
URL: https://powershelltutorial.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Jun 2022 23:15:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 arrowIcon.svg
s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_cuecard/responsive/V1/ Frame 4990 429 B
279 B 7ms
6ms Image
image/svg+xml 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_cuecard/responsive/V1/arrowIcon.svg

Requested by

Host: powershelltutorial.net
URL: https://powershelltutorial.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

686e714a396ef9b1cb39f3c06f50dbc54b5105a6d3a7c41e013e624f3edfb84d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_cuecard/responsive/V1/index.html?e=69&leftOffset=0&topOffset=0&c=jyyQFZmcu5&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 23:14:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 252
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-richmedia-studio-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-richmedia-studio-eng"}]}
content-type: image/svg+xml
cache-control: public, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-richmedia-studio-eng"
expires: Thu, 02 Jun 2022 00:04:54 GMT

GET
H3 200 13346753924180920766
s0.2mdn.net/simgad/ Frame 4990 18 KB
18 KB 7ms
7ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/13346753924180920766

Requested by

Host: powershelltutorial.net
URL: https://powershelltutorial.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02d6658b8d9739e05913d25ba6fb2769c24fa0cca68c4fd1ecccf2e769ed59a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_cuecard/responsive/V1/index.html?e=69&leftOffset=0&topOffset=0&c=jyyQFZmcu5&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 22:01:40 GMT
x-content-type-options: nosniff
age: 90858
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18250
x-xss-protection: 0
last-modified: Tue, 29 Mar 2022 14:22:52 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 31 May 2023 22:01:40 GMT

GET
H3 200 2019811762083997489
s0.2mdn.net/simgad/ Frame 4990 554 KB
554 KB 9ms
9ms Image
image/jpeg 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/2019811762083997489

Requested by

Host: powershelltutorial.net
URL: https://powershelltutorial.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d48b2a315acdb6d4f48a795f3c064c8106246bcdb425d4f27d738f6a245a987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_cuecard/responsive/V1/index.html?e=69&leftOffset=0&topOffset=0&c=jyyQFZmcu5&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 09:36:55 GMT
x-content-type-options: nosniff
age: 394743
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 566895
x-xss-protection: 0
last-modified: Tue, 29 Mar 2022 14:23:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 28 May 2023 09:36:55 GMT

GET
H3 200 15663363121545611704
s0.2mdn.net/simgad/ Frame C204 554 KB
554 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/15663363121545611704

Requested by

Host: powershelltutorial.net
URL: https://powershelltutorial.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d48b2a315acdb6d4f48a795f3c064c8106246bcdb425d4f27d738f6a245a987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_blanket/responsive/V1/index.html?e=69&leftOffset=0&topOffset=0&c=TTRa6Hqezc&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 22:01:44 GMT
x-content-type-options: nosniff
age: 90854
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 566895
x-xss-protection: 0
last-modified: Mon, 28 Mar 2022 13:14:55 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 31 May 2023 22:01:44 GMT

GET
DATA 200
OK truncated
/ Frame 4990 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7623 0
20 B 50ms
50ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B4VI4LvOXYr7PHPaT7_UPvrOegAEAAAAAOAHgBAI&bg=!paalpuLNAAao8wy8iPM7ACkAdvg8WirYEFRsgepWnJ-Dg7V8B1CoDlpJuz7yz2U1zoklbzgNAZRFqAIAAADkUgAAAAJoAQeZAx0_63_gba--4tjQXDEs6eAHRmmGiPKo2aL8FiULiYhGd8iYPYR7Juhi8jj5HD30A-tInIC8juxv2Mfb0DkVxLvSx-5a40KfMv23zS0QYL_C_h3yfVjpyz6No8Zuew5kC2ngsmJOnMNDxJj1UZKlYR60-2X7NE8W4dkWO2DFcKsbkC_ORL5Wi4Yr72Pf2oXscHkuTOXOSRlABMULNQJbDrMPMvsPHgbwS1Hr0PcVm8JE8B_Guhzz8RAKUCALvl_xTYHBrPlY8Arb1kU1G_Bmqsomnn0Vss_8TMguAGRvEWOwt5Oe3R9GsZR0xdN8L0OQ_KXhDgKoPj0Jk_6ptJbhrcHEFCvj2ctytkXHddNxDFMaKsF_D7-zuEK6wiXLwcwQxRmrSpROtCLi6OfxITNbqxNV_hjBcI-qxvVNDBOcLbHaKfkzsvDO2PmyGRzuIF7XdfXIUI8NS2hNvaUGiwKWBhEOW4betmvCuYR9YYFiyJVgPT6Xx5iao2WngzYhYptFpDa8DSZ-qIbT-34TBh4qS5dz7chaCqnuL57ePTDWkIxgrfog_dRSXQqVTb2QBai6DMGr1Zi5k2I05GNjueLbe__q_kwxK-kZdIzjXOmjkivUofK4a3nf4MNrJgzUapHjjJLXb9ZVR86Sk3KKB_zmLnVLMRj_7cSnmfQZbYxGPtWUE1rZ5doraa9Ix1tNYjPoIZbC-ZTOBvcExoiQinEobF5pBpea6u1k9Vn1G_9m7fQGDgNckOb2L43QcLWELg3av9sxWEYW44PKJ2RM8wHjKFsZowrPvV6dp6jRdUJUlG1mfgoUONMIGQvrrTx7VrvXGPNf8Qz7oDDDD2hJqzsrUT28sb9WShjtEhTRsUjiWSx6XnmJdcu4Syl8zU7LqKUMjgrFFXAYxReM5_kVbV2GCOI4LlP7YvWAbBjpkaAi8VoKjLVR3ZrnkC4F0JucgBD6BieVcdYbOsNPyb4Td-XQYDqnjBPJmwvCwGrL-X1Ea0oTLorx8lF5KCE7e-Vg37RQdKsykpyuN6Z1W8iE3ABUY4j-HJ7LdZLj6oQILANIBA

Requested by

Host: powershelltutorial.net
URL: https://powershelltutorial.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Jun 2022 23:15:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 13346753924180920766
s0.2mdn.net/simgad/ Frame 4990 18 KB
18 KB 11ms
10ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/13346753924180920766

Requested by

Host: powershelltutorial.net
URL: https://powershelltutorial.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02d6658b8d9739e05913d25ba6fb2769c24fa0cca68c4fd1ecccf2e769ed59a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_cuecard/responsive/V1/index.html?e=69&leftOffset=0&topOffset=0&c=jyyQFZmcu5&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 22:01:40 GMT
x-content-type-options: nosniff
age: 90859
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18250
x-xss-protection: 0
last-modified: Tue, 29 Mar 2022 14:22:52 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 31 May 2023 22:01:40 GMT

GET
H3 200 2019811762083997489
s0.2mdn.net/simgad/ Frame 4990 554 KB
554 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/2019811762083997489

Requested by

Host: powershelltutorial.net
URL: https://powershelltutorial.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d48b2a315acdb6d4f48a795f3c064c8106246bcdb425d4f27d738f6a245a987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_cuecard/responsive/V1/index.html?e=69&leftOffset=0&topOffset=0&c=jyyQFZmcu5&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 09:36:55 GMT
x-content-type-options: nosniff
age: 394744
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 566895
x-xss-protection: 0
last-modified: Tue, 29 Mar 2022 14:23:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 28 May 2023 09:36:55 GMT

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205260101/ 147 KB
52 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205260101/reactive_library_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53fc2056d4ff9a9d5f452f716697f90a4afb09384fb999a327a71c04062e8e43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://powershelltutorial.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 23:15:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53674
x-xss-protection: 0
server: cafe
etag: 18224459424195684036
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Jun 2022 23:15:59 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=powershelltutorial.net

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://powershelltutorial.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 01 Jun 2022 23:15:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 14ms
14ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=powershelltutorial.net

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://powershelltutorial.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 01 Jun 2022 23:15:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4ED2 73 KB
24 KB 184ms
184ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7249477889959952&output=html&h=280&adk=3840153724&adf=3739818646&pi=t.aa~a.2138233492~rp.4&w=853&fwrn=4&fwrnh=100&lmt=1654125359&rafmt=1&to=qs&pwprc=6911098237&psa=1&format=853x280&url=https%3A%2F%2Fpowershelltutorial.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654125359068&bpp=2&bdt=2303&idt=2&shv=r20220526&mjsv=m202205260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da735115aefce5fb9-227d5ad1a3cd0060%3AT%3D1654125358%3ART%3D1654125358%3AS%3DALNI_MZ9P465s6CJatu0TT0M9buZovEvAA&prev_fmts=320x50%2C420x280%2C420x280%2C0x0&nras=2&correlator=1472136115649&frm=20&pv=1&ga_vid=1068015053.1654125358&ga_sid=1654125358&ga_hid=994296361&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=281&ady=1338&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531557%2C21066428%2C31067628%2C31067768%2C31060048&oid=2&psts=AGkb-H9c5xBcbXz5LixBYyRWY6pu6MIMRmTTcm731bezoaCGhHmwV-pLcAk4phEybjybrth5b-WSLIYIv_8C1uaB6Q%2CAGkb-H_bnU8oXCFC_5PC0hBIwm8rk7WkjhT0rISabT0RSi98YnMugg9ZWFUwhbJCkZho46S9JwGAsGMTZiq4Sz3WcQ&pvsid=1342139864712756&pem=808&tmod=1819196090&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=1&fsb=1&xpc=aYFxVC88sA&p=https%3A//powershelltutorial.net&dtd=17

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2c79c136450a03e071ef8902bc6e53f2b45cd0078bcdfc151e75dd262705a588

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://powershelltutorial.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 24229
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 01 Jun 2022 23:15:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220526/r20110914/ Frame B0E7 10 KB
4 KB 7ms
7ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220526/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db3985c4d5ae08ac22f3958d29da53f4edcd150439f74c668074c65ea0981da6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://powershelltutorial.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 36025
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4402
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 01 Jun 2022 13:15:34 GMT
etag: 1327746537699501093
expires: Wed, 15 Jun 2022 13:15:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame B0E7 4 KB
633 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220526/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cba47082178b1574a96fa49c257693082949237914f632073da2f476dc81e0db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 21:25:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 01 Jun 2022 23:15:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 01 Jun 2022 23:15:59 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220531/r20110914/elements/html/ Frame B0E7 19 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220531/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220526/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9adcbce27a94f1a18dbded1b0024b427af2f13ae66d9390dacae83017cd3e460

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 21:01:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8067
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8227
x-xss-protection: 0
server: cafe
etag: 1301743315790764339
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Jun 2022 21:01:32 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220531/r20110914/ Frame D611 21 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220531/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220526/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa7fdfa58b30ccdefdd8f99a40cd0c78aecb8e858b5256d07fec8eefa95518a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 21:18:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7050
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8653
x-xss-protection: 0
server: cafe
etag: 3385757330471345920
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Jun 2022 21:18:29 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame D611 8 KB
714 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220526/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6b3f0a6d6a59d8015a0f304089d399067747d2618e48cce61474983bf0e76f7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 21:25:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 01 Jun 2022 23:15:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 01 Jun 2022 23:15:59 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220525_RC00/ Frame D611 14 KB
3 KB 34ms
7ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220525_RC00/outstream.min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220526/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 13:23:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35540
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Wed, 25 May 2022 10:47:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Jun 2023 13:23:39 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220525_RC00/ Frame D611 351 KB
121 KB 34ms
8ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220525_RC00/outstream.min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220526/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1fbf1df681e20b8e52867b4ec3504b6bf9c5a1c7af6fe38c80f67e2f693de4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 13:23:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35540
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 123888
x-xss-protection: 0
last-modified: Wed, 25 May 2022 10:47:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Jun 2023 13:23:39 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220531/r20110914/client/ Frame D611 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220531/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220526/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 22:45:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1825
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7312
x-xss-protection: 0
server: cafe
etag: 10280116914265038571
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Jun 2022 22:45:34 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame D611 0
0 29ms
14ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTndBOyNdZy_8cfvqVyCsTMytYde6od1xwifx1e5stMGeRoCZe-8FvnrvXLaRkYlOvxvNmhoGE5TXbC7P-yMelV8sTYVg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220526/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

POST
H2 204 csi
csi.gstatic.com/ Frame D611 0
327 B 96ms
36ms Ping
image/gif 2a00:1450:4007:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~l3w7j3pc&c=3169641559927&slotId=1584820779963.5&qqid=CKTzt5OxjfgCFZ_HuwgdK-kHKg&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220525_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4007:812::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Jun 2022 23:15:59 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D611 0
20 B 40ms
40ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CdD6ZLvOXYqSkNZ-P7_UPq9Kf0AKd94y1aefY2qnbD7_oor3AARABIN26iwVgleKQgqAHoAHxmpeaKMgBBakCh2oChK_fsT6oAwHIA5sEqgSyAk_Q7JpBBUC0Uzr4wwJmtMucl19NVjftzv_p8xctq7uMCXBQpB7mr2jzBKUIF4jA5xfvPtwLmYcVAzkNPuPKE78JM4EsYHlsuJws8hALjUbf036Hq5eAOr7-7BsjYgR3rfi4JxgZBmNsuQGKARQPF8ouem75BJykyuP-ZcRqx3kWtJIxdcFHtZkzdloDb1veZwK4YosBRLkf-6RSvtheIw7goLprP6Otwq1fuXyyKWJ8mRRqYaLi2WXnBdsOvZM9m2017RMigfMLZKeWNngSu1-yQr0icAIoSW-nX8NW3hBnm_0IY7lZ60KgjQHRF7nSfJyJVT6dtYMOTKvUeJIALP6Nxt18kaiPCDe2JBTxGN8UUTa3lwHOQ5U90S4GQ2O__BfejZoKxt4uPq0BP7g7utYGnsAE4cWLue8D4AQDkAYBoAZ2gAfx0uf5AqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYH4AKAcgLAeALAYAMAbAT2vDhDsgT_4ri3wPQEwDYEwqIFALYFAHQFQH4FgGAFwE&eventType=clickstring&clientTime=1654125359238&ai=CdD6ZLvOXYqSkNZ-P7_UPq9Kf0AKd94y1aefY2qnbD7_oor3AARABIN26iwVgleKQgqAHoAHxmpeaKMgBBakCh2oChK_fsT6oAwHIA5sEqgSyAk_Q7JpBBUC0Uzr4wwJmtMucl19NVjftzv_p8xctq7uMCXBQpB7mr2jzBKUIF4jA5xfvPtwLmYcVAzkNPuPKE78JM4EsYHlsuJws8hALjUbf036Hq5eAOr7-7BsjYgR3rfi4JxgZBmNsuQGKARQPF8ouem75BJykyuP-ZcRqx3kWtJIxdcFHtZkzdloDb1veZwK4YosBRLkf-6RSvtheIw7goLprP6Otwq1fuXyyKWJ8mRRqYaLi2WXnBdsOvZM9m2017RMigfMLZKeWNngSu1-yQr0icAIoSW-nX8NW3hBnm_0IY7lZ60KgjQHRF7nSfJyJVT6dtYMOTKvUeJIALP6Nxt18kaiPCDe2JBTxGN8UUTa3lwHOQ5U90S4GQ2O__BfejZoKxt4uPq0BP7g7utYGnsAE4cWLue8D4AQDkAYBoAZ2gAfx0uf5AqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYH4AKAcgLAeALAYAMAbAT2vDhDsgT_4ri3wPQEwDYEwqIFALYFAHQFQH4FgGAFwE

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220526/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Jun 2022 23:15:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame D611 28 KB
15 KB 108ms
50ms XHR
text/xml 108.177.15.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CeibikaAKVUeWnqPW0dsNeZpMcAuhX-uQH3OZhcXUHWP34y0D8PEjzkZqP83FUXALv0TLWIpS3QrknVLd4kilC31JLOA&cry=1&dbm_d=AKAmf-CwDVbGyMnZQb4Sp_vu1v0I8TbX9KzYvGeRdpK4MjI2nSkPZGSJKHEqzPuhLCxgCCqTYhtc-AShir5NFUMgavfeLhvwpK8zCzS7Byw8IUTnW-EOxRbFbW1eCv4thP5WiZLC0RsNfO-V9zrFZT38IOy85t5vDgTNnDdaqK5mG0bf2z3oh14_KmaMC50iFFcQ_T_pfN04EhfquOvIaGy9JOQUMAKz3PtzBV1NyF5EbNHjNR7YlPBkXZVshw5cuoFyHlDgTnOs38-v17NYdgGIWZPY9Vv9667WySckuOx3JJe3sdfytj3gy2Rpu-HW3MVJxA6zNRE7Pd-MpyyuYZsxzbNWza8L7qjl73RAzahbKl2YG_BlofvnXVEP2ZMntdaBf9VyfM52l7iesEj2svwOtNrQZMJJfGMeMS30gxv55lg3ChxAA-VpMELjiJaGG6P5nXq505OusxWT88vaUS1CVSD9_LrpgxCoc1Hehbf1uoSpHhcwxUsypk7JnPeGvg5k0jMy88Aw8i1qvRprRpXHNdM03LaAHTuewQh8b5sJes0iScYM6VQcbxzFFY2dTz5QEjr8WuZ4Zp0PcqxX8D8Gtm9YbhAWqAEVdDRgOrN0MCt_cfhBI53G6fptD-sB_hIGrle3jWDfAW5T4xsaVopJcw92Q1bbcR3w7ykBKLKn91QAHawlbk2FUbW0HhuBcEjQAzqf_ESTgXWEyBpZ-5Ho1DlmRJ-BMDYaSJKwjiOaBeBpnCpLA2yRJ_vciVZJ_77d-OIPps1iaoqLMfP23zXJIpixBsnm1Mret6YDzuAktPvqE5aS2YjhtR5QoeESUoGwbfedCIeDiBpYtAJ9SFWsmAa9MPppuBuYYO175RmFcoZEKKOtSgT71IGiDmqxxEyQKudcwIUMHdw_woLE8e1vt9klxLfwTGOZzl_bkddy_LrpFMxr0ykCIrHioZrEMc0-A8kOr7yqsr4e7XV_rXLoFMIYgCRv2XDSIIkzd2NcnncgRjX7mQ4JcI-SAWfcpZnEjkVaQ9eAK6kQ1_vFsZMNAL4LsVzay0ENFAdqCk-xV_UYGbpUl8dSSlzCTp15uBFbf52HKbrnGmLWqrKIwA8VI8kXUlf3xgIWc7W99kWCROLvvmfRpimAuierqsqpzPc9gJCxG0vLgx7MTDlqmUA_u5l1LF-XSfp5mIV4VaEpSpWBNNR_m8jfdG1CqYG5L05qSOkkDeOVKOpHmhQPSraBwkXbYLlwPjHpziRTjt0nI9ZlJQQae47BnxGbP0THSSNsjfOmFwmPW_uj2Gz9qLG0WIPr_xOusslosRm7H39ZEnDKwLf_Boe7K76L2seadZwi_jSfRHANXAl0obT4zwfGrd39gfUOMCpH5NGfKe3Gsl-alN0NMR3JnTd4LmFWkIvtRDTCyxf6WbalsxfXcBossWNDAU1D1lS6CaWmwfQkSBFF_dh7fCaA8ov2oNYDdpJmrVJ8RLhVLEEE449kBry_lojRfxrj82DDdT3Hlm_m1oY_gQ6qbY8go42veYi-_TFKsyFVpntr4SjkS6Phes_oLYmR1I9WTpgXbV_4kkGH0qDH9UmDLo8h0aagrgbTn0B78lGEhY5Cb3WQ1wiHi47PTyyKpptmIq5h0qWk_yZGIG4Hgi91dHAsNd61ZfX4KC_5336viGGiGQsD-yJcfjQo01N0hVnZUQXeQJmQut55jJbeLviM5LKFL4mAOeTgrU4bFifjdQENCvigrxTDWNkVtc3IT6INax5eoAZcjjpzuVqj24B4QL5YpCd_UeRm6jMSZKspsK1xFG0E9inNr68ZdpTzkZuncel2RSvvreLZ8Odu0i2sYC5vHCQSz6o0c90SwOyx4laCHZe0Jfr67QkgR0RplS8eXXOwE8LfGtjd48us0MPY8mjip9daQwdrGc2tRdtUhKoZF8yoDJ2IvelJVy11noEbx6xLmehT4JdJZLrgvMUZQvXaCSjLzrM1yN0cyE9zEjPaQ0US-2o5EWF7aO6cX61xgn0QUcuDSG0kmX-pkoa22-H1-ew4Puk2eAlRlzB26MtYIvJtG2eN7dORQWMSVTQoWtmbQmb3k52BqTyJPWxsuZP7cspc-xp9oXiKAUY8gweZrBYJbhxBZpZeesyt4eANJTDeD0p1U4oUnH8bip1XybLlM0RlNLDDrg0vUyB0sLaqYJjTGpRJe0zB4MFdXQrHEpZvjluqGzgygwSaGc-1OjdTuMQvvfwFxP19-u8bTTE1Lo3IJRcAkHDskIHjJPa0ekWZ8uAM_wO6O0tPzJNAF861_LSYb9v_bqVwtz041tkW_aAYJrUYOc-PK5Cv0YBxoXa27f9BBO0_Zr9G4puNvxrC-VIk06rKTI2ZzAmYmchOcaGN7-WUdXguOan46iHxR01iSvXKSweo5Yiz3ko-MGepppYJKtCFDIYvZNwvRbwKnrHzIYPJ1Wwr8kuUvI27JG2kH-C4DYoBvl6QYBJoeosJ8zSaeGwNYmSm7TEMrKAbEvC775vgKxMTNI8G8ObISqDY7hoXzfh38B3PAitGwpsQRCCnqF-b0m5bROq0o5D_BWbyU6Nq6xsqzNFJZ7UAvV6szKx_sfX5XMVlKNrC3N5FaAW5yLgdLcGZjo2ZL3IfqB0KhrRsOHvo4CJyU01ROSEL1DDCAXmHGZ55vrWnIlCo-xX1b-TbuE4QA6I-vPyrvst9jMS47S-fyEeoCAWmPh1EWhgx6cRhLYy931ivcuRNpIW7mI48PAqmLSt4EbMdcZlsU2-iAyQKhknV1BiDk-DAtN12mkq4tr0dZ2z_XgqH3nFl4YVQNnA_LGRErJ_o41a8Vv6jWeu9hy2AYm2ItKgN-3imjqrwLp23zHcAiChIJwyQNMzC-ks--NVXTw2GUqmrRTXxYBNGe4liWJt0O03Vcy1tSjOxbN2Nw53cg0sIKQNCfTidR1ylOYEsastCQZ769PST7d2ACqVHXYFTNr6xg4fffP8Ub8p-oDLOiNHFBLTp6W9p-z1c3SbdA2lTaCCILcuIvjcZFL5VEFnxZimQKqdhgPgUXrL5NTKpbUw65Pc2ZFTaWDOtXWZ4geq4Sxtf-xeOWnoe1POlT7Cj2qiUD2BpoxLuZVkjYyzFTcgMg5ID0U8S7uWsgeWGG0G6c_bX97VIUdRfjxMkU3nfPub-BWQoAOOkC0vbP9BtoBntpzcDlj1jN9J11KVyrJcDvByCWSwiE_GewL3dv90tp9O0HANtLwqBsUR9wphkZ8knm6SokFkH2N632-DiFRCnRo828qC4YI19MCLPcCIM5iVM3uTURQHTRkfyLTEXxJZGS8F8OxvaWS9sZSpRsB_9y9p1rJFlqL8Tj_NVpj1h3Q&cid=CAASJeRokkZ-6sUOCUP0muhZEw6isSp9jdOf5mW-OyCTDKXhGezEnZU&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220525_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.177.15.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wr-in-f155.1e100.net

Software

cafe /

Resource Hash

d05c686300dcf0d753e7032ec0c1a39fd5a20575e8d8a9d2b38460d526da6d94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 23:15:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15291
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame C661 1 KB
749 B 6ms
6ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220526/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 35387
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 01 Jun 2022 13:26:12 GMT
etag: 48472445140208031
expires: Thu, 02 Jun 2022 13:26:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame C661 35 B
464 B 31ms
8ms Image
image/gif 2620:116:800d:21:5ed4:8d5d:fed7:f5ef
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEPxK2qz7b4DxKHRpLhFl5sY&google_cver=1&google_push=AYg5qPLwHrSoLpcaOQ7UDG7jAOtgHaa-1pV0PhG9IErTAwHImuWxAy_LWYCWhzOidjQL1ef4ink6tAPqU4bttHi6nszFpe9ZLbM

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220526/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Jun 2022 23:15:59 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C661
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPIiMCuT9Sr7Ht8B3Zu5CoGo9NNpJDsS1o1D5XcU7QHQ2czEfGAJq3hP_GRghWT-A5xPKsZHA_bFdBO3Y48X_bTTWvWpBsPZ&google_gid=CAESEBK8JEuG7G23b_Cl8dSA9Ys&goo...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCK_m35QGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BWWc1cVBJaU1DdVQ5U3I3SHQ4QjNadTVDb0dvOU5OcEpEc1MxbzFENVhjVTdRSFEyY3pFZkdBSnEzaFBfR1JnaFdULUE1eFBLc1pIQV9iRmRCTzNZND...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwc3I1NFJvb09mcTZWSmtacWlyYnF4aXdGX2VseHRjcld4Qm5EbGRWRUlFSQ==&google_push

170 B
188 B

15ms
15ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwc3I1NFJvb09mcTZWSmtacWlyYnF4aXdGX2VseHRjcld4Qm5EbGRWRUlFSQ==&google_push

Requested by

Host: powershelltutorial.net
URL: https://powershelltutorial.net/

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Jun 2022 23:15:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 01 Jun 2022 23:15:59 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwc3I1NFJvb09mcTZWSmtacWlyYnF4aXdGX2VseHRjcld4Qm5EbGRWRUlFSQ==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame C661 43 B
356 B 50ms
15ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESENIQLVCjYm0k2dQmqcAIbIk&google_push=AYg5qPIEWnBzC0B2lD6LnYsNKq6u2LZYVzZaIAJgWDVhPLdWzoiaUd8afg4wn8DDhg68ADx8Ic8LumNRSQTTwii67_nOja-0tiA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220526/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Jun 2022 23:15:59 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame C661 43 B
351 B 58ms
23ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESENh0ybrgsCIVRmWLvsHfEBc&google_cver=1&google_push=AYg5qPIStGoZD568sYna7Uw_DHZF893HwMFUM3AFVmsFCd0licpo-R1HaU0tb59kvXJ_utQ1qXIx-XNNGnhS70TTbxq4kV3Ov02a
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220526/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Jun 2022 23:15:58 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: g9kol6scoqiv70ndf2mq0cde5hqrcg88

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C661
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=VzOZgSecQ0yIg3QOoLssrw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

16ms
16ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=VzOZgSecQ0yIg3QOoLssrw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPK_6npxPQG5BuIhpvJGLJAHA6mG3u0LoPm7ic2Bp9wJVlijBoIelnCZHBCHszrBinfX3Xa0lmOuIiAsAS8o54mndqFyOHCd

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Jun 2022 23:15:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=VzOZgSecQ0yIg3QOoLssrw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPK_6npxPQG5BuIhpvJGLJAHA6mG3u0LoPm7ic2Bp9wJVlijBoIelnCZHBCHszrBinfX3Xa0lmOuIiAsAS8o54mndqFyOHCd
date: Wed, 01 Jun 2022 23:15:58 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C661
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDUnHfQQ-sUjUtouSFzBVk8&google_cver=1&google_push=AYg5qPL8WkWpLUcP6t4WnZcSlIYi0IkwWjFIHUP_4rIktiSI8VTJSaRRizaFG52CONktqt-nyhv...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNXN0ozVDEtMjAtRjgzVA==&google_push=AYg5qPL8WkWpLUcP6t4WnZcSlIYi0IkwWjFIHUP_4rIktiSI8VTJSaRRizaFG52CONktqt-nyhvhyH5cw6HeE69IzfBEb4Gz5Ok

170 B
188 B

16ms
15ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNXN0ozVDEtMjAtRjgzVA==&google_push=AYg5qPL8WkWpLUcP6t4WnZcSlIYi0IkwWjFIHUP_4rIktiSI8VTJSaRRizaFG52CONktqt-nyhvhyH5cw6HeE69IzfBEb4Gz5Ok

Requested by

Host: powershelltutorial.net
URL: https://powershelltutorial.net/

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Jun 2022 23:15:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNXN0ozVDEtMjAtRjgzVA==&google_push=AYg5qPL8WkWpLUcP6t4WnZcSlIYi0IkwWjFIHUP_4rIktiSI8VTJSaRRizaFG52CONktqt-nyhvhyH5cw6HeE69IzfBEb4Gz5Ok
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C661
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECAqrQiVqm9UK6SlhIVxOCw&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YpfzLo7J7Du3QgK2tN7yrwAABHYAAAAB&google_push=AYg5qPLLiZKM9tpR-LVoh3b-mUCfhQr4kLqq30Efm2l1UvHY60NNJGv1-T02BmoPuJezQqvk7dT8rQu-X1vBNPxMMi...

170 B
188 B

16ms
16ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YpfzLo7J7Du3QgK2tN7yrwAABHYAAAAB&google_push=AYg5qPLLiZKM9tpR-LVoh3b-mUCfhQr4kLqq30Efm2l1UvHY60NNJGv1-T02BmoPuJezQqvk7dT8rQu-X1vBNPxMMiE1F9hSe9ku&google_gid=CAESECAqrQiVqm9UK6SlhIVxOCw&google_cver=1

Requested by

Host: powershelltutorial.net
URL: https://powershelltutorial.net/

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Jun 2022 23:15:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 01 Jun 2022 23:15:59 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YpfzLo7J7Du3QgK2tN7yrwAABHYAAAAB&google_push=AYg5qPLLiZKM9tpR-LVoh3b-mUCfhQr4kLqq30Efm2l1UvHY60NNJGv1-T02BmoPuJezQqvk7dT8rQu-X1vBNPxMMiE1F9hSe9ku&google_gid=CAESECAqrQiVqm9UK6SlhIVxOCw&google_cver=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 460
Expires: Wed, 01 Jun 2022 23:15:59 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame C661 0
12 B 14ms
14ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KJpzD2UNin1ORPH0qbOpS3oBODAwBg8Y22m4--jcgeGXxOEtL3qKMBzRh7-vHcMWomfkml

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220526/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 23:15:59 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220531/r20110914/ Frame 4ED2 21 KB
8 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220531/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7249477889959952&output=html&h=280&adk=3840153724&adf=3739818646&pi=t.aa~a.2138233492~rp.4&w=853&fwrn=4&fwrnh=100&lmt=1654125359&rafmt=1&to=qs&pwprc=6911098237&psa=1&format=853x280&url=https%3A%2F%2Fpowershelltutorial.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654125359068&bpp=2&bdt=2303&idt=2&shv=r20220526&mjsv=m202205260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da735115aefce5fb9-227d5ad1a3cd0060%3AT%3D1654125358%3ART%3D1654125358%3AS%3DALNI_MZ9P465s6CJatu0TT0M9buZovEvAA&prev_fmts=320x50%2C420x280%2C420x280%2C0x0&nras=2&correlator=1472136115649&frm=20&pv=1&ga_vid=1068015053.1654125358&ga_sid=1654125358&ga_hid=994296361&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=281&ady=1338&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531557%2C21066428%2C31067628%2C31067768%2C31060048&oid=2&psts=AGkb-H9c5xBcbXz5LixBYyRWY6pu6MIMRmTTcm731bezoaCGhHmwV-pLcAk4phEybjybrth5b-WSLIYIv_8C1uaB6Q%2CAGkb-H_bnU8oXCFC_5PC0hBIwm8rk7WkjhT0rISabT0RSi98YnMugg9ZWFUwhbJCkZho46S9JwGAsGMTZiq4Sz3WcQ&pvsid=1342139864712756&pem=808&tmod=1819196090&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=1&fsb=1&xpc=aYFxVC88sA&p=https%3A//powershelltutorial.net&dtd=17

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa7fdfa58b30ccdefdd8f99a40cd0c78aecb8e858b5256d07fec8eefa95518a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 21:18:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7050
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8653
x-xss-protection: 0
server: cafe
etag: 3385757330471345920
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Jun 2022 21:18:29 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 4ED2 8 KB
714 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6b3f0a6d6a59d8015a0f304089d399067747d2618e48cce61474983bf0e76f7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 21:28:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 01 Jun 2022 23:15:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 01 Jun 2022 23:15:59 GMT

GET
H3 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220525_RC00/ Frame 4ED2 14 KB
3 KB 21ms
6ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220525_RC00/outstream.min.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 13:23:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35540
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Wed, 25 May 2022 10:47:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Jun 2023 13:23:39 GMT

GET
H3 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220525_RC00/ Frame 4ED2 351 KB
121 KB 21ms
7ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220525_RC00/outstream.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1fbf1df681e20b8e52867b4ec3504b6bf9c5a1c7af6fe38c80f67e2f693de4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 13:23:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35540
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 123888
x-xss-protection: 0
last-modified: Wed, 25 May 2022 10:47:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 01 Jun 2023 13:23:39 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220531/r20110914/client/ Frame 4ED2 17 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220531/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 22:45:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1825
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7312
x-xss-protection: 0
server: cafe
etag: 10280116914265038571
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Jun 2022 22:45:34 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 4ED2 0
0 14ms
14ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRclm-vLYlB8H7YX-Vr8tTECU-fhcxsgJrsOfT4JVjAecbOUq5jlC9vkl-3fihribukZScVcS7CJLej3M2eufNFE9jLXA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7249477889959952&output=html&h=280&adk=3840153724&adf=3739818646&pi=t.aa~a.2138233492~rp.4&w=853&fwrn=4&fwrnh=100&lmt=1654125359&rafmt=1&to=qs&pwprc=6911098237&psa=1&format=853x280&url=https%3A%2F%2Fpowershelltutorial.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654125359068&bpp=2&bdt=2303&idt=2&shv=r20220526&mjsv=m202205260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da735115aefce5fb9-227d5ad1a3cd0060%3AT%3D1654125358%3ART%3D1654125358%3AS%3DALNI_MZ9P465s6CJatu0TT0M9buZovEvAA&prev_fmts=320x50%2C420x280%2C420x280%2C0x0&nras=2&correlator=1472136115649&frm=20&pv=1&ga_vid=1068015053.1654125358&ga_sid=1654125358&ga_hid=994296361&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=281&ady=1338&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531557%2C21066428%2C31067628%2C31067768%2C31060048&oid=2&psts=AGkb-H9c5xBcbXz5LixBYyRWY6pu6MIMRmTTcm731bezoaCGhHmwV-pLcAk4phEybjybrth5b-WSLIYIv_8C1uaB6Q%2CAGkb-H_bnU8oXCFC_5PC0hBIwm8rk7WkjhT0rISabT0RSi98YnMugg9ZWFUwhbJCkZho46S9JwGAsGMTZiq4Sz3WcQ&pvsid=1342139864712756&pem=808&tmod=1819196090&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=1&fsb=1&xpc=aYFxVC88sA&p=https%3A//powershelltutorial.net&dtd=17
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

POST
H2 204 csi
csi.gstatic.com/ Frame 4ED2 0
54 B 37ms
36ms Ping
image/gif 2a00:1450:4007:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~l3w7j3rw&c=5998657917004&slotId=2999328958502&qqid=CJu3xpOxjfgCFRnb7QodwcIIdA&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220525_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4007:812::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Jun 2022 23:15:59 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4ED2 15 KB
16 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 12:43:04 GMT
x-content-type-options: nosniff
age: 210775
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 May 2023 12:43:04 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4ED2 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 11:07:47 GMT
x-content-type-options: nosniff
age: 216492
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 May 2023 11:07:47 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4ED2 0
20 B 40ms
40ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CKjlhL_OXYtvjBpm2twfBhaOgB533jLVp59jaqdsPv-iivcABEAEg3bqLBWCV4pCCoAegAfGal5ooyAEFqQJS6pVSLOCxPqgDAcgDmwSqBLACT9CXh-PsWgX6zmwnOCC6f9Pq6O1Zxeb5SBq43Ad67Ne8N3pqIBGa8qhD7AHic0nnauOJWyCRybfiCvZTeu6s-ReO9WAYxTFMUmOxCRMHX0d6GRuY4rCH9M46qdGxgVsDP9PUzHGY-LI4biF8nhria7MGlxcAKtdnEOMmn19HHaQRQLQntQpOQbWrWrxM4XwPb80d2OwH4w_dNRma4OBBFAHWHZZUJg9BnBuxhNVBg9_kTS4zZVT6d0g9yY5geGF6iQ3s4Pl5NziiXcUPi6S08l5JKnCBpY2UEHrKa9UZVGP-Tmh10e3fEVVFN7l-o9si8wbJSWxAgOaUMp78RsKtqizOVjHszdQWkTLXTZzgdr5IZO1TSz10A_E4ZtKeqsv89iTXuTe6mw_xmmDCBUAo-MAE4cWLue8D4AQDkAYBoAZ2gAfx0uf5AqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYH4AKAcgLAeALAYAMAbAT2vDhDsgT_4ri3wPQEwDYEwqIFALYFAHQFQH4FgGAFwE&eventType=clickstring&clientTime=1654125359333&ai=CKjlhL_OXYtvjBpm2twfBhaOgB533jLVp59jaqdsPv-iivcABEAEg3bqLBWCV4pCCoAegAfGal5ooyAEFqQJS6pVSLOCxPqgDAcgDmwSqBLACT9CXh-PsWgX6zmwnOCC6f9Pq6O1Zxeb5SBq43Ad67Ne8N3pqIBGa8qhD7AHic0nnauOJWyCRybfiCvZTeu6s-ReO9WAYxTFMUmOxCRMHX0d6GRuY4rCH9M46qdGxgVsDP9PUzHGY-LI4biF8nhria7MGlxcAKtdnEOMmn19HHaQRQLQntQpOQbWrWrxM4XwPb80d2OwH4w_dNRma4OBBFAHWHZZUJg9BnBuxhNVBg9_kTS4zZVT6d0g9yY5geGF6iQ3s4Pl5NziiXcUPi6S08l5JKnCBpY2UEHrKa9UZVGP-Tmh10e3fEVVFN7l-o9si8wbJSWxAgOaUMp78RsKtqizOVjHszdQWkTLXTZzgdr5IZO1TSz10A_E4ZtKeqsv89iTXuTe6mw_xmmDCBUAo-MAE4cWLue8D4AQDkAYBoAZ2gAfx0uf5AqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYH4AKAcgLAeALAYAMAbAT2vDhDsgT_4ri3wPQEwDYEwqIFALYFAHQFQH4FgGAFwE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Jun 2022 23:15:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 4ED2 28 KB
15 KB 52ms
52ms XHR
text/xml 108.177.15.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-DGFB6NKeRW8v_YHkSzX9rPzcVXKxthohXu0qfkdlFR_U9ogMmB1REtyFmq_I51RuOT20AzLmccaWlu6X3kI1HF4GmlEg&cry=1&dbm_d=AKAmf-A0g1C_fnDNe0Y0-Q1LhUr6TxU5xHyY2qrdaY-iJlyWyJbT0YPykNhRCRW7QkDl1wsTd5K3R7S-Sp2Aqm-vQhmFJFeuIqNotXF2bjX7ouQtEKsjVqcXjOIyaSGlHlqWa9-96lhp5Y_jmls6_jPF9XYg57loi0PyrvcU5jSqVIPRcOanj2j_D1Xdvhbq00RwBfDuV8H95SVFbgipkKt_3pU5BINCtwl7D30x0yWNlqJe7bsv8-_f-x5KEu0n21-y0h151qziqY4N0BBkdLGpQvf_FWEo60LzZlM9xFm0tt2BoznG10mypDYAc2e_56DxKzagUfdgnn2TJZcKvM9D7d-ufh6hF8c-yfmiFWP_i_3SUM8Vw_bGY_aBDehFEQujjgLEzLXuQgX4wLQH6it0ZoWXKFY8MI36OJzZXUZmefLfyRcd2xBh-45pvKRK9RzrLat4D8ExNWgAXh58RiIuRcjtB9aYOGPkE5XGjab-UjX-xyYuEJigbjbeYVckndnFi4Pzy7VF9PnkG91JuDRNu-girG4zH7LErc8hnm2PiQwemThPl0lYgEayoQaiOtHhtjzpnkUsuh_ZW2semFEHOc78gQ4jeh87tyiWF47nKfRv9sx_1yVrTRvVDQxgl7pazC4_ZtAM5zHto8lMTG1ZMpgXP5Fzfdgn1abXEWrim7QyoHX_AY0LVGVqT5RJQuPc8uSacNvQLU7RFMqY9Kkc-ENOrPQ_LPYhDnUH2o3AHKU1_SYe31fHKQzi8IljujGdWsjZDbGHSOvXPoq49RBGOA9KEDRUFLnpe0ndhNL5KzX8AXVBIPR5suN9paEnljplZxEhyM6KFjMgLJfhCH6Ni_Ov5kJYYhNYDekQCItUjD8NBTyaoZdnQrXti5gT-7roziRTSW-rMHMCbHct6kOo3S5AxwwMNZcOve3zMNEzHrycGFG6ZqlxaKHKEBIW2nD3V4BaKal2Ebs-sCoMkPOdF_I7kviqZ8NgnmCawHQy5KFYV-PCUMFmybJEBBuH84qNgMG-BcFx7qV4zlWU8wdj6p-ObTJdGNoSdua2Rugtj9tkgXZNPrC8ADA9nEiF5dqfs3TUEwNkLZNlAs9ZrH8Q4o4rXoJuJTiuhzW30zIEPQ2kMetjbd9i3GI8jcSaTIZNmOwAgnwTTaj_bgPssWMksQeS_EDF9cbULK77VgLmW2dpMNCp0iPUkBmUSWELl1JqD6xQhvENB6DZV_SwE91TItsPKteMHsNhgrj44YQdcfZg7x68HBrzy1DWYy2eDykE3qJ_rjejb29bGvl4SYwC6zvj8tx15_P8FXD40bFrbdpIgdDwVivPhPtHB3kHU5X_2TLriOnQA9qwm7x_MOJjB4R_QWLGQmlforwJU9tG2BbMaM0pbB973oEuyp2baOPqp601igVw87mz0f3a8jCOjeoQs33--qgdxJ0kJKKadyoRh0tOEDRXFGCYlOz685hybDACmt8djeeNI6FqiIA8KIbNrQ6xFwxl2T2_M51fir3gJHxUDKC6FcTp6Sa8PoWIt_T4C6RUly88OQAU0jGgLOYgqIuOmdeZ1sIa-VqNPyc-RX4F46YahJBguIJBH5fI0KK9ShO0HRaYNy48OA2kiEWYQWgPdrgxcmRR379PfNnl63XwkeMRmFdxHlpQXaJeRVRj7wkFDJFazY5BVAIDxjizV1vsjasH3cLDzKNbkPjGmZcJ1DAYDTCXIc0rZt1HuMhYmIo7UQ2wBfd5KQm2mRaoYoLI4YQ6zjHUdo39T2lq8w2plUtYwbHs2ARx2GIs01SDsjvSH7d0bviUP-cI6uWkmkDT9S6Esyj7KN-LGCGO9VXag4CgnlIzLu0UyXeHbNVSD0ijcFfW0BYCsxxVrj9stlIIm11RBMdrYH1cIJKJp7qXWwXHehzfAG9e0tkybunyaD7UXVWvegsIxyvZp9tylSzBdJmgXf4mCFrNc7ULFmwZzhUu5bowE52fKINrizxvHLRdrYPH-kquxAuweQp7PAodbmmC_ytL0lru03ocskuJYRCgTJTwEPht9Xqp5R2O7saRT6hiIRNWAMhbgcNYlLQRzWnlN8KWi8tML9hxMF0u1x6X0Zku6DjUjGqag2eXkJmJa_F_7pyab2CfLnaPYW7k75I3YU1eN8Lm9Acxd9x5_ninu-9ve-OEF6X6MPhSnPx5efXX4MRhG9k2trCBf6uaTD7wb0LzrtRGsCKKPs2Cn7dYSqnnSqvWyHHwMvb65EXI_eiQiJz3oaF0kEmIgT74HqvpdF3HkAMC_5tWHSrwmr0tO0TStGBXaMh8Pw-S2pWK9jxbQQWi1Isb1SiP-I7Rgo52jLxC6YU-1tMQGjanSyI7uBECEGQnxkGNchsxjtYWzWGldhBiNEmH8SPQ24MFtLBIi8Fbsxre-HvHHVvQlwiJKhg7XbpfofTaaBeVxwJO3ekxPR-1cVRSmCGdPbFLc_yE7TexeWoBTmKQ7tI7ly7ywZFes_xtvKUAwTr1x9IAAdLrw4QJY7BZ_vUa7QaGGLEV-TbVT5RXq2eF4X5O5zw3sMSLCpGyDYKeXM-iIc2u0cZPUd5hn17cWhCfbl9PvbZjARyvpCFJw1LwMj9lYZwiZ8KyfTdyDg40U-SH6fVwLLPFcHbvNQU49KbnTh0K4tePyqKLkzQV1QO1BwU1_qvv2QnyFYgcbbdvTKImdKKccgIz1kwXwrXZM1ki2lHvEhIOcnbRtOxOsCzaFm_vCUEB2P9czd0aDZW9wjmJZwMNgakB939KLOnoeIqMxK14DQ417Pe0Nm6QS8ykvzhRl3IWkBHT7wUsYA-njahn0v2c6efQt3PF_D9qfNrEanP12FTlDLB4ZDAd3NmPzyn7k0Ss8DsX_-rDY2yce5gMlNxBdBW6voM4KAPFw_1ESULY6YEN7wnCYHSi_SVVbZe9Z1kxBbmfevH0YLitXS0kbXnGKaZvmEDUgALPPIkkbM-C8taiPes-CwQkaCAPJR8MEjkImdR7Brrk5y0SYfiy8X5vF94Q7dB6xI9IffMOcBjKfkaDAINOV7B8J7fQpuSeUndYm92SKBjhJcaN2Jw4-m5hPkQEdVIuljxEYCOIJZR3mYXvrFzJoZGglxkWmdLjfu9ynQ7Vzj7mza2fAh2qBqoDVPj07hOk01JWHcQUTX8CpIDkQ6zSJpHAIZpAMvwynQcPF2He0s54VwY2_8J15ITAnFkC_skt1JdmUyhvR0c_4_oIjXUVuhBgJb6SloUjTBvSZ-mcsnfZDKIj8S0extVZpKjeKMobeqWs195D5cWsWMuYhsA6gPxHCjNm76Fifyvm9JkB3GRQQG7HsOXunqWtFurc2dJ0HxyQ1IDB-3s5qg&cid=CAASJeRowYhywHl0kvJeicNtcKNSQqdgIbDFo82E7GZQsbELpmRywFU&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220525_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.177.15.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wr-in-f155.1e100.net

Software

cafe /

Resource Hash

86f908ecf7a9fe074855cc62d7d8e9a6a18df1c97bc85c34fe4535662ee9eca0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 23:15:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15471
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4ED2 0
0 44ms
43ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C18Y9L_OXYtvjBpm2twfBhaOgB533jLVp59jaqdsPv-iivcABEAEg3bqLBWCV4pCCoAegAfGal5ooyAEFqQJS6pVSLOCxPqgDAaoErQJP0JeH4-xaBfrObCc4ILp_0-ro7VnF5vlIGrjcB3rs17w3emogEZryqEPsAeJzSedq44lbIJHJt-IK9lN67qz5F471YBjFMUxSY7EJEwdfR3oZG5jisIf0zjqp0bGBWwM_09TMcZj4sjhuIXyeGuJrswaXFwAq12cQ4yafX0cdpBFAtCe1Ck5BtatavEzhfA9vzR3Y7AfjD901GZrg4EEUAdYdllQmD0GcG7GE1UGD3-RNLjNlVPp3SD3JjmB4YXqJDezg-Xk3OKJdxQ-LpLTyXkkqcIGljZQQespr1RlUY_5OaHXR7d8RVUU3uX6j2yLzBpFI3iqIzHQADFD5BZE66-Pui-J3bjs6x_rmQfJqtOtuxEv0mtYNS6DXxLCyV00bCXxuhqy3F18Qv_6VwAThxYu57wPgBAOIBfjJkbE-kgUGCBsQAhgBkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZ2gAfx0uf5AqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcKENehBRiJnZvHAdIICQiA4YAQEAEYH4AKAcgLAbAT2vDhDsgT_4ri3wPQEwDYEwqIFALYFAHQFQGAFwGyFxwKGggAEhRwdWItNzI0OTQ3Nzg4OTk1OTk1MhgA&sigh=rLRPUlXKiFg&uach_m=[UACH]&cid=CAQSPACNIrLMZxii07DzUGzpwqDRoO8HwjfS205Xp0ZGUoviYHAoizH5PtsHYrtyxx2MHI5011WuEqGcvOAI8A&vt=10

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7249477889959952&output=html&h=280&adk=3840153724&adf=3739818646&pi=t.aa~a.2138233492~rp.4&w=853&fwrn=4&fwrnh=100&lmt=1654125359&rafmt=1&to=qs&pwprc=6911098237&psa=1&format=853x280&url=https%3A%2F%2Fpowershelltutorial.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654125359068&bpp=2&bdt=2303&idt=2&shv=r20220526&mjsv=m202205260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da735115aefce5fb9-227d5ad1a3cd0060%3AT%3D1654125358%3ART%3D1654125358%3AS%3DALNI_MZ9P465s6CJatu0TT0M9buZovEvAA&prev_fmts=320x50%2C420x280%2C420x280%2C0x0&nras=2&correlator=1472136115649&frm=20&pv=1&ga_vid=1068015053.1654125358&ga_sid=1654125358&ga_hid=994296361&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=281&ady=1338&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531557%2C21066428%2C31067628%2C31067768%2C31060048&oid=2&psts=AGkb-H9c5xBcbXz5LixBYyRWY6pu6MIMRmTTcm731bezoaCGhHmwV-pLcAk4phEybjybrth5b-WSLIYIv_8C1uaB6Q%2CAGkb-H_bnU8oXCFC_5PC0hBIwm8rk7WkjhT0rISabT0RSi98YnMugg9ZWFUwhbJCkZho46S9JwGAsGMTZiq4Sz3WcQ&pvsid=1342139864712756&pem=808&tmod=1819196090&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=1&fsb=1&xpc=aYFxVC88sA&p=https%3A//powershelltutorial.net&dtd=17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 01 Jun 2022 23:15:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3098 1 KB
749 B 7ms
6ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 35387
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 01 Jun 2022 13:26:12 GMT
etag: 48472445140208031
expires: Thu, 02 Jun 2022 13:26:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 4ED2 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aafff95e946e216e63d17c7f408703544f7d36881dda49464e09586b7b0d7341

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3098
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEPxK2qz7b4DxKHRpLhFl5sY&google_cver=1&google_push=AYg5qPIpiKRp3-YexVQ6cJlBVwGazj4049Shk8rzU61hrhqETYNK2halvr...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPIpiKRp3-YexVQ6cJlBVwGazj4049Shk8rzU61hrhqETYNK2halvrUVjqKoYkZTWj6PT6xACCpYSniZqMH_B4uSFFm8n2M&google_hm=cQDE9MNdT48Ho...

170 B
188 B

15ms
15ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPIpiKRp3-YexVQ6cJlBVwGazj4049Shk8rzU61hrhqETYNK2halvrUVjqKoYkZTWj6PT6xACCpYSniZqMH_B4uSFFm8n2M&google_hm=cQDE9MNdT48HoUgUJJzcjA

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Jun 2022 23:15:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPIpiKRp3-YexVQ6cJlBVwGazj4049Shk8rzU61hrhqETYNK2halvrUVjqKoYkZTWj6PT6xACCpYSniZqMH_B4uSFFm8n2M&google_hm=cQDE9MNdT48HoUgUJJzcjA
pragma: no-cache
date: Wed, 01 Jun 2022 23:15:59 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3098
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPKajU5NfjYGz91m81sYY2cddiAkReq52uBNhFf...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXBmekx3QUFCRnZGRERmWA&google_push=AYg5qPKajU5NfjYGz91m81sYY2cddiAkReq52uBNhFfJ27xFgMZiZCUssRP0P7ewMgcZlCAb0bVjPVfzJi8pebRbu-mEkafAYOI

170 B
188 B

16ms
16ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXBmekx3QUFCRnZGRERmWA&google_push=AYg5qPKajU5NfjYGz91m81sYY2cddiAkReq52uBNhFfJ27xFgMZiZCUssRP0P7ewMgcZlCAb0bVjPVfzJi8pebRbu-mEkafAYOI

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Jun 2022 23:15:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXBmekx3QUFCRnZGRERmWA&google_push=AYg5qPKajU5NfjYGz91m81sYY2cddiAkReq52uBNhFfJ27xFgMZiZCUssRP0P7ewMgcZlCAb0bVjPVfzJi8pebRbu-mEkafAYOI
Date: Wed, 01 Jun 2022 23:15:59 GMT
Server: Apache
Connection: keep-alive
Content-Length: 390
Content-Type: text/html; charset=iso-8859-1

GET
H3 200 466606.gif
id.rlcdn.com/ Frame 3098 42 B
60 B 16ms
16ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPKtqaTDstZMP0zKs_HWbDYMiwBRekQjfUfGnXwmdAMrEsf6_BS-3OKj4QIomJFiesS1ggZTX5RUwPTfL8zHJPmD4AkpeVM&google_gid=CAESEBK8JEuG7G23b_Cl8dSA9Ys&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7249477889959952&output=html&h=280&adk=3840153724&adf=3739818646&pi=t.aa~a.2138233492~rp.4&w=853&fwrn=4&fwrnh=100&lmt=1654125359&rafmt=1&to=qs&pwprc=6911098237&psa=1&format=853x280&url=https%3A%2F%2Fpowershelltutorial.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654125359068&bpp=2&bdt=2303&idt=2&shv=r20220526&mjsv=m202205260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da735115aefce5fb9-227d5ad1a3cd0060%3AT%3D1654125358%3ART%3D1654125358%3AS%3DALNI_MZ9P465s6CJatu0TT0M9buZovEvAA&prev_fmts=320x50%2C420x280%2C420x280%2C0x0&nras=2&correlator=1472136115649&frm=20&pv=1&ga_vid=1068015053.1654125358&ga_sid=1654125358&ga_hid=994296361&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=281&ady=1338&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531557%2C21066428%2C31067628%2C31067768%2C31060048&oid=2&psts=AGkb-H9c5xBcbXz5LixBYyRWY6pu6MIMRmTTcm731bezoaCGhHmwV-pLcAk4phEybjybrth5b-WSLIYIv_8C1uaB6Q%2CAGkb-H_bnU8oXCFC_5PC0hBIwm8rk7WkjhT0rISabT0RSi98YnMugg9ZWFUwhbJCkZho46S9JwGAsGMTZiq4Sz3WcQ&pvsid=1342139864712756&pem=808&tmod=1819196090&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=1&fsb=1&xpc=aYFxVC88sA&p=https%3A//powershelltutorial.net&dtd=17
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 01 Jun 2022 23:15:59 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H3 200 dds
rtb.openx.net/sync/ Frame 3098 43 B
64 B 31ms
22ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESENh0ybrgsCIVRmWLvsHfEBc&google_cver=1&google_push=AYg5qPI1dJlM6Gf7SexjAzSSSR73GvyTXrwTGDKv-oxEaYC_BGJwXzE0Y_MRdhaFzZcHtDVg3oPgtAQ5apjwbiYCslWzU8oIvYs
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7249477889959952&output=html&h=280&adk=3840153724&adf=3739818646&pi=t.aa~a.2138233492~rp.4&w=853&fwrn=4&fwrnh=100&lmt=1654125359&rafmt=1&to=qs&pwprc=6911098237&psa=1&format=853x280&url=https%3A%2F%2Fpowershelltutorial.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654125359068&bpp=2&bdt=2303&idt=2&shv=r20220526&mjsv=m202205260101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da735115aefce5fb9-227d5ad1a3cd0060%3AT%3D1654125358%3ART%3D1654125358%3AS%3DALNI_MZ9P465s6CJatu0TT0M9buZovEvAA&prev_fmts=320x50%2C420x280%2C420x280%2C0x0&nras=2&correlator=1472136115649&frm=20&pv=1&ga_vid=1068015053.1654125358&ga_sid=1654125358&ga_hid=994296361&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=281&ady=1338&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531557%2C21066428%2C31067628%2C31067768%2C31060048&oid=2&psts=AGkb-H9c5xBcbXz5LixBYyRWY6pu6MIMRmTTcm731bezoaCGhHmwV-pLcAk4phEybjybrth5b-WSLIYIv_8C1uaB6Q%2CAGkb-H_bnU8oXCFC_5PC0hBIwm8rk7WkjhT0rISabT0RSi98YnMugg9ZWFUwhbJCkZho46S9JwGAsGMTZiq4Sz3WcQ&pvsid=1342139864712756&pem=808&tmod=1819196090&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=1&fsb=1&xpc=aYFxVC88sA&p=https%3A//powershelltutorial.net&dtd=17
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Jun 2022 23:15:58 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 5efibnkrhlfp8dog524dngagaps7rka3

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3098
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=VdcIFUHASoqCq_bj3Jxe2w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

17ms
16ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=VdcIFUHASoqCq_bj3Jxe2w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIgrsGefwnyVHYf8GGSJfo8TdjMnk-amv1M6O9e8Bump5jqoctEMB1gzsoAwIg4FDdVaLkzpEtVqhS-KPRfarc8UZQVYHs

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Jun 2022 23:15:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=VdcIFUHASoqCq_bj3Jxe2w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIgrsGefwnyVHYf8GGSJfo8TdjMnk-amv1M6O9e8Bump5jqoctEMB1gzsoAwIg4FDdVaLkzpEtVqhS-KPRfarc8UZQVYHs
date: Wed, 01 Jun 2022 23:15:58 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3098
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDUnHfQQ-sUjUtouSFzBVk8&google_cver=1&google_push=AYg5qPIzBIFet6Dv6Mhvmncwpv3HQxuNO8eGfV9JY5jdeRxQRQTf60X0LvNP_OYkLx6wF4krY4j...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNXN0ozVEMtMVEtQTJWRQ==&google_push=AYg5qPIzBIFet6Dv6Mhvmncwpv3HQxuNO8eGfV9JY5jdeRxQRQTf60X0LvNP_OYkLx6wF4krY4jJTTWIHqj9-Xn3AqDLScFfvqs

170 B
188 B

16ms
15ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNXN0ozVEMtMVEtQTJWRQ==&google_push=AYg5qPIzBIFet6Dv6Mhvmncwpv3HQxuNO8eGfV9JY5jdeRxQRQTf60X0LvNP_OYkLx6wF4krY4jJTTWIHqj9-Xn3AqDLScFfvqs

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Jun 2022 23:15:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNXN0ozVEMtMVEtQTJWRQ==&google_push=AYg5qPIzBIFet6Dv6Mhvmncwpv3HQxuNO8eGfV9JY5jdeRxQRQTf60X0LvNP_OYkLx6wF4krY4jJTTWIHqj9-Xn3AqDLScFfvqs
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3098
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECAqrQiVqm9UK6SlhIVxOCw&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YpfzLo7J7Du3QgK2tN7yrwAABHYAAAAB&google_cver=1&google_gid=CAESECAqrQiVqm9UK6SlhIVxOCw&google_push=AYg5qPJBJsaSlX9pc4x9QqhvF1SoNNZBBE1os...

170 B
188 B

16ms
15ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YpfzLo7J7Du3QgK2tN7yrwAABHYAAAAB&google_cver=1&google_gid=CAESECAqrQiVqm9UK6SlhIVxOCw&google_push=AYg5qPJBJsaSlX9pc4x9QqhvF1SoNNZBBE1osupgA98cVbfendGhfSwnYDXaAskEq82KJtrZb9qGplUkMWeA6nvwkFCgv-vNcRk

Requested by

Host: powershelltutorial.net
URL: https://powershelltutorial.net/

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Jun 2022 23:15:59 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 01 Jun 2022 23:15:59 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YpfzLo7J7Du3QgK2tN7yrwAABHYAAAAB&google_cver=1&google_gid=CAESECAqrQiVqm9UK6SlhIVxOCw&google_push=AYg5qPJBJsaSlX9pc4x9QqhvF1SoNNZBBE1osupgA98cVbfendGhfSwnYDXaAskEq82KJtrZb9qGplUkMWeA6nvwkFCgv-vNcRk
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 459
Expires: Wed, 01 Jun 2022 23:15:59 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 3098 0
12 B 14ms
14ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IQjj5DtfrF36TW1lMIvrw16Q2Bf2CpPjpopqe3IOrUbxw-eRzY29U66pbSQabtTUE0jO-j

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 23:15:59 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame D611 41 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220525_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 11:13:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 216142
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 May 2023 11:13:37 GMT

HEAD
H/1.1

200
OK

file.mp4
r4---sn-4g5ednds.c.2mdn.net/videoplayback/id/820af5fca6f1a1cd/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1685661359/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame D611
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/820af5fca6f1a1cd/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1685661359/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r4---sn-4g5ednds.c.2mdn.net/videoplayback/id/820af5fca6f1a1cd/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1685661359/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

67ms
6ms

Fetch
video/mp4

2a00:1450:4001:19::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-4g5ednds.c.2mdn.net/videoplayback/id/820af5fca6f1a1cd/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1685661359/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/3FA77AB26DD3AD6521DD773E779CBEBBA7E2665D.5E2F61A1D5ADDD592C2271669D7A868F26EF4BFA/key/cms1/cms_redirect/yes/mh/Bn/mip/2001:ac8:20:3d00:1011:ffcc:1941:7332/mm/42/mn/sn-4g5ednds/ms/onc/mt/1654124922/mv/m/mvi/4/pl/49/file/file.mp4

Protocol

HTTP/1.1

Server

2a00:1450:4001:19::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Wed, 01 Jun 2022 23:15:59 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 4094047
Last-Modified: Fri, 01 Apr 2022 12:44:11 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Wed, 01 Jun 2022 23:15:59 GMT

Redirect headers

date: Wed, 01 Jun 2022 23:15:59 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 666
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
location: https://r4---sn-4g5ednds.c.2mdn.net/videoplayback/id/820af5fca6f1a1cd/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1685661359/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/3FA77AB26DD3AD6521DD773E779CBEBBA7E2665D.5E2F61A1D5ADDD592C2271669D7A868F26EF4BFA/key/cms1/cms_redirect/yes/mh/Bn/mip/2001:ac8:20:3d00:1011:ffcc:1941:7332/mm/42/mn/sn-4g5ednds/ms/onc/mt/1654124922/mv/m/mvi/4/pl/49/file/file.mp4
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame D28D 23 KB
9 KB 7ms
7ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 102194
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 31 May 2022 18:52:45 GMT
expires: Wed, 31 May 2023 18:52:45 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 4ED2 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220525_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 30 May 2022 11:13:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 216142
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 May 2023 11:13:37 GMT

HEAD
H/1.1

200
OK

https://gcdn.2mdn.net/videoplayback/id/820af5fca6f1a1cd/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1685661359/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r4---sn-4g5ednds.c.2mdn.net/videoplayback/id/820af5fca6f1a1cd/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1685661359/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

68ms
7ms

Fetch
video/mp4

2a00:1450:4001:19::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-4g5ednds.c.2mdn.net/videoplayback/id/820af5fca6f1a1cd/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1685661359/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/21FC00AA04AD003F7F2C69CE5E3EAA5FAD3E59EE.020FD47135A2C136BCDB1D9A3A4AF25598342F11/key/cms1/cms_redirect/yes/mh/Bn/mip/2001:ac8:20:3d00:1011:ffcc:1941:7332/mm/42/mn/sn-4g5ednds/ms/onc/mt/1654124922/mv/m/mvi/4/pl/49/file/file.mp4

Protocol

HTTP/1.1

Server

2a00:1450:4001:19::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Wed, 01 Jun 2022 23:15:59 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 4094047
Last-Modified: Fri, 01 Apr 2022 12:44:11 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Wed, 01 Jun 2022 23:15:59 GMT

Redirect headers

date: Wed, 01 Jun 2022 23:15:59 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 666
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
location: https://r4---sn-4g5ednds.c.2mdn.net/videoplayback/id/820af5fca6f1a1cd/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1685661359/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/21FC00AA04AD003F7F2C69CE5E3EAA5FAD3E59EE.020FD47135A2C136BCDB1D9A3A4AF25598342F11/key/cms1/cms_redirect/yes/mh/Bn/mip/2001:ac8:20:3d00:1011:ffcc:1941:7332/mm/42/mn/sn-4g5ednds/ms/onc/mt/1654124922/mv/m/mvi/4/pl/49/file/file.mp4
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 36ms
22ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220526&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9be923a7f9a5cce8fc60f3ad2f73846a7b0c6c4b0fcddc7b66dd1c5b88f9211f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://powershelltutorial.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 01 Jun 2022 23:15:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10757
x-xss-protection: 0

GET
H3 200 QVskxRw7CvsogGZyHRgqudPcMMWoBc1HqTdFrXgdWFU.js Show response
pagead2.googlesyndication.com/bg/ Frame D28D 35 KB
14 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QVskxRw7CvsogGZyHRgqudPcMMWoBc1HqTdFrXgdWFU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

415b24c51c3b0afb288066721d182ab9d3dc30c5a805cd47a93745ad781d5855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 16:01:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26084
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13800
x-xss-protection: 0
last-modified: Tue, 24 May 2022 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Jun 2023 16:01:15 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 3A15 23 KB
9 KB 11ms
11ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 102194
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 31 May 2022 18:52:45 GMT
expires: Wed, 31 May 2023 18:52:45 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://powershelltutorial.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 23:15:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 01 Jun 2022 23:15:59 GMT

GET
H3 200 QVskxRw7CvsogGZyHRgqudPcMMWoBc1HqTdFrXgdWFU.js Show response
pagead2.googlesyndication.com/bg/ Frame 3A15 35 KB
14 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QVskxRw7CvsogGZyHRgqudPcMMWoBc1HqTdFrXgdWFU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

415b24c51c3b0afb288066721d182ab9d3dc30c5a805cd47a93745ad781d5855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 16:01:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26084
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13800
x-xss-protection: 0
last-modified: Tue, 24 May 2022 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Jun 2023 16:01:15 GMT

GET
H3 206 file.mp4
r4---sn-4g5ednds.c.2mdn.net/videoplayback/id/820af5fca6f1a1cd/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1685661359/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame D611 515 KB
0 16ms
7ms Media
video/mp4 2a00:1450:4001:19::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:19::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 01 Jun 2022 23:15:59 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-4094046/4094047
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 4094047
expires: Wed, 01 Jun 2022 23:15:59 GMT
last-modified: Fri, 01 Apr 2022 12:44:11 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 206 file.mp4
r4---sn-4g5ednds.c.2mdn.net/videoplayback/id/820af5fca6f1a1cd/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1685661359/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 4ED2 603 KB
0 15ms
7ms Media
video/mp4 2a00:1450:4001:19::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-4g5ednds.c.2mdn.net/videoplayback/id/820af5fca6f1a1cd/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1685661359/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/21FC00AA04AD003F7F2C69CE5E3EAA5FAD3E59EE.020FD47135A2C136BCDB1D9A3A4AF25598342F11/key/cms1/cms_redirect/yes/mh/Bn/mip/2001:ac8:20:3d00:1011:ffcc:1941:7332/mm/42/mn/sn-4g5ednds/ms/onc/mt/1654124922/mv/m/mvi/4/pl/49/file/file.mp4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:19::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 01 Jun 2022 23:15:59 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-4094046/4094047
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 4094047
expires: Wed, 01 Jun 2022 23:15:59 GMT
last-modified: Fri, 01 Apr 2022 12:44:11 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FBFC 13 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://powershelltutorial.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1022
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 01 Jun 2022 22:58:57 GMT
expires: Thu, 01 Jun 2023 22:58:57 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3C20 783 B
534 B 18ms
18ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5bf72a9bf400d13adf966a81c8f5c689b2570187fa3dbd2e892d220b9d7ecc70

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-yDOr6ByrO1vN0b8oNAmeCg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://powershelltutorial.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-yDOr6ByrO1vN0b8oNAmeCg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 01 Jun 2022 23:15:59 GMT
expires: Wed, 01 Jun 2022 23:15:59 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3C20 0
0 44ms
44ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220526&jk=1342139864712756&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

GET
H3 200 QVskxRw7CvsogGZyHRgqudPcMMWoBc1HqTdFrXgdWFU.js Show response
pagead2.googlesyndication.com/bg/ Frame FBFC 35 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QVskxRw7CvsogGZyHRgqudPcMMWoBc1HqTdFrXgdWFU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

415b24c51c3b0afb288066721d182ab9d3dc30c5a805cd47a93745ad781d5855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 16:01:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26084
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13800
x-xss-protection: 0
last-modified: Tue, 24 May 2022 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Jun 2023 16:01:15 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D28D 0
20 B 44ms
43ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=B4-R9L_OXYpDEE4a2bea9pLAGAAAAADgB4AQC&bg=!gIOlg8fNAAao8wy8iPM7ACkAdvg8Wns-0K00iz3C0nqXqQ__pq0KWdKU37GwiIjWi4A7jrtjlcO-vgIAAACdUgAAAAFoAQeZAzCvzWBktV0pI3OHGpAQD7WZnX9AmSfRPRAAlB-todzX0Jf6XXs1Vx_-By3apUcsRLqnRtzBuOuBJVcmdgL0gPK6UckGNg_HoWji5q3mCtWAwwYqsOyyDltp1oHK5WNL_HlEA_7ohCA1vtIyLXeejWIMapBNNPPFSR_YHPdSZaCMDoyk_b5yL3GfSfEVa-c7VJPmGJMBIew_pnWMe6j2O82uv06aN9F62ABv0_jkVEt_Ur6YdG_l_4SHA2ZPLBD7rJ9QHKt29saBgYzRfkEzd20YYuNdE1p1iUq9opfGXBM5FdIpl6Ab1sNpYOcM7K8kGwr3ZHDg36yT9Yh4hW3dVH49BhoPAL3XNPgu-VZoR4HamPD3Z2cE2q0VHzNLmqVsBw0o2yTM7BrlY6AnlfN1BmpqJQLIXHpDQ3FXN-5pD7XzfPR0VBx2megBRzSodofjQUD20t4tXyh9r8b6rRbIZq5pHxP7cEaQ62DGUsrZZS1CSEWxL5OxS7i6sRCrTjbGrhHbIsea9q9CpX8YflPDYTKgPe3OjeIhTy3k7cO-Btzboen4-9ss7bSYCaOAwqznTbD2T5gwloY0M31eHZG1Wrbih-0T9mJH6HccrHrRIk_ajYtaQr1nNBZmcW-YTXfYedQhop5Q-kjFze9X1MeG2suM4GVw2WjEj7NLyeqz95Meerun1qKNMaEsEUyT-Syh3lTTbV5qibFgBT7xBp7gBrVr1ZionCW1i1eUO2WxgyoSNeY846kYlNzXGTu58ZGIn9eTp4UxcBnitE7DrAtIWVHsWXo0edibC7yPtYSEcRPPHFjJuJFULI6OnSMl8GX2Vqa2YMsp_RU-3qMGGa9Ejd8Ag4velSt4jkwpUtOtbORj4nxOZHlYUR0KgQ8QH3y9jjUoABXVLGQ-etPfhxpotvWTObaooRjoegATEtDNBjRIvoA1H9EThJng77nGypwZNegoMiyVgleNuBKdl-GqZsj3fOufdOwxs47zzL9FNvUUER7rDYETQk-nx3cqOjdxhYfHR8PfZwTTjutuaIq7r8zCjoJQxfpR8hV9iqPNr_S2soMGoDvIU7p9RYgJGSqVZsg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Jun 2022 23:15:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3A15 0
20 B 51ms
51ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BMxXKL_OXYu3tFdnfnsEP9p25eAAAAAA4AeAEAg&bg=!x8SlxIDNAAao8wy8iPM7ACkAdvg8WmNKnqldCwEOzwFruLW3E8IFUTrTKawP4Yoj35cn6CJO3-57hQIAAACeUgAAAAJoAQeZAxCILDOdahejGthGvT6Xz3GSM33BF99IftD6T6ja6AVkp3duhpYlWOTzQxWJs_cbUNIWKBEdgnHVfoy7RreueT4jDuimM8tdvCXZr-jTOsPsZpB65yi9rZzcyaZf2CHjc3bV2aOuBb509cH2BFc-xqwI8WONepYpl-2a9i4cuZWBjN9SVw0ZVIs9mLVSiTdByVFPmgTZIzOfePqT1YlP6Hlu9s7CthQPRKyx2UEJoHD1m841V4J2kV2epD7i4OaYpMKqC5S9H2odw0UNQOMKsmI4EmIecm__3Eai6hbZmXHQ19ZL73_WljANqAJ8w-kp806Nm_CTiu4vZ9JiOTZ7_ePNFh6kaFTwQxy7gPWpSid3kMKWjW2iWvVlxs1D9cU8gePKRxTTEncoNC0XSgtmSuhFOVciHDkR34OBlaaQYYCyQDRSdkPIx2K5pmdUqhXxWjjqqVHae1Be0p3FjyP70vSgEjhBqddqCSJz6-w1mAjtv2yK00EN4s09cELz9pw4em9LOEffOT3sHUxqioJ6NH-JxKDTIrGK6WuD87ngcuKqRXU1NbvLosaHKj69MXDRDXiSrA76dnMMn2lklnfR1FL-_Lv3DRJlyDP7_55p9o3-EUQhRy9GJb345_Wegxjp1v2hbgEpYYUbPmPWw8CHSJ6oMFhP3tL3BwbMlHNRGP6o4WiHJbbTWz9LB-H84pN59H6Hu0A6riYMX6Gj9xEm9WPaePvZwbG04YF-pxhGonZFJreqbRtaI5eUXZ0QC6XNuGbtfy_CDfm-GjWlnh270OCEu7LoYtN73-mxf_ywGn2cLCZ2WZBwJkYpmem0UUzBfQYc7RC8_evBW5uJtZaTjWwk6H7Cb_HgYLkwIYCcbB0eHP0FCTmueD_2hAc_7TpLG2p2fXH-AX5DuKKRPURK1ZkcwrXR2opQuD0JeDR5lzlAn8SJmddK0Ab6asDGG3X5e1SHDRogGHzKgLRXiYRjMVW8JNJWj7fyxpDp3_d0Dqp1Txe30k--nrFzLUdUEeCFwSwJZFla1UVA1fHHGP29CmEk

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Jun 2022 23:15:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0AD1 42 B
64 B 48ms
48ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstQlxakP1m372XT03DuVDqCsk94E4QIZGs9gS_okVlgPqcCu5pDxrz8uITBm6rLbR9F2EqDe0y31m9MxGc7EaM9pJuGs7vEmHiXPthgNFfbNOOj418KPt8jK7f1&sai=AMfl-YTw_f36ZuzmKajz9VprzWthLnfHQnfzX8wl040hdd167ObvUnlzLZKC0NvtS8gGAydp5KACJSokFTs5&sig=Cg0ArKJSzI6gRVXsKVwLEAE&cid=CAASBORoIFM&id=lidar2&mcvt=1005&p=0,0,280,420&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20220601&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1865869767&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1654125358255&rpt=388&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Jun 2022 23:15:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame FBFC 0
9 B 20ms
20ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?lo7HyQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 23:15:59 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6446 42 B
64 B 44ms
43ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssobAGDmDCQY4U5fh-vD62p01_Jx6vl26lTGwKsHl1jDjk0ZOZy5naXsvUucuJrfEZL5UDworKD-KXiFpxL8nbQbcMmpDdUjyRZK9yNri1cFeHnW1ATbWpKRutu&sai=AMfl-YSdZOyJ7_WDURoreRS92EXDdcR1_t22pcURry2TiP_Os_7NZBZtww-of-c1UKiz8oGnocOeCHpE8JIb&sig=Cg0ArKJSzIzV6TCnRNiuEAE&cid=CAASBORonL0&id=lidar2&mcvt=1000&p=0,0,280,420&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220601&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1865869767&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1654125358249&rpt=516&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Jun 2022 23:15:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 48ms
47ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220526&jk=1342139864712756&bg=!gYKlgsbNAAao8wy8iPM7ACkAdvg8WpR9j0zR-Ee_Umd41LMu7tmFLS1mXicwOTAtWcl_FJrL9oaiswIAAABQUgAAAAJoAQcKAM6IpsetE4-YBpVVjWzMXXHgN-CH3QiiSRMEyq1RtPA0YDhvUdXdhw2jLrgvFJp1_rcmOA4oYSms4ewkbRwWFrs1a9d0XTPR38EFNj2iPY6hdnIZ-NSn78ZIKlg_3k2bL4H6zonCXFA-2uebG3iSzoYyPGj61Qiy-n7XM0PQ8rN98H11L7q_G7ob5df3puSzD1DkITJvO6qgt55YllokbPEXRUj7DeqcV4STNX3nMjJ5_Gf7D5OS94Oq6F2Gk54y-4r3BDwFUkjuPkmuo7v2SpkCuMT-5us9ErGMx0UH32w7JUKDOeQODMH9Ro5GgqdTf2etB_UGRGsUY6CFnn30GaxlmEqll6ifqeMFIX8W-ypSWdNhl9OdX-DBelvQpoyQjcvQyNVbxCGMl7pSdaCVDajfkbrC5mSumrMzv86At4ussKKdBGPf6ErJNTiEDLbmBnjYRBGn3ku9GZjJUNZRTmhUnppyj3BHX1FXRWiJXtrgAE6V-vSPtDeF-c3S_Zf33i6RrNcx2tVny8VEVFyF83TbDnWTLl0nRQrzRhHNxH5MdyM7F3pPHSi6N6YJgbPjMb1ajSLlC5O8nHKQVGiihfpovMmVupkESJToDWbkp2qaBpUqOesy8p6y1ydPLl0_WD0fOtIoCnEN9Bo7TnR6TNFfUiWGZBuo_2N8HrRLWwOhA65n-_lsAEj62Tn1_MRgqyN_albc9uyWLFPI2JfDYg8B2Ux-poMaPrsBBEBwgKUZ3pH5P06J3xOt0PtrGRoyeV-s25BHjfhM7c4YFN7XsD5sN4GqyZEVX-Znelea2lJZsyid8LoS5f0iucdMoH4D6S0QPHk09OAn9BsV-GbzYj8Fk0GOUKmruoaG82pOoE36NSGJ4x8Z4ADVeVpexfOe1H1gcAIPd4nRCVaeYTniF7etiY8dSlt9Hhmgm314KZ-YmHPDyRZryDO7HBO1OHhsAcs3RNao9YlzQi2r3pLjoexAmqt6U_fu4fhz9ET0sFpqNsnkJOXdxrNP_IM-wtPjIpNj7o62E_GSXg2g9jIWDhGoOu4nSVM2BhkjL0hAh0-vLU1VICL2kBk19LeS2iDg-PDT1xxXaHwcffq7STMOQXn_Tl1VMU37yfihpRKe8e4x4eSRb060y0y0C8k8cCjvoICLY0vdEwQgLhe5Pzt9hh2k2Ye1yJBC_hHkJ57lSoGZbrj2GxC7r6NEmQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://powershelltutorial.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

POST
H3 204 csi
csi.gstatic.com/ Frame D611 0
17 B 80ms
38ms Ping
image/gif 2a00:1450:4007:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~l3w7j3pj&c=3169641559927&slotId=1584820779963.5&qqid=CKTzt5OxjfgCFZ_HuwgdK-kHKg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=893&mt=video%2Fmp4&vs=640x248&ulv=1&cll=0&vast_v=2.0&vmfc=11&vhc=0&msm=1&aits=0%2C18%2C22%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=344&vsrc=web_video_ads&ape=1&ple=0&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220525_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4007:812::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Jun 2022 23:16:00 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 4ED2 0
17 B 37ms
37ms Ping
image/gif 2a00:1450:4007:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~l3w7j3s5&c=5998657917004&slotId=2999328958502&qqid=CJu3xpOxjfgCFRnb7QodwcIIdA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=893&mt=video%2Fmp4&vs=640x248&ulv=1&cll=0&vast_v=2.0&vmfc=11&vhc=0&msm=1&aits=0%2C18%2C22%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=344&vsrc=web_video_ads&ape=1&ple=0&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220525_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4007:812::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Jun 2022 23:16:00 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.powershelltutorial.net/	1970-01-20 12:50:21	Name: __gads Value: ID=a735115aefce5fb9-227d5ad1a3cd0060:T=1654125358:RT=1654125358:S=ALNI_MZ9P465s6CJatu0TT0M9buZovEvAA
.doubleclick.net/	1970-01-20 12:50:21	Name: IDE Value: AHWqTUmI7AvgnZN1oOSPbXqFTmu6fxJaTHmLDRpRpHXVjdxC9GhcBJq1DHmL87Lq7cI
.adnxs.com/	1970-01-20 05:38:21	Name: uuid2 Value: 1585958120947776419
.adnxs.com/	1970-01-20 05:38:21	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E?dgq6pn!]tbPl1M>e)ZlrFUfJ+tGXxpCC[!(jF@sJV9$)<-[[lz:Xe5UaaTimuW^8j3If)y3KL9D3I?+Xb/y]
.casalemedia.com/	1970-01-20 05:38:21	Name: CMPS Value: 5223
.casalemedia.com/	1970-01-20 12:14:21	Name: CMID Value: YpfzLo7J7Du3QgK2tN7yrwAA
.casalemedia.com/	1970-01-20 05:38:21	Name: CMPRO Value: 1142
.casalemedia.com/	1970-01-20 12:14:21	Name: CMRUM3 Value: 2d6297f32e2760CAESENgBbwW9PgPM_13ss5f4Doc
.powershelltutorial.net/	1969-12-31 23:59:59	Name: __utmc Value: 149908535
.powershelltutorial.net/	1970-01-20 07:51:33	Name: __utmz Value: 149908535.1654125359.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.powershelltutorial.net/	1970-01-20 03:28:45	Name: __utmt Value: 1
.powershelltutorial.net/	1970-01-20 20:59:57	Name: __utma Value: 149908535.1068015053.1654125358.1654125358.1654125358.1
.powershelltutorial.net/	1970-01-20 03:28:47	Name: __utmb Value: 149908535.1.10.1654125359
.quantserve.com/	1970-01-20 05:38:21	Name: d Value: EB0BCQGjJoEA
.quantserve.com/	1970-01-20 12:58:59	Name: mc Value: 6297f32f-474f4-49308-8f3d2
.rlcdn.com/	1970-01-20 12:14:21	Name: rlas3 Value: XzVRR2BWoTU/cDh3LUyOQwfrZEtILRZWypvZuPEyjtU=
.casalemedia.com/	1970-01-20 03:30:11	Name: CMST Value: YpfzLmKX8y8A
.rlcdn.com/	1970-01-20 04:55:09	Name: pxrc Value: CK/m35QGEgUI6AcQABIGCOndKhAA
.pubmatic.com/	1970-01-20 03:30:11	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 05:38:21	Name: KADUSERCOOKIE Value: 55D70815-41C0-4A8A-82AB-F6E3DC9C5EDB

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
bid.g.doubleclick.net
cm.g.doubleclick.net
cms.quantserve.com
csi.gstatic.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
id.rlcdn.com
image6.pubmatic.com
imasdk.googleapis.com
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.everesttech.net
pixel.rubiconproject.com
powershelltutorial.net
r4---sn-4g5ednds.c.2mdn.net
rtb.openx.net
s0.2mdn.net
ssl.google-analytics.com
ssum-sec.casalemedia.com
stats.g.doubleclick.net
sync.teads.tv
tpc.googlesyndication.com
us-u.openx.net
use.fontawesome.com
www.google.com
www.google.de
www.googletagservices.com
www.gstatic.com
104.102.29.65
104.89.28.165
108.128.215.255
108.177.15.155
142.250.186.130
142.250.186.162
185.64.190.78
2606:4700:3033::ac43:adc9
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2a00:1450:4001:19::9
2a00:1450:4001:803::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:811::2003
2a00:1450:4001:811::2008
2a00:1450:4001:811::200e
2a00:1450:4001:812::2003
2a00:1450:4001:812::2004
2a00:1450:4001:827::200a
2a00:1450:4001:828::2002
2a00:1450:4001:829::2001
2a00:1450:4001:829::2006
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2003
2a00:1450:4007:812::2003
2a00:1450:400c:c07::9b
2a06:98c1:3121::3
34.98.67.61
35.227.252.103
35.244.159.8
35.244.174.68
37.252.173.22
69.173.144.139
02d6658b8d9739e05913d25ba6fb2769c24fa0cca68c4fd1ecccf2e769ed59a3
030d724f8976851e0d93229fe0a941d7946f47aaddc36ec8b04c4f5eb4e3cacc
087e39a2d9e83d5341b3fbf8e7add03a6cffde9ae84dee680535c196ce2b1072
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
124c07b4e8796fd121878e84b052e054d9bf8d1049180a88667ba9e9f2083daf
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1e1f4ca40cd6f3919d52a2a1b5e9b29b37adfb59a722faacc8e04047c3f22554
1f371b34a756788194627c940ec0f2d883ead7fc03f75ca609e15b4e886a1190
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
24dcae4f742c60177278ac4a0709c624026200259ca30d938e136bb881453cc4
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2c79c136450a03e071ef8902bc6e53f2b45cd0078bcdfc151e75dd262705a588
2c986bc4fd9ff95bb30e427ee7238b2d515dc08d38874d1522b278bd7812a1a2
3085aac649fa0d732e9fd1e54e0ce46f115238e1c115a7f7ce9de4bc416ab551
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3323a115aa882d119d3be8154735c3d130d7e2d6715401571f1a7e844ce11545
337f6a5456fca744a0de5d36eaba1bf047b9603d2b514929da73d39d0f9739c7
378533748874b10615066a7b8d3574a0bf490dfd451babfd1e743861d4c964e3
3c2b31ee53b21a1c869b3b0ee4c197873c15e94a4d4e535fd69e95eb0d82a694
3d48b2a315acdb6d4f48a795f3c064c8106246bcdb425d4f27d738f6a245a987
415b24c51c3b0afb288066721d182ab9d3dc30c5a805cd47a93745ad781d5855
43331fd5b8aafda7bd6f687b64b6a6078e481ff97dcdba174ad9c348ea9fbc3b
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
4912e55ddf4b962580e28f4b50461c1310d98f68ecda8c6598911185564e4125
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e40cd2f9b3804c4c981db3e8a482687e3a455d780e7b305a5c598809920bcab
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
53fc2056d4ff9a9d5f452f716697f90a4afb09384fb999a327a71c04062e8e43
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
570b4c96a33fc8d7db6e7cc80af35b14ce763e6d3016ba03bd0bba3d487e107a
5bf72a9bf400d13adf966a81c8f5c689b2570187fa3dbd2e892d220b9d7ecc70
604dcf1f11698655f75046bb92f98aaa9477e1c16b01c5fc415e78794393ffb9
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
67d10aea8992d9283c084bae0f10a2faba5a1126a2148a0012de871b1f4654da
686e714a396ef9b1cb39f3c06f50dbc54b5105a6d3a7c41e013e624f3edfb84d
6b3f0a6d6a59d8015a0f304089d399067747d2618e48cce61474983bf0e76f7d
6ef43538ed462a24508667aac5cb10fdea5cb3cd7f599db5dbd4efbbf967d181
75782eed76b2c74403b9ef1a9c9f02bf5d868730365942b745755fc1dfa2b362
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a88c732ccd26f96f6d93945118cb01afe8b13d0ddc3d274a8eb500e78657b6e
80c7fe7749a6e8c85fa6473e7bbba5c5dc6ffe20a86036de26d91bd4b9a4e8d4
86f908ecf7a9fe074855cc62d7d8e9a6a18df1c97bc85c34fe4535662ee9eca0
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ad203ae3d4ff2bd663dbf2a1ec71916d4a19c63eddcaea7c738c06eba159578
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9adcbce27a94f1a18dbded1b0024b427af2f13ae66d9390dacae83017cd3e460
9be923a7f9a5cce8fc60f3ad2f73846a7b0c6c4b0fcddc7b66dd1c5b88f9211f
9f4ac9334edcf5f7c599caaeac0f43e8c46324eb8a37436fd65f1fbd519c140b
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a05504d6a8d2d02891d360f6d0e54cf1332513382102951f2a1080fac0f948e3
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a9f01d5bd205a636623a907951acc43edaedb0113d21d9876be7157014e284b2
aa7fdfa58b30ccdefdd8f99a40cd0c78aecb8e858b5256d07fec8eefa95518a6
aafff95e946e216e63d17c7f408703544f7d36881dda49464e09586b7b0d7341
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1fbf1df681e20b8e52867b4ec3504b6bf9c5a1c7af6fe38c80f67e2f693de4a
b9d9b988af19b056f61b0e5d1109acf50936f85cbd450985f803eee206563aed
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c5b4f5c17aecbca4f455d898a1ea9df67ed92d89f6c7db2b60b5395bc28eaba2
ca3ea16761b7d443c64cfd99dd1cf8aa84790a25bb4709582935956fe71d014d
ca6cf99de3dfc96ba5d43a10fc8ab57a75119cdd0252512cbd464d3f10476c19
cb0ac836ac4cfbeff718f9ef001def36f87377698a2cdf5bb241b54e6e7f1aa4
cba47082178b1574a96fa49c257693082949237914f632073da2f476dc81e0db
cf9a6d2d58d42b5239d8c9405c627d9c995f11eb4e2807be1f4f142028dd5f9f
d05c686300dcf0d753e7032ec0c1a39fd5a20575e8d8a9d2b38460d526da6d94
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d3bebabe54b334e816823bd5dae6a446a9b469cc95a1bde67fe393e2b8ea12bc
db3985c4d5ae08ac22f3958d29da53f4edcd150439f74c668074c65ea0981da6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
e80a28e260de3fa02ff629d2ae4a84c50a5e159f40807ca8c61b108cb2899880
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fad84131cb4accb04cb2f709e6047b2fe2862e7a0d62df7ca2e053d2a4e5d034

powershelltutorial.net Open in urlscan Pro 2606:4700:3033::ac43:adc9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

167 Requests

89 %HTTPS

62 %IPv6

22 Domains

36 Subdomains

30 IPs

6 Countries

4180 kBTransfer

8004 kBSize

20 Cookies

58 Outgoing links

Redirected requests

167 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

powershelltutorial.net Open in urlscan Pro
2606:4700:3033::ac43:adc9 Public Scan

Screenshot
Live screenshot

Full Image

167
Requests

89 %
HTTPS

62 %
IPv6

22
Domains

36
Subdomains

30
IPs

6
Countries

4180 kB
Transfer

8004 kB
Size

20
Cookies

167 HTTP transactions
5 data transactions