krank.de Open in urlscan Pro
35.204.103.237 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://login.app.dd58261f4c2eb9476784nalytics.vixan.de/
Effective URL:
https://krank.de/produktcheck/vixan/
Submission: On December 19 via automatic, source certstream-suspicious (December 19th 2023, 5:03:57 pm UTC) — Scanned from DE

Summary HTTP 157 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 39 IPs in 8 countries across 25 domains to perform 157 HTTP transactions. The main IP is 35.204.103.237, located in Groningen, Netherlands and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is krank.de.
TLS certificate: Issued by R3 on December 5th 2023. Valid for: 3 months.

This is the only time krank.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	62.116.173.69 62.116.173.69	15456 (INTERNETX-AS) (INTERNETX-AS)
12	35.204.103.237 35.204.103.237	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
10	2606:4700:10:... 2606:4700:10::ac43:2794	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
27	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1 5	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
14	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
17	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
8	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6 8	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
4 8	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 6	37.252.172.123 37.252.172.123	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
2	142.250.181.230 142.250.181.230	15169 (GOOGLE) (GOOGLE)
4	138.201.63.116 138.201.63.116	24940 (HETZNER-AS) (HETZNER-AS)
1 5	176.9.26.250 176.9.26.250	24940 (HETZNER-AS) (HETZNER-AS)
4	2a00:1450:401... 2a00:1450:4013:c05::5e	15169 (GOOGLE) (GOOGLE)
1	74.125.133.154 74.125.133.154	15169 (GOOGLE) (GOOGLE)
1	2a0b:4d07:102::1 2a0b:4d07:102::1	44239 (PROINITY ...) (PROINITY PROINITY)
2	91.121.248.44 91.121.248.44	16276 (OVH) (OVH)
1	18.132.158.37 18.132.158.37	16509 (AMAZON-02) (AMAZON-02)
1 2	216.58.206.38 216.58.206.38	15169 (GOOGLE) (GOOGLE)
1 1	94.23.99.218 94.23.99.218	16276 (OVH) (OVH)
1	92.123.148.9 92.123.148.9	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400e:1a::8	15169 (GOOGLE) (GOOGLE)
1	52.222.139.14 52.222.139.14	16509 (AMAZON-02) (AMAZON-02)
1	18.239.50.87 18.239.50.87	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
2	3.9.60.26 3.9.60.26	16509 (AMAZON-02) (AMAZON-02)
157	39

1 62.116.173.69 (Germany) 1 redirects

ASN15456 (INTERNETX-AS, DE)
PTR: lb-2.avenso.net

login.app.dd58261f4c2eb9476784nalytics.vixan.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 35.204.103.237 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: word1.hyro.ag

krank.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:10::ac43:2794 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.136 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.181.226 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.64.151.101 (United States) 4 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.252.172.123 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.63.116 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.116.63.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 176.9.26.250 (Berlin, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.250.26.9.176.clients.your-server.de

hal900014.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4013:c05::5e (Groningen, Netherlands)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.133.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wo-in-f154.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.121.248.44 (France)

ASN16276 (OVH, FR)
PTR: ip44.ip-91-121-248.eu

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.132.158.37 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-132-158-37.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.38 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f6.1e100.net

5994599.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.23.99.218 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu

medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.123.148.9 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-148-9.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400e:1a::8 (Ireland)

ASN15169 (GOOGLE, US)

r3---sn-5hne6n6l.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.139.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-14.ams50.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.239.50.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-50-87.ams58.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.9.60.26 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-9-60-26.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	526 KB
28	doubleclick.net 7 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 75 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 ad.doubleclick.net — Cisco Umbrella Rank: 139 bid.g.doubleclick.net — Cisco Umbrella Rank: 840 5994599.fls.doubleclick.net — Cisco Umbrella Rank: 98422	124 KB
12	krank.de krank.de	710 KB
10	addtoany.com static.addtoany.com — Cisco Umbrella Rank: 3986	35 KB
9	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 37721 hal900014.redintelligence.net — Cisco Umbrella Rank: 199926	81 KB
8	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	5 KB
8	ad4m.at ad4m.at — Cisco Umbrella Rank: 11359 as.ad4m.at — Cisco Umbrella Rank: 25796 assets.ad4m.at — Cisco Umbrella Rank: 35458	56 KB
7	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 cse.google.com — Cisco Umbrella Rank: 3119 adservice.google.com — Cisco Umbrella Rank: 93	121 KB
6	gstatic.com csi.gstatic.com fonts.gstatic.com	30 KB
6	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 229	5 KB
6	twitter.com platform.twitter.com — Cisco Umbrella Rank: 1230 syndication.twitter.com — Cisco Umbrella Rank: 1549	148 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29 imasdk.googleapis.com — Cisco Umbrella Rank: 487	137 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2189	21 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	326 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 24395 api.webgains.io — Cisco Umbrella Rank: 59842	19 KB
3	2mdn.net 1 redirects gcdn.2mdn.net — Cisco Umbrella Rank: 1193 r3---sn-5hne6n6l.c.2mdn.net — Cisco Umbrella Rank: 290325	949 B
3	medialead.de 1 redirects pv.medialead.de — Cisco Umbrella Rank: 47317 medialead.de — Cisco Umbrella Rank: 46843	851 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	129 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	88 KB
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 61264	420 B
1	awin1.com www.awin1.com — Cisco Umbrella Rank: 13930	703 B
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 49821	2 KB
1	office-partner.de adv.office-partner.de — Cisco Umbrella Rank: 128498	923 B
1	vixan.de 1 redirects login.app.dd58261f4c2eb9476784nalytics.vixan.de	154 B
157	25

	Domain	Requested by
27	pagead2.googlesyndication.com	krank.de pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
17	tpc.googlesyndication.com	pagead2.googlesyndication.com googleads.g.doubleclick.net krank.de tpc.googlesyndication.com imasdk.googleapis.com
14	googleads.g.doubleclick.net	pagead2.googlesyndication.com krank.de
12	krank.de	krank.de
10	static.addtoany.com	krank.de static.addtoany.com
8	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
8	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
6	ib.adnxs.com	4 redirects googleads.g.doubleclick.net
5	hal900014.redintelligence.net	1 redirects googleads.g.doubleclick.net hal900014.redintelligence.net
5	ad4m.at	krank.de googleads.g.doubleclick.net ad4m.at
5	www.google.com	1 redirects www.google.com tpc.googlesyndication.com
4	csi.gstatic.com	imasdk.googleapis.com
4	hal9000.redintelligence.net	googleads.g.doubleclick.net hal900014.redintelligence.net
4	platform.twitter.com	static.addtoany.com platform.twitter.com
4	www.googletagmanager.com	krank.de www.google-analytics.com adv.office-partner.de www.googletagmanager.com
3	fonts.googleapis.com	googleads.g.doubleclick.net hal900014.redintelligence.net
2	api.webgains.io	analytics.webgains.io
2	fonts.gstatic.com	fonts.googleapis.com
2	as.ad4m.at	ad4m.at as.ad4m.at
2	r3---sn-5hne6n6l.c.2mdn.net
2	5994599.fls.doubleclick.net	1 redirects krank.de
2	pv.medialead.de	hal900014.redintelligence.net googleads.g.doubleclick.net
2	ad.doubleclick.net	googleads.g.doubleclick.net
2	imasdk.googleapis.com	googleads.g.doubleclick.net
2	www.googletagservices.com	krank.de
2	www.facebook.com	connect.facebook.net
2	syndication.twitter.com	platform.twitter.com krank.de
2	region1.google-analytics.com	www.googletagmanager.com
2	connect.facebook.net	static.addtoany.com connect.facebook.net
2	www.google-analytics.com	krank.de www.google-analytics.com
1	adservice.google.com	5994599.fls.doubleclick.net
1	cdn.track.production.webgains.team	googleads.g.doubleclick.net
1	analytics.webgains.io	track.webgains.com
1	assets.ad4m.at	as.ad4m.at
1	gcdn.2mdn.net	1 redirects
1	www.awin1.com	googleads.g.doubleclick.net
1	medialead.de	1 redirects
1	track.webgains.com	krank.de
1	adv.office-partner.de	hal900014.redintelligence.net
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	cse.google.com	krank.de
1	login.app.dd58261f4c2eb9476784nalytics.vixan.de	1 redirects
157	43

This site contains links to these domains. Also see Links.

Domain
www.vixan.de
www.facebook.com
twitter.com
www.pinterest.com
www.instagram.com
www.addtoany.com

Subject Issuer	Validity	Valid
krank.de R3	`2023-12-05` - `2024-03-04`	3 months	crt.sh
static.addtoany.com E1	`2023-10-29` - `2024-01-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-27` - `2023-12-26`	3 months	crt.sh
*.twimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-28` - `2024-07-26`	a year	crt.sh
syndication.twitter.com R3	`2023-12-11` - `2024-03-10`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
redintelligence.net R3	`2023-12-13` - `2024-03-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
adv.office-partner.de R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
pv.medialead.de R3	`2023-12-04` - `2024-03-03`	3 months	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
*.webgains.io Amazon RSA 2048 M01	`2023-07-24` - `2024-08-22`	a year	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M03	`2023-08-30` - `2024-09-27`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-12-05` - `2024-02-13`	2 months	crt.sh

This page contains 32 frames:

Primary Page: https://krank.de/produktcheck/vixan/
Frame ID: 112E40BA65C24A0F78969B30ECED5521
Requests: 43 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.24.html
Frame ID: EEC7610D3E7D17ECD9B6D9B695E3D4F6
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fkrank.de
Frame ID: 313685E5F1F01A84E2D0DF7219845487
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: D64630F0B58D34898760B2117067A88A
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2f70fb173b9000da126c79afe2098f02.en.html
Frame ID: 1A1CE0E05AF911824B213D6F736FE7BA
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&adk=1812271804&adf=3025194257&lmt=1703005432&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x540_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fvixan%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703005432615&bpp=2&bdt=371&idt=185&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4542955141207&frm=20&pv=2&ga_vid=1510633034.1703005432&ga_sid=1703005433&ga_hid=1014792333&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44798934%2C95320885&oid=2&pvsid=4179629922089674&tmod=1913693384&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=202
Frame ID: 13A1D43D7580B9470ADC146913C03AAB
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v17.0/plugins/like.php?app_id=0&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1c4a7f78d2f21%26domain%3Dkrank.de%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fkrank.de%252Ff197d51fb57f24c%26relation%3Dparent.parent&container_width=82&href=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fvixan%2F&layout=button&locale=en_US&ref=addtoany&sdk=joey&width=90
Frame ID: 13383595DFE2E5C3DCCFE44245D7583F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1451227432&adf=1573539209&pi=t.aa~a.3479421391~i.6~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1703005433&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fvixan%2F&ea=0&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703005433197&bpp=2&bdt=953&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4542955141207&frm=20&pv=1&ga_vid=1510633034.1703005432&ga_sid=1703005433&ga_hid=1014792333&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1664&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44798934%2C95320885&oid=2&pvsid=4179629922089674&tmod=1913693384&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=14
Frame ID: 48E953874C0CF28B3583B14548095AA4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1451227432&adf=2557662899&pi=t.aa~a.3479421391~i.11~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1703005433&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fvixan%2F&ea=0&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703005433197&bpp=1&bdt=952&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280&nras=3&correlator=4542955141207&frm=20&pv=1&ga_vid=1510633034.1703005432&ga_sid=1703005433&ga_hid=1014792333&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2311&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44798934%2C95320885&oid=2&pvsid=4179629922089674&tmod=1913693384&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=48
Frame ID: 33F5EB7E6DE651C1530765CC86BEC9BF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1451227432&adf=1037788077&pi=t.aa~a.3479421391~i.16~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1703005433&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fvixan%2F&ea=0&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703005433197&bpp=1&bdt=952&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=4542955141207&frm=20&pv=1&ga_vid=1510633034.1703005432&ga_sid=1703005433&ga_hid=1014792333&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3038&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44798934%2C95320885&oid=2&pvsid=4179629922089674&tmod=1913693384&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=50
Frame ID: 51BE39F67819A2FCA9A2A2D2FCD5E6D9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1451227432&adf=3195024897&pi=t.aa~a.1793448234~i.28~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1703005433&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fvixan%2F&ea=0&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703005433197&bpp=1&bdt=953&idt=1&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C1140x280%2C1140x280&nras=5&correlator=4542955141207&frm=20&pv=1&ga_vid=1510633034.1703005432&ga_sid=1703005433&ga_hid=1014792333&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=4108&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44798934%2C95320885&oid=2&pvsid=4179629922089674&tmod=1913693384&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=53
Frame ID: A13BF334C2F86841505D6C9CB55275B6
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v17.0/plugins/like.php?app_id=0&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4f49cbc3677b8%26domain%3Dkrank.de%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fkrank.de%252Ff197d51fb57f24c%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fvixan%2F&layout=button&locale=en_US&ref=addtoany&sdk=joey&width=90
Frame ID: C6DC64E839EA0A8C3F6A7632CD846552
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 3F9FD4A6E442A5B28FA75142063F9278
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 04BDCCEFE4D2DE27A6E8DB0FA90F3383
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 85011967629BCD16C6CCCBB1B8E05603
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjT7bvGATAB&v=APEucNWmRj8dY3mLDB-ogKp_qEzwXTHaLrpPdSnrxXboRrnuHIapMIwVmd9lf7Bq_B7tuse9YkbjpKTD5_6RjR0VvXLT9prcZK3wvG2Zcvqnqk4J2BxoGWyrrD7SfgFojYos-E_QqkQ4uAPSbfnpgSHgO14AwKZpnJj6cpJGyh5raOoICCgHWYk
Frame ID: 69F8EFD0F9383A1F7BD414479C338F8C
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: CB52E360362A9262A118CE4609B3BB56
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhDb4oYCGN_xlIABMAE&v=APEucNXjuoyr8GN73pznpoP1d7j4LFYzxZDlE-zRSMVXTt9Almrz75H0JEE1NrmA5kBv_04O01ChhCl9y690lnWYzL09wd-A8zL1q5Rzb4XsQ7hubtOE3FPQKPsXUD_i4bngw8rWZuT5a1tJXl0dDOs5ON-CPF-RzWwvM_vGPER7bcOT4L7zPvs
Frame ID: 3978BBBEE9BAB5FF4C3ACC2D7476DB06
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 0AE8DFCF890967458EB9D4D7C5CE93E8
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4A629F28FC61EC5A02B8A9E7AF2B45B9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A170FE77526ED18B44F465FEC43552B0
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Frame ID: 5C1A3FA6BB7C06BE32A0527D73501BBA
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 23CA2571641290B01C262ACBD826BEA9
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1451227432&adf=4003555302&pi=t.aa~a.3479421391~i.34~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1703005433&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fvixan%2F&ea=0&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703005433201&bpp=1&bdt=957&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D280d198f35ef14ab%3AT%3D1703005433%3ART%3D1703005433%3AS%3DALNI_MZkZmmDfd0IpYA5gsHEYaQonRfc3Q&gpic=UID%3D00000d21bb029fba%3AT%3D1703005433%3ART%3D1703005433%3AS%3DALNI_MaVuM8Nv7UaMLTXiYV1bYztsc-SDA&prev_fmts=0x0%2C1140x280%2C1140x280%2C1140x280%2C1140x280%2C1600x1200%2C160x600%2C728x90&nras=9&correlator=4542955141207&frm=20&pv=1&ga_vid=1510633034.1703005432&ga_sid=1703005433&ga_hid=1014792333&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3999&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44798934%2C95320885&oid=2&pvsid=4179629922089674&tmod=1913693384&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=7&fsb=1&dtd=451
Frame ID: 224BE340E05DC8C7653866CB279E2883
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/cookie-frame.html
Frame ID: 566F824BA6EADEB86C766CEB0B25E6F0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 7ABF98AEC0FE37EA120FDC002B969223
Requests: 3 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: F1410FB3EFE308EFF0D6E59A7215FAFB
Requests: 3 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=39692800100716904444556012543014&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: FB0726199CB300C9FE0A87CB720246D7
Requests: 1 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CKmexs_9m4MDFcjLOwId3zED1g;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8059911493316.245
Frame ID: 3F2D8E5F3A4965F0CE69E47526E88D44
Requests: 2 HTTP requests in this frame

Frame: https://hal900014.redintelligence.net/request_content.php?s=39692800100716904444556012543014&a=1b30917d
Frame ID: D0295EE914E7F09C0644754E9B9790B4
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=164572&b=WKqarfbWr5a51GrSYH1tpHxt7eqSPTETr8C2&f=54xUXfP28eHG9RzSpHPtPHkCRXptETVT28t1&c=728&d=90&e=&g=78aa344fc5d6d03eae7e90c853f32abb%2F5451971727055566093&i=27903&j=22&k=0&l=0&m=0&n=&p=&q=&o=dbmPros&r=1703005433896&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCQ8OK-MyBZf_1M9KL7_UPzpufsAuw7MyzdI6ojczADPAuEAEg4v30BWCV4pCCoAegAdyokOUCyAEJqQIAiAy9cFWyPqgDAcgDmwSqBJQCT9B3-cGq3oIqKqHqw3UGw8pdZMqYoVo3qfCbCAg44hY6nseMvsizzan94Yi4qOieQpFpuEomdzindC-I8NiwSdnZNMNrtUtv5ERfQj-hG2PTy2JQmjr6YwN5YfS1dMy89whxLdm6n6vKFaKGWt4PKzkIB4qaQbgvtxUMcO4Fa_YrKqwAFnPG3ZhXvz-23tS--eaU2r7YMelp6BOzeVp8Y9qxTcYpwamRFKDzkRM1snQcaEDApPT9UGoWESMBivSQV2ulis9rMu69u_7iM34RcNrmX2Nb08dHSYZhpmzwR5pfBhNKyPmm4NhRVopLZIV6wDbVsOXTfkicZ2ghT5Ob4eFjX0aJJEZweQKP9-KD3SAfFF6GwATq_pn2pgLgBAOIBeL9pNgHkAYBoAZNgAeM1--aAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WP2dgM_9m4MDgAoBmAsByAsBgAwBogwUKhIKEOS0sQLutbECtbixAqy6sQKqDQJERbATo8D3FNATANgTCtgUAdAVAfgWAYAXAegXAQ%2526ae%253D1%2526num%253D1%2526cid%253DCAQSTwAvHhf_iPpGnkOWXQtg7VK4PfQW-LmmizbDEx0ExKjsAVzyadwcixtmc6yUehaeYdAXKmmlnCjOQyDimzPhW3l2e4OuUDU-xTIcHOpJp-4YAQ%2526sig%253DAOD64_0xArGKeKVQsNhKAQSCMua3m934ew%2526client%253Dca-pub-7176323234405639%2526dbm_c%253DAKAmf-DHRc1nLq8CLJvDabKHfcq86gTNphH-jh_SUtoC2Or5nVdmRqsByAkCBnsd49HEFzlXYlRL6l553OpKvNiPar0kc9NbnDnc89LyRmf7plwEmUwl2O7-s1qpS7tkHpC4AkRVuI-g3ObG5CMPig9Nrqytfwasvj6U9CgYYY46KIR3RGX7xQM%2526cry%253D1%2526dbm_d%253DAKAmf-AciAz0mTrjMRtbN9MxWjbJdp0Yu_VPFJxjAEA3OOtKv49Vy04hGJSjYLwUQs_OyD9tc5PZFFgkn7TFiT13VaQfaAl1L7Qetg6pLMLs2qHwonuwobFhfTvW_J7PhKFm9fqi9VRsWoR_jQI1j-_QEExwadzTM4ZcVi6CrIXZA7Gj-4LgkQu6XJaflyXXBOsDteOqa8h5ekpn7DJfNNYgz-p7Eb38PBHSX8dgAAEvXxUcSpBABuaCweLpMbt5Vfiibi7ckgBdEG265aDLccS4-eKb3bSRKsYyrbYwXyH70OSazMkY0b0ZjGfC4Y6RbSuEUODh7Fpx9YZ9wTA_kfI8w-h-OpgonXox3G1zSLLmGmCX-9oWTqoKI0dfQ5wuTaOkC-bGqm3VG5G56iA5ZjSEKdJWaBP9GAIkqrr3f1osES3f5_qf5VrLse18BuAcFnEQCshcKG871i_k-fEC_vX7F-gnfCkhKyOgHr4dBvgsOSJsztwLF7MAb53Zbg6clq1HuCpxJDGeIWSHckfzyfdYVOk_WFtKu0gWmp_8znggk4UpFBDCOTCaZsCKCho85YbxtqO3hT1K%2526adurl%253D&y=1&s=&z=0
Frame ID: 40CD7B8C68E9164CA2749A8796D2CB44
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 3702823A86849A22417121D03D8BE440
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Vixan Produktcheck - Bewertung - Produkt im Test » Krank.de

Page URL History Show full URLs

https://login.app.dd58261f4c2eb9476784nalytics.vixan.de/ HTTP 307
https://krank.de/produktcheck/vixan/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AddToAny (Widgets) Expand

Overall confidence: 100%
Detected patterns

addtoany\.com/menu/page\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

Page Statistics

157
Requests

92 %
HTTPS

56 %
IPv6

25
Domains

43
Subdomains

39
IPs

8
Countries

2556 kB
Transfer

7998 kB
Size

21
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: http://www.vixan.de/
Title: www.Vixan.de

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://krank.de/produktcheck/vixan/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Check%20out%20this%20article:%20Vixan%20-%20https://krank.de/produktcheck/vixan/
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/pin/create/button/?url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fvixan%2F&media=https%3A%2F%2Fkrank.de%2Fwp-content%2Fuploads%2F2020%2F05%2FVixan.jpg&description=Vixan
Title: Pinterest

Search URL Search Domain Scan URL

URL: https://www.facebook.com/krank.de/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/Krank_de
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/krank.de/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/
Title: AddToAny

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://login.app.dd58261f4c2eb9476784nalytics.vixan.de/ HTTP 307
https://krank.de/produktcheck/vixan/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

https://www.google.com/cse/cse.js?cx=017543789971312272162:83flyji0gei HTTP 301
https://cse.google.com/cse/cse.js?cx=017543789971312272162:83flyji0gei

Request Chain 73

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAB1r_IMtWdcy96O-ojyxOo&google_cver=1

Request Chain 74

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYHM.bLNGmHoudMwipmWBwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFGhGkBqq9N8Z-jr7LbiCoc&google_cver=1&google_hm=2

Request Chain 75

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEIFZV4wyyqeULyX-v9B0nEM&google_cver=1

Request Chain 76

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDYyODkxMDQ3MDM2MDkwNTc1NQ%3D%3D

Request Chain 77

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFGhGkBqq9N8Z-jr7LbiCoc&google_cver=1

Request Chain 78

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYHM.fTHH-gAfhwBrZx5cAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFGhGkBqq9N8Z-jr7LbiCoc&google_cver=1&google_hm=2

Request Chain 79

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEAQQ_Osl91Z5I_3cFYmlP4s&google_cver=1

Request Chain 80

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDYyODkxMDQ3MDM2MDkwNTc1NQ%3D%3D

Request Chain 97

https://hal900014.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=eae71e7683&subid=&uid=a5bead0f32d3cd36&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DChMqi-MyBZf71M9KL7_UPzpufsAum5b2gaZ2cnKfJD_AuEAEg4v30BWCV4pCCoAfIAQmpAgCIDL1wVbI-qAMByAObBKoEjwJP0GOD_rKDENoK51go69blR0NToT0yY20rjXfS8MFI3qVJXX6dVPCeMjYyjH_KAqq_zUoHyvWnexwNU_t-6MhJikBqEMOrCibnlIzMz7asIHvswU5tGmJShEKlv_rfTIJ0ETjjxdhjL1CW_HKxjCV2CLpUHcdRkryPdB9IuJTmqJtzq-s9vhtPCLN7c0gIx-ZGBN_N6jmJ6QhH3skuuiHc49_6mQfbx0MEE0MLDFEkjPYlVwVOS6LV1zMdfpRujrpT6W2bPQ6MBmJzMxs8tESCq1ssqPU1rRNIJ_RR2DtAyCSkZXYBuc3KF9eeeP_oyOw-uR1Wmb11veQ5kcrxur8DlWTE53Si5y-k1UyhfnQAwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WP2dgM_9m4MDgAoBmAsByAsBgAwBogwUKhIKEOS0sQLutbECtbixAqy6sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_iPpGnkOWXQtg7VK4PfQW-LmmizbDEx0ExKjsAVzyadwcixtmc6yUehaeYdAXKmmlnCjOQyDimzPhW3l2e4OuUDU-xTIcHOpJp-4YAQ%26sig%3DAOD64_0EN74tGcZuedovmjgHokNuvIEs_A%26client%3Dca-pub-7176323234405639%26dbm_c%3DAKAmf-Chu5NHS9zajdxQ_ETqDl1N-mYBvk80l64wpHmTHNuYz4gl8O_YY9sosGS7BgFpDC3uQHoo3HwdBMG4jf8qHNmqj9pbzEWC3vO1Vyk48tO1AYbER-_fadeK8u0oORgd76diOj3er6noVHI2hZGV4sAl56x66pwZQ9Q_GfnGCpc4FGSIw5g%26cry%3D1%26dbm_d%3DAKAmf-A1MuvhuH6hpQONKRil24qb43JGcJEW_0cmfzvLwQR3Am6SmJSmUw-zXfsEJa83JVr5JjekT_wHp1I7J6xkCx7qk6Orbi7mBB3YuGph_6Dx9oXghhgBU2wGfFFXD3OkqvwF1aRwFVnkIxwNM68fZ35QObLAybgy9Yk5fr9gVg1YabJAynTx8umaKU4TIAGpDHSIDLfI5Ahi24aqh1mkaPd19o5fjj4YlzzEXuH4Wkqf_nKN8uKVMS3yOwxbRwTk9h6xRNRfFUqJD74PRRTJQDLnDfSTGVipsNJvB5hBvFbDzOjRtyFISQoMUBkTd7_SFhm7BGT6HQu2_d0JHOyDYC05GvxjOhhZ4z6HOiG25wkjRghQdlEKSBoiutSfWzt__QIKqJuHlaPEO8ymym95LzzBQu3NUiIUk07_xn7JtkneHLCpIyh6gpswkeqJaXXJP00rqsT-7YgeuH3ObblXE9FLZ6vXobxINbgePuRrrVj4yS79mmC7ipcm5FQPd7neRAJAltRA9KizXAzQNj3cAnbGurDdyQmVBCEY51Va0mKVwtMsty4N04jB6tBZaAuMVVQ6wAFR%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231207%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-2-%26adk%3D1812271804%26client%3Dca-pub-7176323234405639%26fa%3D4%26ifi%3D11%26uci%3Da!b%26btvi%3D5&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fkrank.de&random=1460736348042&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0 HTTP 302
https://hal900014.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=eae71e7683&subid=&uid=a5bead0f32d3cd36&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DChMqi-MyBZf71M9KL7_UPzpufsAum5b2gaZ2cnKfJD_AuEAEg4v30BWCV4pCCoAfIAQmpAgCIDL1wVbI-qAMByAObBKoEjwJP0GOD_rKDENoK51go69blR0NToT0yY20rjXfS8MFI3qVJXX6dVPCeMjYyjH_KAqq_zUoHyvWnexwNU_t-6MhJikBqEMOrCibnlIzMz7asIHvswU5tGmJShEKlv_rfTIJ0ETjjxdhjL1CW_HKxjCV2CLpUHcdRkryPdB9IuJTmqJtzq-s9vhtPCLN7c0gIx-ZGBN_N6jmJ6QhH3skuuiHc49_6mQfbx0MEE0MLDFEkjPYlVwVOS6LV1zMdfpRujrpT6W2bPQ6MBmJzMxs8tESCq1ssqPU1rRNIJ_RR2DtAyCSkZXYBuc3KF9eeeP_oyOw-uR1Wmb11veQ5kcrxur8DlWTE53Si5y-k1UyhfnQAwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WP2dgM_9m4MDgAoBmAsByAsBgAwBogwUKhIKEOS0sQLutbECtbixAqy6sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_iPpGnkOWXQtg7VK4PfQW-LmmizbDEx0ExKjsAVzyadwcixtmc6yUehaeYdAXKmmlnCjOQyDimzPhW3l2e4OuUDU-xTIcHOpJp-4YAQ%26sig%3DAOD64_0EN74tGcZuedovmjgHokNuvIEs_A%26client%3Dca-pub-7176323234405639%26dbm_c%3DAKAmf-Chu5NHS9zajdxQ_ETqDl1N-mYBvk80l64wpHmTHNuYz4gl8O_YY9sosGS7BgFpDC3uQHoo3HwdBMG4jf8qHNmqj9pbzEWC3vO1Vyk48tO1AYbER-_fadeK8u0oORgd76diOj3er6noVHI2hZGV4sAl56x66pwZQ9Q_GfnGCpc4FGSIw5g%26cry%3D1%26dbm_d%3DAKAmf-A1MuvhuH6hpQONKRil24qb43JGcJEW_0cmfzvLwQR3Am6SmJSmUw-zXfsEJa83JVr5JjekT_wHp1I7J6xkCx7qk6Orbi7mBB3YuGph_6Dx9oXghhgBU2wGfFFXD3OkqvwF1aRwFVnkIxwNM68fZ35QObLAybgy9Yk5fr9gVg1YabJAynTx8umaKU4TIAGpDHSIDLfI5Ahi24aqh1mkaPd19o5fjj4YlzzEXuH4Wkqf_nKN8uKVMS3yOwxbRwTk9h6xRNRfFUqJD74PRRTJQDLnDfSTGVipsNJvB5hBvFbDzOjRtyFISQoMUBkTd7_SFhm7BGT6HQu2_d0JHOyDYC05GvxjOhhZ4z6HOiG25wkjRghQdlEKSBoiutSfWzt__QIKqJuHlaPEO8ymym95LzzBQu3NUiIUk07_xn7JtkneHLCpIyh6gpswkeqJaXXJP00rqsT-7YgeuH3ObblXE9FLZ6vXobxINbgePuRrrVj4yS79mmC7ipcm5FQPd7neRAJAltRA9KizXAzQNj3cAnbGurDdyQmVBCEY51Va0mKVwtMsty4N04jB6tBZaAuMVVQ6wAFR%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231207%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-2-%26adk%3D1812271804%26client%3Dca-pub-7176323234405639%26fa%3D4%26ifi%3D11%26uci%3Da!b%26btvi%3D5&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fkrank.de&random=1460736348042&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1

Request Chain 122

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8059911493316.245 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CKmexs_9m4MDFcjLOwId3zED1g;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8059911493316.245

Request Chain 124

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=39692800100716904444556012543014&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=39692800100716904444556012543014&t=htlp&gdpr=1&consent=1&gdpr_consent=

Request Chain 128

https://gcdn.2mdn.net/videoplayback/id/e18ab1460f931e82/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1734541433/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/83D645D91700784FCECFE8A1C19AEBE670F17504.3E0327E753DA7D595776DE2BA8A5E910622BA6C3/key/ck2/file/file.mp4 HTTP 302
https://r3---sn-5hne6n6l.c.2mdn.net/videoplayback/id/e18ab1460f931e82/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1734541433/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/8415D68F2FAC14786ED96C4AA2E56164207A781C.411A4095C63BF23DB6CAA777F80339AE11D3B970/key/cms1/cms_redirect/yes/mh/7Y/mip/2a03:1b20:6:f011::1e/mm/42/mn/sn-5hne6n6l/ms/onc/mt/1703004978/mv/u/mvi/3/pl/48/file/file.mp4

157 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
krank.de/produktcheck/vixan/
Redirect Chain

https://login.app.dd58261f4c2eb9476784nalytics.vixan.de/
https://krank.de/produktcheck/vixan/

103 KB
31 KB

77ms
34ms

Document
text/html

35.204.103.237
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://krank.de/produktcheck/vixan/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.204.103.237 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

word1.hyro.ag

Software

nginx /

Resource Hash

732b57831fe378649456c0b82a607c55298567e12653ca2d63471ea748948d1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 19 Dec 2023 17:03:52 GMT
server: nginx
strict-transport-security: max-age=63072000
vary: Accept-Encoding

Redirect headers

content-length: 72
content-type: text/html; charset=utf-8
date: Tue, 19 Dec 2023 17:03:52 GMT
location: https://krank.de/produktcheck/vixan/
x-redirector-id: d6f1c85d6c9744d3bf6ff402936cc2f8c2c558e5d073892a980296c0d0d389af

GET
H2 200 autoptimize_76ee0ff2619b0edec858d777d1c4bdc4.css
krank.de/wp-content/cache/autoptimize/css/ 2 MB
300 KB 20ms
19ms Stylesheet
text/css 35.204.103.237
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://krank.de/wp-content/cache/autoptimize/css/autoptimize_76ee0ff2619b0edec858d777d1c4bdc4.css

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/vixan/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.204.103.237 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

word1.hyro.ag

Software

nginx /

Resource Hash

c7c56cd7ca8a63577040a1b8ca4dc8936a7068f5431cbeea37e61ff7de681ce8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/produktcheck/vixan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 17:03:52 GMT
strict-transport-security: max-age=63072000
content-encoding: gzip
last-modified: Sat, 20 May 2023 11:07:54 GMT
server: nginx
etag: W/"6468aa0a-194212"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ebs_dynamic_css.php
krank.de/wp-content/plugins/easy-bootstrap-shortcodes/styles/ 0
274 B 39ms
39ms Stylesheet
text/css 35.204.103.237
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://krank.de/wp-content/plugins/easy-bootstrap-shortcodes/styles/ebs_dynamic_css.php

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/vixan/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.204.103.237 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

word1.hyro.ag

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/produktcheck/vixan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 17:03:52 GMT
strict-transport-security: max-age=63072000
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 page.js Show response
static.addtoany.com/menu/ 3 KB
2 KB 65ms
33ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/vixan/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

042a9121e1c7bcdc3bfc48ed5e23b8dd1f64f375ef5872a5984e5d5096444702

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 17:03:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7787
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"03396a6543cd35a0e73d2b4de150841b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OKCPDpgbtp%2FtlTFtK4xyA7jXy8rv5%2F2DPRfvx8BX8ut6bxRmVJRDJ%2BMOcDDUSb%2FE6zFXSFsNsH9z6THgfCVSKYpBWC4xWCnZ6rHq%2BWvjuyflPsQhZKYP%2FAF3FzXMRxSQI7r1OXx2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, stale-while-revalidate=30, public
cf-ray: 838138b02f1e1e5a-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 268 KB
90 KB 131ms
51ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-QVNJPTS5GE

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/vixan/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c257dd41ead6c70f0b5f1e3fd49b988f91a878578d6cb6746aeea2b41c8bb8cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 17:03:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91645
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 19 Dec 2023 17:03:52 GMT

GET
H2 200 krank-logo.gif
krank.de/wp-content/uploads/2017/09/ 5 KB
5 KB 39ms
38ms Image
image/gif 35.204.103.237
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://krank.de/wp-content/uploads/2017/09/krank-logo.gif

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/vixan/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.204.103.237 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

word1.hyro.ag

Software

nginx /

Resource Hash

b738bf74f1670331a09929a243b3e23ad16534d34ae62781d34467fd05545ba4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/produktcheck/vixan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 17:03:52 GMT
strict-transport-security: max-age=63072000
last-modified: Tue, 19 Sep 2017 14:28:58 GMT
server: nginx
etag: "59c129aa-1523"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 5411
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 penci-holder.png
krank.de/wp-content/themes/soledad-theme/soledad/images/ 125 B
332 B 39ms
39ms Image
image/png 35.204.103.237
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://krank.de/wp-content/themes/soledad-theme/soledad/images/penci-holder.png

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/vixan/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.204.103.237 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

word1.hyro.ag

Software

nginx /

Resource Hash

5afae4fdead31c173a0ae121f7cb84909b3f7729fd7235930f22758f297910f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/produktcheck/vixan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 17:03:52 GMT
strict-transport-security: max-age=63072000
last-modified: Fri, 27 May 2022 19:02:46 GMT
server: nginx
etag: "62912056-7d"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 125
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 150 KB
51 KB 191ms
113ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/vixan/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2c058b31694d10c9b109f3bd8a1426e1b6d80da1e073248a5cee31faf8d1503b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 17:03:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51799
x-xss-protection: 0
server: cafe
etag: 14239516384583265334
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 17:03:52 GMT

GET
H2 200 copyscape-seal-blue-120x100.png
krank.de/wp-content/uploads/2017/02/ 4 KB
4 KB 17ms
16ms Image
image/png 35.204.103.237
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://krank.de/wp-content/uploads/2017/02/copyscape-seal-blue-120x100.png

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/vixan/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.204.103.237 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

word1.hyro.ag

Software

nginx /

Resource Hash

d73a2da9645c4a8b90bc9e0b7540e05ee374ea8d0db34369fa79f5593b19df77

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/produktcheck/vixan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 17:03:52 GMT
strict-transport-security: max-age=63072000
last-modified: Sun, 26 Feb 2017 20:32:54 GMT
server: nginx
etag: "58b33b76-101a"
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 4122
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 autoptimize_8b2e4f5d7e47c6afe7e19f9bc8860dcb.js Show response
krank.de/wp-content/cache/autoptimize/js/ 370 KB
121 KB 20ms
19ms Script
application/javascript 35.204.103.237
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://krank.de/wp-content/cache/autoptimize/js/autoptimize_8b2e4f5d7e47c6afe7e19f9bc8860dcb.js

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/vixan/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.204.103.237 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

word1.hyro.ag

Software

nginx /

Resource Hash

a83788811cd52eb54fe35da0ba0c1c034c692f1e745d08e31edc75448ed727b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/produktcheck/vixan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 17:03:52 GMT
strict-transport-security: max-age=63072000
content-encoding: gzip
last-modified: Fri, 20 Jan 2023 15:24:24 GMT
server: nginx
etag: W/"63cab228-5c795"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 114ms
35ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/vixan/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 19 Dec 2023 15:48:14 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4538
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 19 Dec 2023 17:48:14 GMT

GET
H2 200 fontawesome-webfont.woff2
krank.de/wp-content/themes/soledad-theme/soledad/fonts/ 75 KB
76 KB 17ms
17ms Font
application/octet-stream 35.204.103.237
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://krank.de/wp-content/themes/soledad-theme/soledad/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: krank.de
URL: https://krank.de/wp-content/cache/autoptimize/css/autoptimize_76ee0ff2619b0edec858d777d1c4bdc4.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.204.103.237 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

word1.hyro.ag

Software

nginx /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://krank.de/wp-content/cache/autoptimize/css/autoptimize_76ee0ff2619b0edec858d777d1c4bdc4.css
Origin: https://krank.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 17:03:52 GMT
strict-transport-security: max-age=63072000
last-modified: Fri, 27 May 2022 19:02:46 GMT
server: nginx
etag: "62912056-12d68"
content-type: application/octet-stream
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 77160
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 penciicon.ttf
krank.de/wp-content/themes/soledad-theme/soledad/fonts/ 33 KB
33 KB 19ms
18ms Font
application/octet-stream 35.204.103.237
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://krank.de/wp-content/themes/soledad-theme/soledad/fonts/penciicon.ttf

Requested by

Host: krank.de
URL: https://krank.de/wp-content/cache/autoptimize/css/autoptimize_76ee0ff2619b0edec858d777d1c4bdc4.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.204.103.237 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

word1.hyro.ag

Software

nginx /

Resource Hash

0c6ba4901cfb68b03ca9a97ce1d7cbb688d6802c60819dd7cea0522aca8a0576

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://krank.de/wp-content/cache/autoptimize/css/autoptimize_76ee0ff2619b0edec858d777d1c4bdc4.css
Origin: https://krank.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 17:03:52 GMT
strict-transport-security: max-age=63072000
last-modified: Fri, 27 May 2022 19:02:46 GMT
server: nginx
etag: "62912056-8370"
content-type: application/octet-stream
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 33648
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 momizat.ttf
krank.de/wp-content/plugins/krank/fonts/icons/momizat/ 102 KB
102 KB 20ms
19ms Font
application/octet-stream 35.204.103.237
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://krank.de/wp-content/plugins/krank/fonts/icons/momizat/momizat.ttf

Requested by

Host: krank.de
URL: https://krank.de/wp-content/cache/autoptimize/css/autoptimize_76ee0ff2619b0edec858d777d1c4bdc4.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.204.103.237 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

word1.hyro.ag

Software

nginx /

Resource Hash

2bc5b6d2e8459d438a3ba116d12e11c71fa1c2deac8191dce05d5a40d125529f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://krank.de/wp-content/cache/autoptimize/css/autoptimize_76ee0ff2619b0edec858d777d1c4bdc4.css
Origin: https://krank.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 17:03:52 GMT
strict-transport-security: max-age=63072000
last-modified: Wed, 11 Oct 2017 09:40:31 GMT
server: nginx
etag: "59dde70f-19748"
content-type: application/octet-stream
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 104264
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 glyphicons-halflings-regular.woff2
krank.de/wp-content/plugins/krank/fonts/glyphicons/fonts/ 18 KB
18 KB 21ms
21ms Font
application/octet-stream 35.204.103.237
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://krank.de/wp-content/plugins/krank/fonts/glyphicons/fonts/glyphicons-halflings-regular.woff2

Requested by

Host: krank.de
URL: https://krank.de/wp-content/cache/autoptimize/css/autoptimize_76ee0ff2619b0edec858d777d1c4bdc4.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.204.103.237 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

word1.hyro.ag

Software

nginx /

Resource Hash

fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://krank.de/wp-content/cache/autoptimize/css/autoptimize_76ee0ff2619b0edec858d777d1c4bdc4.css
Origin: https://krank.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 17:03:52 GMT
strict-transport-security: max-age=63072000
last-modified: Wed, 11 Oct 2017 09:40:40 GMT
server: nginx
etag: "59dde718-466c"
content-type: application/octet-stream
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 18028
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 groceries-5216715_640-300x300.jpg
krank.de/wp-content/uploads/2020/05/ 19 KB
19 KB 18ms
17ms Image
image/jpeg 35.204.103.237
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://krank.de/wp-content/uploads/2020/05/groceries-5216715_640-300x300.jpg

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/vixan/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.204.103.237 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

word1.hyro.ag

Software

nginx /

Resource Hash

8bddaaa274cff5d99af7c41fc35887a3d4a095358ad6acc0bf4070916bd3c964

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/produktcheck/vixan/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 17:03:52 GMT
strict-transport-security: max-age=63072000
last-modified: Sat, 30 May 2020 03:18:57 GMT
server: nginx
etag: "5ed1d0a1-4c36"
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 19510
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sm.24.html Show response
static.addtoany.com/menu/ Frame EEC7 677 B
736 B 28ms
27ms Document
text/html 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/sm.24.html

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a4192e762a449dfd6e63bee835e0941627223c9159e8219acdd01881a1ac175

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://krank.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 26098
alt-svc: h3=":443"; ma=86400
cache-control: max-age=315360000, immutable
cf-cache-status: HIT
cf-ray: 838138b098351e5a-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 19 Dec 2023 17:03:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FCc2Z%2Fcdqzcy%2BxIa7O%2FivcNJedawEMZ5FaE34vIC81dG3L73EuIfojbHw9Yb4XJ0%2BC%2Bx1vCa2pEf44%2FXY8sJLgKk4%2FP2O%2BXLSyU%2BeBMR2%2FQDvtRlmz11DUtSy2h8Bi8T%2BzZ7g65xea5OFt6FVicDU3Q8"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 core.11bfb520.js Show response
static.addtoany.com/menu/modules/ 70 KB
26 KB 41ms
26ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/modules/core.11bfb520.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77fd2e01fe7322b437084ad512b3c3df777ce7d092b975eb8b29ecb4fb612187

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://krank.de/
Origin: https://krank.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 17:03:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 25239
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"a34c5f06f67d42236ec124345ba1b81c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cgZxx2eweURMzSu2a8%2B1zl9e6yJu6yONjqqS%2B5TfHL0reWG3GJSGeLH10fUdmk%2Fkcbz6C6ehNGgm7XoTbvF2iMSfx%2Bh6DvYSU1EH2x67RDE55Vl8YxFH101SlEhGwI6wQuabhkt1LJ4kRPQSOeSzLkVH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
cf-ray: 838138b0ad509217-FRA

GET
H2

200

cse.js Show response
cse.google.com/cse/
Redirect Chain

https://www.google.com/cse/cse.js?cx=017543789971312272162:83flyji0gei
https://cse.google.com/cse/cse.js?cx=017543789971312272162:83flyji0gei

9 KB
4 KB

153ms
75ms

Script
text/javascript

2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse/cse.js?cx=017543789971312272162:83flyji0gei

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/vixan/

Protocol

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

39e7b02b640ded5a95d93431b38dd4c2a920b5a454aa6d681f6896e48e8c6218

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-cLdVhMeClhgWdXhpW5k5-Q' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-cLdVhMeClhgWdXhpW5k5-Q' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-encoding: br
date: Tue, 19 Dec 2023 17:03:52 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3011
x-xss-protection: 0
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
server: gws
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private
permissions-policy: unload=()
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
expires: Tue, 19 Dec 2023 17:03:52 GMT

Redirect headers

date: Tue, 19 Dec 2023 16:51:55 GMT
x-content-type-options: nosniff
server: sffe
age: 717
content-type: text/html; charset=UTF-8
location: https://cse.google.com/cse/cse.js?cx=017543789971312272162:83flyji0gei
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 267
x-xss-protection: 0
expires: Tue, 19 Dec 2023 17:21:55 GMT

GET
H3 200 facebook.js Show response
static.addtoany.com/menu/svg/icons/ 430 B
867 B 69ms
69ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/facebook.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.11bfb520.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ee1397f4da0e0c981a979bc1ea43be1d0c28bf3619636df8ab9dc09fa770aaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.addtoany.com/menu/modules/core.11bfb520.js
Origin: https://krank.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 17:03:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12923
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"3c6ccaafe275b5b477d0400b5847bbce"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=phfEa%2BwLgjh0i6F8Nt98TwAStPMmCiPKiJ6IpxFEc7lXZKJElT1VmaBPCE%2BJmxITB%2BYeMHTnrSuHPTcgnc5GFF%2F87Mw7C2Qs4lxYQUt%2BicGvE6fD1eeUyTDRTt2est8aQrOaLKjsBgsuDrJgXL7kfGD9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-ray: 838138b0eb7d9944-FRA

GET
H3 200 twitter.js Show response
static.addtoany.com/menu/svg/icons/ 695 B
945 B 71ms
70ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/twitter.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.11bfb520.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74ec1e2bfcf647ccdeaf5b127294db846ee4a6f8ffd6c909d4938370d4187d1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.addtoany.com/menu/modules/core.11bfb520.js
Origin: https://krank.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 17:03:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3961
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"31edccd311957616d32bbcad27fcf679"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NHphYe0%2FBqh9QQs03AIoYC5xX28KobnVBBHZoYfE9MN9Qz%2B2JQ90mpBKNRNDb%2Bvhd7OjVVHGawnl1pFt%2BbjTHLRstfnUV%2FW%2FXORNiG53cBdBAG7JjuhBEi6U%2B1PRRo883Qsz4ANv1civ2CsfzRUbmq%2BX"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-ray: 838138b0eb829944-FRA

GET
H3 200 pinterest.js Show response
static.addtoany.com/menu/svg/icons/ 901 B
1 KB 83ms
82ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/pinterest.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.11bfb520.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab86f686b2e5133d5a05b7a94d1294ad711858e6aef9a931118ab1d8f1e2600d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.addtoany.com/menu/modules/core.11bfb520.js
Origin: https://krank.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 17:03:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12642
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"573fae6e51435ee7155601d053377d81"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XlX9Rid3OJfMbUpe99RO7XDSj0%2FeVflK%2FdRAyo1iO54sgx2%2BGW2zoJkAjkkgS8M8kwTCQJePGUwQbsQ65LiFtlVscdaVWyIHvIG2vZlj2KkarONsQiEjatKkxXg1ynbFjZYD1R0ES1vTMnjFEV3FHetS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-ray: 838138b0eb859944-FRA

GET
H3 200 whatsapp.js Show response
static.addtoany.com/menu/svg/icons/ 1 KB
1 KB 69ms
69ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/whatsapp.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.11bfb520.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

390bb80c8ec894a3669df1522e5f88b9f1c2a7dc7b2a6aa39ea8a6401b1aea80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.addtoany.com/menu/modules/core.11bfb520.js
Origin: https://krank.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 17:03:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 28272
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"6a035bb94747645017c1cfe9f5801857"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hc6p1XjZ%2BWTJlP3SYipsNQUQjqI%2BbsR5RTCna%2FkCuQ6Tbv85B5OpSSiiPaCC2dkn%2B6NhcLZ%2BPDoNhYqavmZ2M%2Bt2ZtM7DkAWAruYY6JeOusdEfuD4pREhGgMtpscgfi0HpN0EhyY"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-ray: 838138b0eb889944-FRA

GET
H3 200 facebook_messenger.js Show response
static.addtoany.com/menu/svg/icons/ 378 B
795 B 80ms
80ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/facebook_messenger.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.11bfb520.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

705ddd320c7afe5895ed0bb7438874918110baaaec1ad4b7da72bd13de82f96d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.addtoany.com/menu/modules/core.11bfb520.js
Origin: https://krank.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 17:03:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 21008
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"a7acd011eeba6d8c34c891c7c795d4e3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5e6nSDyDe%2FLYNJ95sAgGppDQMGsa7hidZWWHqIgtPb44GLKwh5FMRWc0S1F%2BiZ0u84xecVLa8K9Ki%2FFEl1ei5Nd3%2FYPw%2Bt4oeEXp9dcvUkyPwPoLLJoT%2FWFEsn4oO2581gzDY2Yp"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-ray: 838138b0eb899944-FRA

GET
H3 200 wordpress.js Show response
static.addtoany.com/menu/svg/icons/ 1 KB
1 KB 81ms
81ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/wordpress.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.11bfb520.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c9e7e961c8ae48bc5c643637c1ca200f7b3752fb57419eec5cb51c78564aab3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.addtoany.com/menu/modules/core.11bfb520.js
Origin: https://krank.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 17:03:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3961
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"fed705ff9e8985758014dc0e4aca605e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X5zF%2F%2FKAehG%2FFieyUV8vAW%2F2GbfPgxZh9q%2BUPIpfPybtSOMWclCYhKAAqJZczhfA3cJp89UIRHmr3vzgRO%2BynTY5SrBwCx7dLe7%2Fgz47K6I9%2FfXuMeZD4g2byFHLbzhq8yezHQZI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-ray: 838138b0eb8b9944-FRA

GET
H3 200 email.js Show response
static.addtoany.com/menu/svg/icons/ 427 B
836 B 82ms
81ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons/email.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.11bfb520.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b199ed28ba39e8d3bdc0d2860b8f710808796f2c7272406178010428f509d397

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.addtoany.com/menu/modules/core.11bfb520.js
Origin: https://krank.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 17:03:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3961
content-encoding: br
alt-svc: h3=":443"; ma=86400
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"48a669f03d3a3ea93ea22be8f12d6cc2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BR0GgykA%2F8SSi0W6rJz6PqEmehLRvUHyULUOT42mpa6lvuCIjaet2P6q2%2Bl2VgUDbCsw7pnm7XxImS5IysOBh%2B3%2BZWKtbS9xAjXdK%2FpFzRyKgWEcw5XbM11VJIDJqdQsxX%2Fc5XcXU2Y%2FQXGQvHZuDmFX"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7776000, stale-while-revalidate=30, public
cf-ray: 838138b0eb8d9944-FRA

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
3 KB 23ms
8ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.11bfb520.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e1dc5baf8a68252c111ebb2597263b7f0f94a4bedc1bb9eb6a96fe7594fb034d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 19 Dec 2023 17:03:52 GMT
content-md5: gWlS8+am5F9kHjfZAgoSEw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1684
reporting-endpoints
x-fb-debug: gzZQ1sHLaj07kp62ale8FPyWfd8MqAdA0Sfzi48Dl+TFlbL2+uB7eBKbIlDmUPPGmqAqRwQoqt5ipvtunuGezw==
x-fb-content-md5: 814d5d116cacc5fe440c0635caa490a7
cross-origin-opener-policy: same-origin-allow-popups
etag: "1bbee5485f9e072dc64e1da10d3fbcc1"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Tue, 19 Dec 2023 17:06:36 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 64ms
16ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: static.addtoany.com
URL: https://static.addtoany.com/menu/modules/core.11bfb520.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/668B) /
Resource Hash: 173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 19 Dec 2023 17:03:52 GMT
Content-Encoding: gzip
Age: 434
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27597
Last-Modified: Mon, 11 Dec 2023 17:20:28 GMT
Server: ECS (frb/668B)
Etag: "824beb891744db98ccbd3a456e59e0f7+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
217 B 43ms
43ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1014792333&t=pageview&_s=1&dl=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fvixan%2F&ul=en-us&de=UTF-8&dt=Vixan%20Produktcheck%20-%20Bewertung%20-%20Produkt%20im%20Test%20%C2%BB%20Krank.de&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1589446285&gjid=417327604&cid=1510633034.1703005432&tid=UA-75122288-1&_gid=552735074.1703005432&_r=1&_slc=1&z=1397624997

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

9858aba970f31a0ffac37a23df86b15aac549d4ad87adc33a3d11becc8325e67

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://krank.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 17:03:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://krank.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 297 KB
85 KB 16ms
8ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=d5a84b63e0db4abba10b874ea041a8b0

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

534ce8ca70861a23af8878f09f33e73005552e4886241e2f691ec08e9cf295a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://krank.de/
Origin: https://krank.de
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 19 Dec 2023 17:03:52 GMT
content-md5: sca3FkKSJL59XTNxcEiMVQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86869
reporting-endpoints
x-fb-debug: aBZ37D31+D20yHNuqoDnFbF3pHF6zwXvBzCFLRx4RAvZyJFm7ol3VjAlm6PHQBFMLA4Uoaury/kd1bKXOQKFOA==
x-fb-content-md5: 18dc771bddde28994dcf8bab556b8c1a
cross-origin-opener-policy: same-origin-allow-popups
etag: "7b8774447b7558155c6a284589873a6c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Wed, 18 Dec 2024 16:41:13 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
341 B 55ms
19ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-75122288-1&cid=1510633034.1703005432&jid=1589446285&gjid=417327604&_gid=552735074.1703005432&_u=IEBAAEAAAAAAACAAI~&z=1602026801

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://krank.de/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 19 Dec 2023 17:03:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://krank.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 234 KB
82 KB 52ms
52ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-N88Q73T6W9&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b449768353265b429cd5cc5e3b273f9d8d905a5eea68fa304b6a80006fc706e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 17:03:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84241
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 19 Dec 2023 17:03:52 GMT

GET
H/1.1 200
OK widget_iframe.2f70fb173b9000da126c79afe2098f02.html Show response
platform.twitter.com/widgets/ Frame 3136 319 KB
104 KB 16ms
16ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fkrank.de
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67C0) /
Resource Hash: 70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18

Request headers

Referer: https://krank.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 690122
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105429
Content-Type: text/html; charset=utf-8
Date: Tue, 19 Dec 2023 17:03:52 GMT
Etag: "81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified: Mon, 11 Dec 2023 17:19:49 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67C0)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

POST
H2 204 collect
region1.google-analytics.com/g/ 0
249 B 48ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-QVNJPTS5GE&gtm=45je3bt0v9100727719&_p=1703005432347&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1510633034.1703005432&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1703005432&sct=1&seg=0&dl=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fvixan%2F&dt=Vixan%20Produktcheck%20-%20Bewertung%20-%20Produkt%20im%20Test%20%C2%BB%20Krank.de&en=page_view&_fv=1&_ss=1&_ee=1&tfd=504
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QVNJPTS5GE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 17:03:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://krank.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 3136 869 B
659 B 138ms
116ms Fetch
application/json 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=cefbb04cd2dbe312919368b429c71a32a42cd4de

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fkrank.de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-response-time: 109
date: Tue, 19 Dec 2023 17:03:51 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Tue, 19 Dec 2023 17:03:52 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: cb1f73037536a156
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7469935968
x-connection-hash: 0dde84fad0af607322dec46cda7c51c919e5b06b84f37d63248f2e34b3672d9a
content-length: 337

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 399 KB
135 KB 99ms
99ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7176323234405639&plah=krank.de

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d599fffe804273a7badc94f53d809094b40a9de15040a9a7af2e0648638a3996

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 17:03:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137960
x-xss-protection: 0
server: cafe
etag: 2012914354505434318
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 17:03:52 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame D646 9 KB
4 KB 113ms
35ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://krank.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 63899
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 18 Dec 2023 23:18:53 GMT
etag: 5585625838579639069
expires: Mon, 01 Jan 2024 23:18:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 18ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-N88Q73T6W9&gtm=45je3bt0v9135301576&_p=1703005432347&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=1510633034.1703005432&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fvixan%2F&dt=Vixan%20Produktcheck%20-%20Bewertung%20-%20Produkt%20im%20Test%20%C2%BB%20Krank.de&sid=1703005432&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=562
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N88Q73T6W9&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 17:03:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://krank.de
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cse_element__de.js Show response
www.google.com/cse/static/element/3bd4ac03c21554b3/ 315 KB
105 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/3bd4ac03c21554b3/cse_element__de.js?usqp=CAI%3D

Requested by

Host: www.google.com
URL: https://www.google.com/cse/cse.js?cx=017543789971312272162:83flyji0gei

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

501efd26e0adb1b58e4e630bed3978be00907c298ebb68c6b3c12ba0ca435a0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 17:03:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 107398
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 16:53:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: private, max-age=31536000
accept-ranges: bytes
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Tue, 19 Dec 2023 17:03:52 GMT

GET
H2 200 default+de.css
www.google.com/cse/static/element/3bd4ac03c21554b3/ 41 KB
9 KB 47ms
46ms Stylesheet
text/css 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/3bd4ac03c21554b3/default+de.css

Requested by

Host: www.google.com
URL: https://www.google.com/cse/cse.js?cx=017543789971312272162:83flyji0gei

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5402de70228d4bf5379b518225b702918f6ae277e9293f9d16334c2b1fa31e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 17:03:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9068
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 16:53:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: private, max-age=31536000
accept-ranges: bytes
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Tue, 19 Dec 2023 17:03:52 GMT

GET
H2 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
2 KB 37ms
37ms Stylesheet
text/css 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: www.google.com
URL: https://www.google.com/cse/cse.js?cx=017543789971312272162:83flyji0gei

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 16:57:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 401
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1345
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Tue, 19 Dec 2023 17:47:11 GMT

GET
H/1.1 200
OK button.856debeac157d9669cf51e73a08fbc93.js Show response
platform.twitter.com/js/ 8 KB
3 KB 20ms
20ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.856debeac157d9669cf51e73a08fbc93.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/668B) /
Resource Hash: 426e16d014775c77916610f675f58880874c645817ed26d01873dde3466e6007

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 19 Dec 2023 17:03:52 GMT
Content-Encoding: gzip
Age: 690140
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 2620
Last-Modified: Mon, 11 Dec 2023 17:19:47 GMT
Server: ECS (frb/668B)
Etag: "fdf02dd038ed38dbf3c240d56262af0c+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK tweet_button.2f70fb173b9000da126c79afe2098f02.en.html Show response
platform.twitter.com/widgets/ Frame 1A1C 33 KB
13 KB 16ms
16ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.2f70fb173b9000da126c79afe2098f02.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/668B) /
Resource Hash: 320f88c7a9672864d92d9369cde081ba7c6e9a27cd0592755b011be432373882

Request headers

Referer: https://krank.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 690134
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 12332
Content-Type: text/html; charset=utf-8
Date: Tue, 19 Dec 2023 17:03:52 GMT
Etag: "e29e65db7bf0a096587728e1faacfd9c+gzip"
Last-Modified: Mon, 11 Dec 2023 17:19:48 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/668B)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H2 200 embeds
syndication.twitter.com/i/jot/ 43 B
127 B 119ms
118ms Image
image/gif 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fvixan%2F%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22Krank_de%22%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1703005432769%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%222615f7e52b7e0%3A1702314776716%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=cefbb04cd2dbe312919368b429c71a32a42cd4de

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/vixan/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-response-time: 111
date: Tue, 19 Dec 2023 17:03:52 GMT
strict-transport-security: max-age=631138519
last-modified: Tue, 19 Dec 2023 17:03:52 GMT
server: tsa_o
vary: Origin
content-type: image/gif
x-transaction-id: 2bde1c1dd657c836
cache-control: must-revalidate, max-age=600
perf: 7469935968
x-connection-hash: 0dde84fad0af607322dec46cda7c51c919e5b06b84f37d63248f2e34b3672d9a
content-length: 43

GET
DATA 200
OK truncated
/ Frame 1A1C 471 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 844208d3f740c48ca14df4373b0d232cb9e81f3934b53114833ca717b03a90f5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 13A1 220 KB
50 KB 260ms
260ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&adk=1812271804&adf=3025194257&lmt=1703005432&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x540_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fvixan%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703005432615&bpp=2&bdt=371&idt=185&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4542955141207&frm=20&pv=2&ga_vid=1510633034.1703005432&ga_sid=1703005433&ga_hid=1014792333&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44798934%2C95320885&oid=2&pvsid=4179629922089674&tmod=1913693384&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=202

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7176323234405639&plah=krank.de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af7e9bc6cdfb6091a82d22dbdf6405ba0b72d0f26774cdfa89e0dcdccaaeac4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://krank.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 51183
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 17:03:53 GMT
expires: Tue, 19 Dec 2023 17:03:53 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 like.php Show response
www.facebook.com/v17.0/plugins/ Frame 1338 0
2 KB 124ms
109ms Document
text/html 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v17.0/plugins/like.php?app_id=0&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1c4a7f78d2f21%26domain%3Dkrank.de%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fkrank.de%252Ff197d51fb57f24c%26relation%3Dparent.parent&container_width=82&href=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fvixan%2F&layout=button&locale=en_US&ref=addtoany&sdk=joey&width=90

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=d5a84b63e0db4abba10b874ea041a8b0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://krank.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html;charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 19 Dec 2023 17:03:53 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
x-content-type-options: nosniff
x-fb-debug: 6S8dikV/JiSk4Dghq8Sem1J+Sov+LqX3l/BVJHcq0GKtUMnPzyUjjxF7D2pdo1b7BCNnN0QDXaRn/BHiLVIfNA==
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 155ms
83ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

656a1eb296fbc789f057ee05bcffe0847e786f202cf53c5489db647b27693e97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 17:03:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12050
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 160 KB
55 KB 90ms
89ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a02263cf75c29f80fdb1b381769cd5ba8d13287b4c370eacb3bbd6df56a92912

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 17:03:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56007
x-xss-protection: 0
server: cafe
etag: 5399100907576838485
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 17:03:53 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 48E9 712 B
381 B 353ms
353ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1451227432&adf=1573539209&pi=t.aa~a.3479421391~i.6~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1703005433&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fvixan%2F&ea=0&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703005433197&bpp=2&bdt=953&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=4542955141207&frm=20&pv=1&ga_vid=1510633034.1703005432&ga_sid=1703005433&ga_hid=1014792333&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1664&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44798934%2C95320885&oid=2&pvsid=4179629922089674&tmod=1913693384&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=14

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e5dfa36ef318ce3f9a9bd1ffcdf9fe06b47a145ff325219daad731d8514aee00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://krank.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 356
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 17:03:53 GMT
expires: Tue, 19 Dec 2023 17:03:53 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 33F5 712 B
380 B 351ms
351ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1451227432&adf=2557662899&pi=t.aa~a.3479421391~i.11~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1703005433&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fvixan%2F&ea=0&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703005433197&bpp=1&bdt=952&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280&nras=3&correlator=4542955141207&frm=20&pv=1&ga_vid=1510633034.1703005432&ga_sid=1703005433&ga_hid=1014792333&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=2311&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44798934%2C95320885&oid=2&pvsid=4179629922089674&tmod=1913693384&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=48

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d7652564782396fa6413b79a9254c604a39e048ce295a039c7d3d9fa9c6bc00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://krank.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 355
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 17:03:53 GMT
expires: Tue, 19 Dec 2023 17:03:53 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 51BE 712 B
381 B 355ms
355ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1451227432&adf=1037788077&pi=t.aa~a.3479421391~i.16~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1703005433&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fvixan%2F&ea=0&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703005433197&bpp=1&bdt=952&idt=-M&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C1140x280&nras=4&correlator=4542955141207&frm=20&pv=1&ga_vid=1510633034.1703005432&ga_sid=1703005433&ga_hid=1014792333&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3038&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44798934%2C95320885&oid=2&pvsid=4179629922089674&tmod=1913693384&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=50

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85dc665d9f7d524c1d33a9fa6fe24b1492d9303b7c0d9fdfcdabd5b5845dc6a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://krank.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 356
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 17:03:53 GMT
expires: Tue, 19 Dec 2023 17:03:53 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A13B 712 B
379 B 350ms
350ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1451227432&adf=3195024897&pi=t.aa~a.1793448234~i.28~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1703005433&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fvixan%2F&ea=0&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703005433197&bpp=1&bdt=953&idt=1&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1140x280%2C1140x280%2C1140x280&nras=5&correlator=4542955141207&frm=20&pv=1&ga_vid=1510633034.1703005432&ga_sid=1703005433&ga_hid=1014792333&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=4108&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44798934%2C95320885&oid=2&pvsid=4179629922089674&tmod=1913693384&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=53

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4cff9fb65fc83264255d86501f3999d43eb7e1ba9eebea778bb7420338711953

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://krank.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 354
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 17:03:53 GMT
expires: Tue, 19 Dec 2023 17:03:53 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 like.php Show response
www.facebook.com/v17.0/plugins/ Frame C6DC 0
118 B 111ms
111ms Document
text/html 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v17.0/plugins/like.php?app_id=0&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4f49cbc3677b8%26domain%3Dkrank.de%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fkrank.de%252Ff197d51fb57f24c%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fvixan%2F&layout=button&locale=en_US&ref=addtoany&sdk=joey&width=90

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=d5a84b63e0db4abba10b874ea041a8b0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://krank.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html;charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 19 Dec 2023 17:03:53 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
x-content-type-options: nosniff
x-fb-debug: yh5ngoITHRsxcsaNLaMTloYOMWR+b/CyNAwUMJEg0Ar/8/ATcKmHFXQZ12hT/KN6If66I/pjlnoZqp5Z6PkOKQ==
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame 3F9F 9 KB
4 KB 35ms
35ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://krank.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 29335
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 08:54:58 GMT
etag: 5585625838579639069
expires: Tue, 02 Jan 2024 08:54:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame 04BD 9 KB
4 KB 36ms
36ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://krank.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 29335
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 08:54:58 GMT
etag: 5585625838579639069
expires: Tue, 02 Jan 2024 08:54:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame 8501 9 KB
4 KB 37ms
37ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://krank.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 29335
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 08:54:58 GMT
etag: 5585625838579639069
expires: Tue, 02 Jan 2024 08:54:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 160ms
81ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 17:03:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 19 Dec 2023 17:03:53 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 3F9F 4 KB
1 KB 126ms
44ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 19 Dec 2023 17:03:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 19 Dec 2023 16:10:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 19 Dec 2023 17:03:53 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 3F9F 16 KB
7 KB 66ms
37ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41b43f64c3e5d7f9eca80634429adb1b8e0a1c5e1fe67ad71ec651a991ebfe68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 01:54:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54550
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6766
x-xss-protection: 0
server: cafe
etag: 14924840246271906451
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Jan 2024 01:54:43 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 3F9F 22 KB
9 KB 69ms
40ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:16:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53218
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9210
x-xss-protection: 0
server: cafe
etag: 13914886398874665762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Jan 2024 02:16:55 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 69F8 624 B
246 B 73ms
72ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjT7bvGATAB&v=APEucNWmRj8dY3mLDB-ogKp_qEzwXTHaLrpPdSnrxXboRrnuHIapMIwVmd9lf7Bq_B7tuse9YkbjpKTD5_6RjR0VvXLT9prcZK3wvG2Zcvqnqk4J2BxoGWyrrD7SfgFojYos-E_QqkQ4uAPSbfnpgSHgO14AwKZpnJj6cpJGyh5raOoICCgHWYk

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/vixan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 17:03:53 GMT
expires: Tue, 19 Dec 2023 17:03:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame CB52 89 KB
31 KB 84ms
83ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/vixan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 17:03:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 17:03:53 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame CB52 3 KB
1 KB 100ms
78ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/vixan/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:38:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12305
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Jan 2024 13:38:48 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame CB52 20 KB
8 KB 71ms
48ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/vixan/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54574
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Jan 2024 01:54:19 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame CB52 203 KB
65 KB 126ms
45ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/vixan/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 17:03:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Dec 2023 17:03:53 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame CB52 42 B
63 B 66ms
66ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BNCt7-tJ2XNm1l4X35KvCKFDGc8VlHLQPegA1RJID1GYrXf06Jc2_bVjiIN4PNMa3khdsjiuak3QN4EulPaw5HaevVXS1LGhPX6lKfK29SbnC90Lk

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/vixan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 17:03:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 3978 624 B
246 B 74ms
73ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhDb4oYCGN_xlIABMAE&v=APEucNXjuoyr8GN73pznpoP1d7j4LFYzxZDlE-zRSMVXTt9Almrz75H0JEE1NrmA5kBv_04O01ChhCl9y690lnWYzL09wd-A8zL1q5Rzb4XsQ7hubtOE3FPQKPsXUD_i4bngw8rWZuT5a1tJXl0dDOs5ON-CPF-RzWwvM_vGPER7bcOT4L7zPvs

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/vixan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 17:03:53 GMT
expires: Tue, 19 Dec 2023 17:03:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 0AE8 89 KB
31 KB 191ms
190ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/vixan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 17:03:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 17:03:53 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 0AE8 24 KB
10 KB 58ms
27ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: krank.de
URL: https://krank.de/produktcheck/vixan/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 17:03:53 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 09:14:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 546544
etag: W/"aa3e81d21ff1f0e18f4862e53a794952"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Myix1lkVSXRJruIcgJx%2FScYAp9ZHAhSsMmj8LGYXXUvFKltIBu3PQVkknMhcIcLRdAVnygBMeeszt9cZ1aY30PJYhX5dRuaj%2BOoXDGlOKqPxnmCLa0JIcU7GaYDtC0rezuME818%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 838138b6ea7865b6-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 13 Dec 2023 09:14:49 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 0AE8 3 KB
1 KB 92ms
80ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/vixan/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 13:38:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12305
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Jan 2024 13:38:48 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 0AE8 20 KB
8 KB 84ms
72ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/vixan/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54574
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Jan 2024 01:54:19 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0AE8 203 KB
64 KB 181ms
111ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/vixan/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 17:03:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Dec 2023 17:03:53 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0AE8 42 B
63 B 66ms
65ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ACNtHrm11bZ4N45fZ80852i1z6_I8e5LrJ2tXzPn04wUf_k6ytrb-6nfKj9vtS5aCnyd2fL8gWXMr41xA4tC49PwvbqCgOs_em4l-DArz8dHu9kM4

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/vixan/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 17:03:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 69F8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAB1r_IMtWdcy96O-ojyxOo&google_cver=1

43 B
765 B

34ms
34ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAB1r_IMtWdcy96O-ojyxOo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjT7bvGATAB&v=APEucNWmRj8dY3mLDB-ogKp_qEzwXTHaLrpPdSnrxXboRrnuHIapMIwVmd9lf7Bq_B7tuse9YkbjpKTD5_6RjR0VvXLT9prcZK3wvG2Zcvqnqk4J2BxoGWyrrD7SfgFojYos-E_QqkQ4uAPSbfnpgSHgO14AwKZpnJj6cpJGyh5raOoICCgHWYk
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 17:03:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6uw47eLWLOTvpmkLopvEi1QeZtebStnFnc6hdXGcMTtWWknpODwtDcHY4sJJAp%2BTy7cc%2Bh6UgYwZe3ET9JBEmZwVV0oiajDEUC66mbVBDIM1c8F8sqFCgsnA2aafMA9M8mcn3wfcS0lECw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 838138b7fef537fd-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 19 Dec 2023 17:03:53 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAB1r_IMtWdcy96O-ojyxOo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 69F8
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYHM.bLNGmHoudMwipmWBwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFGhGkBqq9N8Z-jr7LbiCoc&google_cver=1&google_hm=2

43 B
740 B

26ms
25ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFGhGkBqq9N8Z-jr7LbiCoc&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjT7bvGATAB&v=APEucNWmRj8dY3mLDB-ogKp_qEzwXTHaLrpPdSnrxXboRrnuHIapMIwVmd9lf7Bq_B7tuse9YkbjpKTD5_6RjR0VvXLT9prcZK3wvG2Zcvqnqk4J2BxoGWyrrD7SfgFojYos-E_QqkQ4uAPSbfnpgSHgO14AwKZpnJj6cpJGyh5raOoICCgHWYk
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 17:03:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SSvCzqjbowZ65iKn%2FNi4sJSmX%2FwUq%2FaaciSCYwh8UPQlInq%2BqGzXXjPm48ij%2BuMnG3dmY5g47IV30fgqGfNWX0Fn%2FaW6Gc8vtHLj97kweJYqb5DCTHdf2WFCZXLjvIn8T0%2Fr3kUVorGNsg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 838138b81f2d37fd-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 19 Dec 2023 17:03:53 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFGhGkBqq9N8Z-jr7LbiCoc&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 69F8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEIFZV4wyyqeULyX-v9B0nEM&google_cver=1

43 B
844 B

20ms
19ms

Image
image/gif

37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEIFZV4wyyqeULyX-v9B0nEM&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjT7bvGATAB&v=APEucNWmRj8dY3mLDB-ogKp_qEzwXTHaLrpPdSnrxXboRrnuHIapMIwVmd9lf7Bq_B7tuse9YkbjpKTD5_6RjR0VvXLT9prcZK3wvG2Zcvqnqk4J2BxoGWyrrD7SfgFojYos-E_QqkQ4uAPSbfnpgSHgO14AwKZpnJj6cpJGyh5raOoICCgHWYk

Protocol

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 17:03:53 GMT
an-x-request-uuid: d65841e4-3ece-469f-a39a-f79956253ce2
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 185.213.155.136; 185.213.155.136; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 19 Dec 2023 17:03:53 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEIFZV4wyyqeULyX-v9B0nEM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 69F8
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDYyODkxMDQ3MDM2MDkwNTc1NQ%3D%3D

170 B
243 B

79ms
46ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDYyODkxMDQ3MDM2MDkwNTc1NQ%3D%3D

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 17:03:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 19 Dec 2023 17:03:53 GMT
an-x-request-uuid: 00b5393a-e1e6-4517-95d5-2a22817e62eb
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDYyODkxMDQ3MDM2MDkwNTc1NQ%3D%3D
x-proxy-origin: 185.213.155.136; 185.213.155.136; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 3978
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFGhGkBqq9N8Z-jr7LbiCoc&google_cver=1

43 B
737 B

35ms
35ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFGhGkBqq9N8Z-jr7LbiCoc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhDb4oYCGN_xlIABMAE&v=APEucNXjuoyr8GN73pznpoP1d7j4LFYzxZDlE-zRSMVXTt9Almrz75H0JEE1NrmA5kBv_04O01ChhCl9y690lnWYzL09wd-A8zL1q5Rzb4XsQ7hubtOE3FPQKPsXUD_i4bngw8rWZuT5a1tJXl0dDOs5ON-CPF-RzWwvM_vGPER7bcOT4L7zPvs
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 17:03:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xNvyQNUkBDWqM%2FAummG4DwbRn8TRFkO3xXUgpDfAe2BMIJfyHrvteefkt1KCd%2FDm6i%2BJYOZNJQT29VcCyxnI7J5f1cg4slSC0QF56mgCB%2FH2pQQmcJYC7EAuBZfLyBVQee6qkzTcvJ%2BIuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 838138b7fefa37fd-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 19 Dec 2023 17:03:53 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFGhGkBqq9N8Z-jr7LbiCoc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 3978
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYHM.fTHH-gAfhwBrZx5cAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFGhGkBqq9N8Z-jr7LbiCoc&google_cver=1&google_hm=2

43 B
734 B

24ms
24ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFGhGkBqq9N8Z-jr7LbiCoc&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhDb4oYCGN_xlIABMAE&v=APEucNXjuoyr8GN73pznpoP1d7j4LFYzxZDlE-zRSMVXTt9Almrz75H0JEE1NrmA5kBv_04O01ChhCl9y690lnWYzL09wd-A8zL1q5Rzb4XsQ7hubtOE3FPQKPsXUD_i4bngw8rWZuT5a1tJXl0dDOs5ON-CPF-RzWwvM_vGPER7bcOT4L7zPvs
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 17:03:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aXgPlWI14yB1JSiEMRde566n3EqtbIbPbH8K9ahl%2F184xQO0YNQ%2FKGYUrGB4GX6NVbLzJ1ynwp%2B25qsrwPfdlr5kvfiFxjtNUNlE84yJsWQGahEZ2iOnUT0E8tU7QCWY%2BWiH4iQT4r5BZg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 838138b81f3037fd-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 19 Dec 2023 17:03:53 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFGhGkBqq9N8Z-jr7LbiCoc&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 3978
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEAQQ_Osl91Z5I_3cFYmlP4s&google_cver=1

43 B
842 B

8ms
7ms

Image
image/gif

37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEAQQ_Osl91Z5I_3cFYmlP4s&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhDb4oYCGN_xlIABMAE&v=APEucNXjuoyr8GN73pznpoP1d7j4LFYzxZDlE-zRSMVXTt9Almrz75H0JEE1NrmA5kBv_04O01ChhCl9y690lnWYzL09wd-A8zL1q5Rzb4XsQ7hubtOE3FPQKPsXUD_i4bngw8rWZuT5a1tJXl0dDOs5ON-CPF-RzWwvM_vGPER7bcOT4L7zPvs

Protocol

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 17:03:53 GMT
an-x-request-uuid: 4b943bc4-c216-45dc-8c2d-ebab2b843256
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 185.213.155.136; 185.213.155.136; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 19 Dec 2023 17:03:53 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEAQQ_Osl91Z5I_3cFYmlP4s&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 3978
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDYyODkxMDQ3MDM2MDkwNTc1NQ%3D%3D

170 B
232 B

97ms
48ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDYyODkxMDQ3MDM2MDkwNTc1NQ%3D%3D

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 17:03:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 19 Dec 2023 17:03:53 GMT
an-x-request-uuid: c08e89b7-6216-4073-8016-1d364592cd77
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDYyODkxMDQ3MDM2MDkwNTc1NQ%3D%3D
x-proxy-origin: 185.213.155.136; 185.213.155.136; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CB52 0
20 B 66ms
66ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8161985025884&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 17:03:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CB52 0
20 B 67ms
67ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8161985025884&version=m202309260101&ct=77&x=1&cor=1064581815932469800

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 17:03:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame CB52 20 KB
14 KB 77ms
76ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DAjESiOI4IR08-KXkUJXk7oKepnqTSXt5Y1Cy0OLjPAd7POlyYTb-vEdoicqpAupKD7TEnZju0k5lz0XhNVvpiUVeteKkoylspRgNwl5wPXM7TIsVIEuO-odQNU5rpYo7GnHYrw47N9olHa4kWCwJdKpFTLu86EnGRkPG1k1WezI1jrss&cry=1&dbm_d=AKAmf-DZq87Wz00H9tgQJ0U5u9cgLK52QxcxVp0g9-e7tKqz-fuZpvXfQ_a4ft1AMMB6IdUuYZBihxN9W1dN_-38A1hqiumY8Er69nlszsyvPc8Pr2cud21HkedO151Bryga640-zac26hZqD8JrkH85pFhAk4LkhNFyGJ-WLjmNL7bBGMxYQ6zMphDdXfXLoL9gZv9Vd1mMDl7g5ciLHDDsgs_SP7keTeWwJ4fMOEZEJZH8Hvg-3Zli5ivN1smTm4PXD8IAtC0inTW1iU731PTwwFh1ybDgJiiYbzHcWpJQUiwAhnmxnNjusoyUHFInFca_XkeMiWexhKyv7jUxOvbLj_NJzy2qwg8kO_BycF9l1GBUL-Rsz8OFOfepI7_eBBob8qHqGn-cjc0cJF-wW4uS-ZYflRPU4djTQ6bXlKl9GNOcdUcnM7HA1nE0v6jBMuIIMLH1Z9xHrRXbiTC9VJPFoh5yeYbU1yYI0v3X9Z5tja4MT9asbA9opR_ILCUd_g7gOhWZkUzLV-crAYvTZg_jQnh7I5havx329HR-jOv9t2v4OuDL24VH6IuiwLurAs-1dufPMZKc987pz0CfQAdoM5z9crMoa0yx1h88feyIZssZuNjPTA27-HRuE2NPijEy7Wuv2ulCGLjBwz8-0rFD9Nj2hxu78208pfJaBw72LoEaDzCgN_5ksQO13nuNoYk68Kiedflq4tIv_7xFexgbhwVWZSg8vLzJ-o3Zd7ohKhfPs57kyyxt3Gab-B8LOa38h_0AHjBTpLkvO8ixCy7jwQ5aRdEI71F4j_A_PBc1ZnMgD1qtzABnNHs4tk1QXChgD0PwnFp_hwFDqy5w1MQLKW3NkfRnRBLQM9OuY7SdCDykNHeMyWA_jjbu7RmjvPUv7EuawcixIakpT8c30g1KYB3lto8QFSvkLJ2ohcVVcfFnP7UngRzoX2azUZqCpthZfAM80PqvWsWE4bYKx3O_Yn8rtgawPjWPdkgQMNvvWiNh5YakgCHv1howw8V9k3RKRC1BnqPomhGvOwS4GjOIwleceS_wg8ifysoFygF3hAvzlr7s9ubIeDU0D167TsGC_DAk-_1YXWe-EOMSAq05cxFEaH6-rmTMBptGiiDEONcWCCB-HNfNFu0xguY5yZK3ohJbyjjFMDyfa6HV5Vp8GcLJm4XYIOfxjLmdPIC8uxxQ9--9kiE1SmcfTav4fdu6AVA6RbThuk_fAlTOAw2QbY0iHz-Y0mNDdeKy3Qaz6UgQijFI9zZXSpUq898awsNPkoancKWUf7AoXE6Rhb5u_T6J5tMtF00LhUd74tdyWeX8JFOTYqx5jeumMCmts5tRbYDNZLGjPjvr10N7K0tZmJlWRT1DqlFxTrJJU3gJ7VcSogY9sfmYHgoXQXX2h8EyPMM2IgzNrk4ap2apytH3Lgnh37WymoMCVyUs6EA7BBRJiLvqKLMr_8p7xzUopehFDZCeiafjpE4ULWq4QHZ7EEuUzjptYQYiN4WdfqTD2rlUBygXpljI1Yt6ce-iT_vlYoAoB1l3GZ1LQO4NQ_0LX-28RDhRrOC8ZJ6vMsZ24vB7GI5rXXG7nSoPEoX20HjusjiujwMtNK47noCW-ZNvlX5txdtW8qGxIkCu3ojX1MBaxJTW5O3ozBug8JISgQK8kKMMx2r2qTbe8jRrwsKNPo5FP9mItsFj5QIQCzTaLOpWdV7f0yuo2EgS-UHE8qLv7jMbiOLrWPMcHON0LfrZ9VPkwcjMJ5gICknNt2dS2v_qbRcw6F17oDYrTrX0c8Sv1_MJRwKbOP9PmxTBvB8I9jZ2FUTv3KdARKQIvIAw021w6jDX8KUcs6qj1yGzn1PWHgeDqaaDW4F5lh08tZtomYAE-mSVohRvP-zdovXEUvvZs-k_Astknxwtjnws0r7XHVYMM_Evvp39ZfaOmY-AhkU-DRlB0WtewpWGigjGrOnXCzXVVvbdMzanuw97w3vX2K7xoCgq2THgqdlhY3612Mgdh5gT-5qz5G9PiobqcdMGzJU5hWfX4MgwmILoVUuPNNT78MbCu4HD7muvpFAKje9lq4sFBLSPiqpsxJQhqBAAlMExykCrV6ZlHWvr4yrC0aEYZdpLklJduD3BYGm-rZUe5IY7DdEUZXoYY_j_cVpIXrWNPgfDg7WdipQeN0ApOZhBgbeG1BGGW5u3EyAU4FSSeNrxN0e1Ai5gV2_wAE18mu-kQn9nYeIT1uLwqzimpYEqI-QSsdkwH_orqVlGyPjT1VDxyK0IcNR3WVSTVG-7BdGe-JSzkBShSGahvVFEc-0kt9kBZFiQPa18opPC9owIXT0uIL8cR3VeI0uz9LSVChDkMALUfzqvylAqR4dAXAbtw0uKuh0XPNlEOm9btuC0fSLWX3NZ5kj773zD3VZNRl_3vK5Pes2USE9qY04h4ZCZADzkdDv5cglaUzVjpRh1kP1eFfqO5-e6UrqYACx2njMjfP0NmhjOJ3l2KuPJ_0l5IYvLs1suPaDb-QJuJRItnKdTN4uL72wXjfCNEN9IQjHKHtK66pg15VkaZYVfVukiZQrXYtjpuSrgZkhqf7yCOMoy9Fttmj-jpymQL3R4PlPGMrO-19yg7lwgTu3L7XN_tsaW6XbFDsPvmmr31Zl6J55otz8r4720dcaanS3CArOU2g2uKasrrLtHK4Kb56QYEByJyBM3JmZ-dD__oQ3H8-6x-R-QnnQJDAgrSBvqU-qWnsXfnRjo5IyymvN7Iz0Q56opp31evpHoiGu9p1tLExkC0AaSwPGdFjg9LvnLyf0pQryUx9FZi18PGByjrPGnUdyzhGl0wQtAAzkLka0qbmA7i7Rm4kBQ9QZLYcFVi2kZCkRv8bgbOjS8eFARrII7umx7rG2oHIqI35Q7A2A7nWguM4hyfI-fxtU-OiCrS4yprn--qLBmzVP7CEecUbSeaQKqaG-c9OpiDAzWTbXXjK_aBSb6_brcvnP3YHExsH3hQsOoAhAyAJh7MQc-oRUNWH3RaLvi3T_czs44-Vt9Wx3uoO8RliHeNj_d8wan87J46jEkzQgabmMZy9t2_-o9AQgiLvHduuB5FGG7rXetjMRnOwvQHwfgW-eewFGMC31Z5AjOkZVqolm8jRUWJV-qYMUdcck8gVtZApweOW26SHea2Y6FJhyqeirgVRrbvqKr5qYKuTVILzAXq41l9Og_-1N5siVIvUoH4Kp7pOIJOqd2pTitxl8Y94MARdhxfoOWUIAlY3_2vz5NHmGSf5XXE09Bl95oEOXZ24PPUguVha6uO1-gfK5NZznRYG1sUH1NfiGgWBj3W_9ywCisItt9N-7SYIfQA389Llv9B0DJYIuMhN7H-kvyS5Dd7d1PWCwAriflKA04D4NPL3SGMHXKHh5bNFJYzGaVVayOzdQBOqEm7GECJykppEpwNH6kQCIPUcNj3V_66004jV7_Ta5lJ2d-vzBcDravFj-u1ZI9LbG_dKN_Fs0QaTWpGme60c3L69nfrYBA73FOebuFeMLMJGYvIhhBwJooYYT0AG1kCRlno0O1cngBeoTYoIdl_2ad7YoqYtyIXXp20HOQY67kxyj2Le0eMfyV0Pun7mWW5djBF9nM6KErNdhLXcSBb3GGvJKUNjXnj0hAoZlXvX99TaoKB6xFLIulyFwDbvxsSdJDFXXuiUTXvCoyzckgyj13d2hjBA80xxJ41x05bFJo6Gw62NP_7piGkUQl-e44oO1hETgfZ_9NRYGPO_bgQ6JAT-W219n2gGcm8DpSM9StmfFOSuAplXUinaxMMelVc193FmfgGmvvnBFos_o6JWAPF771kknPW_RZPmXS0tN9ZoDdDqkCcYbOIi4eOR8dOl_-e92vJ4f0FcnK5P-Q2LB2leo6IkiEi-9Ajco0iovhDszZiDPQdZjyt0_0Iwafrf6Ep44q6rro3z2sZxSTcnSWIajb0MEv4_tthdZ2vWbyhdcintbxXXvQD4gjJHEkukqbX6fZ6XpyR5TCNq6dMr-Kzuc5335WSLaBfHw6JKxO5bnAkn-hb_m7YvUCMbQS3R5EyA&cid=CAQSTwAvHhf_iPpGnkOWXQtg7VK4PfQW-LmmizbDEx0ExKjsAVzyadwcixtmc6yUehaeYdAXKmmlnCjOQyDimzPhW3l2e4OuUDU-xTIcHOpJp-4YAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fkrank.de%2F&ds=l&xdt=1&iif=1&cor=1064581815932469800&adk=3062569611&idt=93&cac=0&dtd=7

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

adf975f34a79e3892a2458d9815080b136b4a2bbeb97588918d05e2e360bec3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 17:03:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13889
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4A62 13 KB
5 KB 36ms
35ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://krank.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 12289
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 13:39:04 GMT
expires: Wed, 18 Dec 2024 13:39:04 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A170 829 B
560 B 47ms
46ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0ac3338ea07141915c27dc3c376ececa51364fda6191be42b721740a014ac7b2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-OdyHhF2QgXNfMXAZKtKXfw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://krank.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-OdyHhF2QgXNfMXAZKtKXfw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 17:03:53 GMT
expires: Tue, 19 Dec 2023 17:03:53 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 5C1A 23 KB
9 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 23:00:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65016
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Jan 2024 23:00:17 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 5C1A 8 KB
823 B 45ms
44ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 19 Dec 2023 17:03:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 19 Dec 2023 15:48:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 19 Dec 2023 17:03:53 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/ Frame 5C1A 15 KB
3 KB 122ms
36ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 03:05:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50279
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2920
x-xss-protection: 0
last-modified: Mon, 13 Nov 2023 11:34:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 03:05:54 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/ Frame 5C1A 376 KB
131 KB 123ms
37ms Script
text/javascript 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28c5732eefa979245ff326045f37b6b7cdfc92385c594caea33e265e4a066c7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 13:38:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 98695
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133672
x-xss-protection: 0
last-modified: Mon, 13 Nov 2023 11:34:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 Dec 2024 13:38:58 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 5C1A 20 KB
8 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54574
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Jan 2024 01:54:19 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 4A62 39 KB
15 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 11:16:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20841
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Dec 2024 11:16:32 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A170 0
0 70ms
69ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=4179629922089674&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame CB52 41 KB
14 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DAjESiOI4IR08-KXkUJXk7oKepnqTSXt5Y1Cy0OLjPAd7POlyYTb-vEdoicqpAupKD7TEnZju0k5lz0XhNVvpiUVeteKkoylspRgNwl5wPXM7TIsVIEuO-odQNU5rpYo7GnHYrw47N9olHa4kWCwJdKpFTLu86EnGRkPG1k1WezI1jrss&cry=1&dbm_d=AKAmf-DZq87Wz00H9tgQJ0U5u9cgLK52QxcxVp0g9-e7tKqz-fuZpvXfQ_a4ft1AMMB6IdUuYZBihxN9W1dN_-38A1hqiumY8Er69nlszsyvPc8Pr2cud21HkedO151Bryga640-zac26hZqD8JrkH85pFhAk4LkhNFyGJ-WLjmNL7bBGMxYQ6zMphDdXfXLoL9gZv9Vd1mMDl7g5ciLHDDsgs_SP7keTeWwJ4fMOEZEJZH8Hvg-3Zli5ivN1smTm4PXD8IAtC0inTW1iU731PTwwFh1ybDgJiiYbzHcWpJQUiwAhnmxnNjusoyUHFInFca_XkeMiWexhKyv7jUxOvbLj_NJzy2qwg8kO_BycF9l1GBUL-Rsz8OFOfepI7_eBBob8qHqGn-cjc0cJF-wW4uS-ZYflRPU4djTQ6bXlKl9GNOcdUcnM7HA1nE0v6jBMuIIMLH1Z9xHrRXbiTC9VJPFoh5yeYbU1yYI0v3X9Z5tja4MT9asbA9opR_ILCUd_g7gOhWZkUzLV-crAYvTZg_jQnh7I5havx329HR-jOv9t2v4OuDL24VH6IuiwLurAs-1dufPMZKc987pz0CfQAdoM5z9crMoa0yx1h88feyIZssZuNjPTA27-HRuE2NPijEy7Wuv2ulCGLjBwz8-0rFD9Nj2hxu78208pfJaBw72LoEaDzCgN_5ksQO13nuNoYk68Kiedflq4tIv_7xFexgbhwVWZSg8vLzJ-o3Zd7ohKhfPs57kyyxt3Gab-B8LOa38h_0AHjBTpLkvO8ixCy7jwQ5aRdEI71F4j_A_PBc1ZnMgD1qtzABnNHs4tk1QXChgD0PwnFp_hwFDqy5w1MQLKW3NkfRnRBLQM9OuY7SdCDykNHeMyWA_jjbu7RmjvPUv7EuawcixIakpT8c30g1KYB3lto8QFSvkLJ2ohcVVcfFnP7UngRzoX2azUZqCpthZfAM80PqvWsWE4bYKx3O_Yn8rtgawPjWPdkgQMNvvWiNh5YakgCHv1howw8V9k3RKRC1BnqPomhGvOwS4GjOIwleceS_wg8ifysoFygF3hAvzlr7s9ubIeDU0D167TsGC_DAk-_1YXWe-EOMSAq05cxFEaH6-rmTMBptGiiDEONcWCCB-HNfNFu0xguY5yZK3ohJbyjjFMDyfa6HV5Vp8GcLJm4XYIOfxjLmdPIC8uxxQ9--9kiE1SmcfTav4fdu6AVA6RbThuk_fAlTOAw2QbY0iHz-Y0mNDdeKy3Qaz6UgQijFI9zZXSpUq898awsNPkoancKWUf7AoXE6Rhb5u_T6J5tMtF00LhUd74tdyWeX8JFOTYqx5jeumMCmts5tRbYDNZLGjPjvr10N7K0tZmJlWRT1DqlFxTrJJU3gJ7VcSogY9sfmYHgoXQXX2h8EyPMM2IgzNrk4ap2apytH3Lgnh37WymoMCVyUs6EA7BBRJiLvqKLMr_8p7xzUopehFDZCeiafjpE4ULWq4QHZ7EEuUzjptYQYiN4WdfqTD2rlUBygXpljI1Yt6ce-iT_vlYoAoB1l3GZ1LQO4NQ_0LX-28RDhRrOC8ZJ6vMsZ24vB7GI5rXXG7nSoPEoX20HjusjiujwMtNK47noCW-ZNvlX5txdtW8qGxIkCu3ojX1MBaxJTW5O3ozBug8JISgQK8kKMMx2r2qTbe8jRrwsKNPo5FP9mItsFj5QIQCzTaLOpWdV7f0yuo2EgS-UHE8qLv7jMbiOLrWPMcHON0LfrZ9VPkwcjMJ5gICknNt2dS2v_qbRcw6F17oDYrTrX0c8Sv1_MJRwKbOP9PmxTBvB8I9jZ2FUTv3KdARKQIvIAw021w6jDX8KUcs6qj1yGzn1PWHgeDqaaDW4F5lh08tZtomYAE-mSVohRvP-zdovXEUvvZs-k_Astknxwtjnws0r7XHVYMM_Evvp39ZfaOmY-AhkU-DRlB0WtewpWGigjGrOnXCzXVVvbdMzanuw97w3vX2K7xoCgq2THgqdlhY3612Mgdh5gT-5qz5G9PiobqcdMGzJU5hWfX4MgwmILoVUuPNNT78MbCu4HD7muvpFAKje9lq4sFBLSPiqpsxJQhqBAAlMExykCrV6ZlHWvr4yrC0aEYZdpLklJduD3BYGm-rZUe5IY7DdEUZXoYY_j_cVpIXrWNPgfDg7WdipQeN0ApOZhBgbeG1BGGW5u3EyAU4FSSeNrxN0e1Ai5gV2_wAE18mu-kQn9nYeIT1uLwqzimpYEqI-QSsdkwH_orqVlGyPjT1VDxyK0IcNR3WVSTVG-7BdGe-JSzkBShSGahvVFEc-0kt9kBZFiQPa18opPC9owIXT0uIL8cR3VeI0uz9LSVChDkMALUfzqvylAqR4dAXAbtw0uKuh0XPNlEOm9btuC0fSLWX3NZ5kj773zD3VZNRl_3vK5Pes2USE9qY04h4ZCZADzkdDv5cglaUzVjpRh1kP1eFfqO5-e6UrqYACx2njMjfP0NmhjOJ3l2KuPJ_0l5IYvLs1suPaDb-QJuJRItnKdTN4uL72wXjfCNEN9IQjHKHtK66pg15VkaZYVfVukiZQrXYtjpuSrgZkhqf7yCOMoy9Fttmj-jpymQL3R4PlPGMrO-19yg7lwgTu3L7XN_tsaW6XbFDsPvmmr31Zl6J55otz8r4720dcaanS3CArOU2g2uKasrrLtHK4Kb56QYEByJyBM3JmZ-dD__oQ3H8-6x-R-QnnQJDAgrSBvqU-qWnsXfnRjo5IyymvN7Iz0Q56opp31evpHoiGu9p1tLExkC0AaSwPGdFjg9LvnLyf0pQryUx9FZi18PGByjrPGnUdyzhGl0wQtAAzkLka0qbmA7i7Rm4kBQ9QZLYcFVi2kZCkRv8bgbOjS8eFARrII7umx7rG2oHIqI35Q7A2A7nWguM4hyfI-fxtU-OiCrS4yprn--qLBmzVP7CEecUbSeaQKqaG-c9OpiDAzWTbXXjK_aBSb6_brcvnP3YHExsH3hQsOoAhAyAJh7MQc-oRUNWH3RaLvi3T_czs44-Vt9Wx3uoO8RliHeNj_d8wan87J46jEkzQgabmMZy9t2_-o9AQgiLvHduuB5FGG7rXetjMRnOwvQHwfgW-eewFGMC31Z5AjOkZVqolm8jRUWJV-qYMUdcck8gVtZApweOW26SHea2Y6FJhyqeirgVRrbvqKr5qYKuTVILzAXq41l9Og_-1N5siVIvUoH4Kp7pOIJOqd2pTitxl8Y94MARdhxfoOWUIAlY3_2vz5NHmGSf5XXE09Bl95oEOXZ24PPUguVha6uO1-gfK5NZznRYG1sUH1NfiGgWBj3W_9ywCisItt9N-7SYIfQA389Llv9B0DJYIuMhN7H-kvyS5Dd7d1PWCwAriflKA04D4NPL3SGMHXKHh5bNFJYzGaVVayOzdQBOqEm7GECJykppEpwNH6kQCIPUcNj3V_66004jV7_Ta5lJ2d-vzBcDravFj-u1ZI9LbG_dKN_Fs0QaTWpGme60c3L69nfrYBA73FOebuFeMLMJGYvIhhBwJooYYT0AG1kCRlno0O1cngBeoTYoIdl_2ad7YoqYtyIXXp20HOQY67kxyj2Le0eMfyV0Pun7mWW5djBF9nM6KErNdhLXcSBb3GGvJKUNjXnj0hAoZlXvX99TaoKB6xFLIulyFwDbvxsSdJDFXXuiUTXvCoyzckgyj13d2hjBA80xxJ41x05bFJo6Gw62NP_7piGkUQl-e44oO1hETgfZ_9NRYGPO_bgQ6JAT-W219n2gGcm8DpSM9StmfFOSuAplXUinaxMMelVc193FmfgGmvvnBFos_o6JWAPF771kknPW_RZPmXS0tN9ZoDdDqkCcYbOIi4eOR8dOl_-e92vJ4f0FcnK5P-Q2LB2leo6IkiEi-9Ajco0iovhDszZiDPQdZjyt0_0Iwafrf6Ep44q6rro3z2sZxSTcnSWIajb0MEv4_tthdZ2vWbyhdcintbxXXvQD4gjJHEkukqbX6fZ6XpyR5TCNq6dMr-Kzuc5335WSLaBfHw6JKxO5bnAkn-hb_m7YvUCMbQS3R5EyA&cid=CAQSTwAvHhf_iPpGnkOWXQtg7VK4PfQW-LmmizbDEx0ExKjsAVzyadwcixtmc6yUehaeYdAXKmmlnCjOQyDimzPhW3l2e4OuUDU-xTIcHOpJp-4YAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fkrank.de%2F&ds=l&xdt=1&iif=1&cor=1064581815932469800&adk=3062569611&idt=93&cac=0&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 341925
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Dec 2024 18:05:08 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMzAwNTQzMzUwMzk3NAogIHNlcnZlcl9pcDogMTM0MDYxNzQxCiAgcHJvY2Vzc19pZDogMzAwMzI2MDE3OAp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0...
ad.doubleclick.net/ddm/activity/ Frame CB52 0
868 B 159ms
70ms Image
image/png 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMzAwNTQzMzUwMzk3NAogIHNlcnZlcl9pcDogMTM0MDYxNzQxCiAgcHJvY2Vzc19pZDogMzAwMzI2MDE3OAp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiA4MzMzNzk0MTE2ODI1MDI4NjAxCmRlYnVnX2tleTogNTQzMTIwODI2NDY4NzIzMTM4CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BST0RVQ1RfVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX0RBVEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiMjAyMy0xMi0xOSIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRkxPT0RMSUdIVF9DT05GSUdfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDExODY4OTQzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0NPUkVfUExBVEZPUk1fU0VSVklDRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFURk9STV9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1FVRVJZX0NPVU5UUlkKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiVVMiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQUNFTUVOVF9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMzMyMTc1NDM3CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19BRFZFUlRJU0VSX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA4NzgyNDM2OTYKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0xJTkVfSVRFTV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTY2NjAxNDIwNjMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0NSRUFUSVZFX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA0MTYyMTY3ODcKICB9Cn0KYXJjaGV0eXBlX2lkOiAxMgphcmNoZXR5cGVfaWQ6IDEzCmFyY2hldHlwZV9pZDogMTQKYXJjaGV0eXBlX2lkOiAxNQphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2RlYnVnY29udmVyc2lvbmRvbWFpbjEuY29tIgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vZGVidWdjb252ZXJzaW9uZG9tYWluMi5jb20iCmltcHJlc3Npb25fZXZlbnRfcmVwb3J0aW5nX3dpbmRvd19kYXlzOiA0CmJyb3dzZXJfYXR0cmlidXRpb25fYXBpX3JlcXVlc3RfcHJvY2Vzc2luZ19iaXRzOiA3MzgxOTc1MDQK

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 17:03:53 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0xc806535ab67f4cf20000000000000000","13":"0x9c2f4c37340d27390000000000000000","14":"0x346f50f54d6cdb9d0000000000000000","15":"0xa0696562f32876ed0000000000000000"},"debug_key":"543120826468723138","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["11868943"]},"priority":"0","source_event_id":"8333794116825028601"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 33lgkyejwpt3 Show response
hal9000.redintelligence.net/zone/ Frame CB52 12 KB
4 KB 45ms
12ms Script
text/html 138.201.63.116
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/33lgkyejwpt3?subid=&gdpr=&gdpr_consent=&rnd=1703005432850686&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DChMqi-MyBZf71M9KL7_UPzpufsAum5b2gaZ2cnKfJD_AuEAEg4v30BWCV4pCCoAfIAQmpAgCIDL1wVbI-qAMByAObBKoEjwJP0GOD_rKDENoK51go69blR0NToT0yY20rjXfS8MFI3qVJXX6dVPCeMjYyjH_KAqq_zUoHyvWnexwNU_t-6MhJikBqEMOrCibnlIzMz7asIHvswU5tGmJShEKlv_rfTIJ0ETjjxdhjL1CW_HKxjCV2CLpUHcdRkryPdB9IuJTmqJtzq-s9vhtPCLN7c0gIx-ZGBN_N6jmJ6QhH3skuuiHc49_6mQfbx0MEE0MLDFEkjPYlVwVOS6LV1zMdfpRujrpT6W2bPQ6MBmJzMxs8tESCq1ssqPU1rRNIJ_RR2DtAyCSkZXYBuc3KF9eeeP_oyOw-uR1Wmb11veQ5kcrxur8DlWTE53Si5y-k1UyhfnQAwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WP2dgM_9m4MDgAoBmAsByAsBgAwBogwUKhIKEOS0sQLutbECtbixAqy6sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_iPpGnkOWXQtg7VK4PfQW-LmmizbDEx0ExKjsAVzyadwcixtmc6yUehaeYdAXKmmlnCjOQyDimzPhW3l2e4OuUDU-xTIcHOpJp-4YAQ%26sig%3DAOD64_0EN74tGcZuedovmjgHokNuvIEs_A%26client%3Dca-pub-7176323234405639%26dbm_c%3DAKAmf-Chu5NHS9zajdxQ_ETqDl1N-mYBvk80l64wpHmTHNuYz4gl8O_YY9sosGS7BgFpDC3uQHoo3HwdBMG4jf8qHNmqj9pbzEWC3vO1Vyk48tO1AYbER-_fadeK8u0oORgd76diOj3er6noVHI2hZGV4sAl56x66pwZQ9Q_GfnGCpc4FGSIw5g%26cry%3D1%26dbm_d%3DAKAmf-A1MuvhuH6hpQONKRil24qb43JGcJEW_0cmfzvLwQR3Am6SmJSmUw-zXfsEJa83JVr5JjekT_wHp1I7J6xkCx7qk6Orbi7mBB3YuGph_6Dx9oXghhgBU2wGfFFXD3OkqvwF1aRwFVnkIxwNM68fZ35QObLAybgy9Yk5fr9gVg1YabJAynTx8umaKU4TIAGpDHSIDLfI5Ahi24aqh1mkaPd19o5fjj4YlzzEXuH4Wkqf_nKN8uKVMS3yOwxbRwTk9h6xRNRfFUqJD74PRRTJQDLnDfSTGVipsNJvB5hBvFbDzOjRtyFISQoMUBkTd7_SFhm7BGT6HQu2_d0JHOyDYC05GvxjOhhZ4z6HOiG25wkjRghQdlEKSBoiutSfWzt__QIKqJuHlaPEO8ymym95LzzBQu3NUiIUk07_xn7JtkneHLCpIyh6gpswkeqJaXXJP00rqsT-7YgeuH3ObblXE9FLZ6vXobxINbgePuRrrVj4yS79mmC7ipcm5FQPd7neRAJAltRA9KizXAzQNj3cAnbGurDdyQmVBCEY51Va0mKVwtMsty4N04jB6tBZaAuMVVQ6wAFR%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.116 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.116.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 5582bbf1c3b406ffdbd9e1d13670811b5ead487a3ca596426772bd33103822ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 19 Dec 2023 17:03:53 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4231
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 23CA 38 KB
13 KB 35ms
35ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 28226
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 09:13:27 GMT
expires: Wed, 18 Dec 2024 09:13:27 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

request.php Show response
hal900014.redintelligence.net/ Frame CB52
Redirect Chain

https://hal900014.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=eae71e7683&subid=&uid=a5bead0f32d3cd36&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900014.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=eae71e7683&subid=&uid=a5bead0f32d3cd36&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

4 KB
2 KB

104ms
83ms

Script
application/x-javascript

176.9.26.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900014.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=eae71e7683&subid=&uid=a5bead0f32d3cd36&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DChMqi-MyBZf71M9KL7_UPzpufsAum5b2gaZ2cnKfJD_AuEAEg4v30BWCV4pCCoAfIAQmpAgCIDL1wVbI-qAMByAObBKoEjwJP0GOD_rKDENoK51go69blR0NToT0yY20rjXfS8MFI3qVJXX6dVPCeMjYyjH_KAqq_zUoHyvWnexwNU_t-6MhJikBqEMOrCibnlIzMz7asIHvswU5tGmJShEKlv_rfTIJ0ETjjxdhjL1CW_HKxjCV2CLpUHcdRkryPdB9IuJTmqJtzq-s9vhtPCLN7c0gIx-ZGBN_N6jmJ6QhH3skuuiHc49_6mQfbx0MEE0MLDFEkjPYlVwVOS6LV1zMdfpRujrpT6W2bPQ6MBmJzMxs8tESCq1ssqPU1rRNIJ_RR2DtAyCSkZXYBuc3KF9eeeP_oyOw-uR1Wmb11veQ5kcrxur8DlWTE53Si5y-k1UyhfnQAwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WP2dgM_9m4MDgAoBmAsByAsBgAwBogwUKhIKEOS0sQLutbECtbixAqy6sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_iPpGnkOWXQtg7VK4PfQW-LmmizbDEx0ExKjsAVzyadwcixtmc6yUehaeYdAXKmmlnCjOQyDimzPhW3l2e4OuUDU-xTIcHOpJp-4YAQ%26sig%3DAOD64_0EN74tGcZuedovmjgHokNuvIEs_A%26client%3Dca-pub-7176323234405639%26dbm_c%3DAKAmf-Chu5NHS9zajdxQ_ETqDl1N-mYBvk80l64wpHmTHNuYz4gl8O_YY9sosGS7BgFpDC3uQHoo3HwdBMG4jf8qHNmqj9pbzEWC3vO1Vyk48tO1AYbER-_fadeK8u0oORgd76diOj3er6noVHI2hZGV4sAl56x66pwZQ9Q_GfnGCpc4FGSIw5g%26cry%3D1%26dbm_d%3DAKAmf-A1MuvhuH6hpQONKRil24qb43JGcJEW_0cmfzvLwQR3Am6SmJSmUw-zXfsEJa83JVr5JjekT_wHp1I7J6xkCx7qk6Orbi7mBB3YuGph_6Dx9oXghhgBU2wGfFFXD3OkqvwF1aRwFVnkIxwNM68fZ35QObLAybgy9Yk5fr9gVg1YabJAynTx8umaKU4TIAGpDHSIDLfI5Ahi24aqh1mkaPd19o5fjj4YlzzEXuH4Wkqf_nKN8uKVMS3yOwxbRwTk9h6xRNRfFUqJD74PRRTJQDLnDfSTGVipsNJvB5hBvFbDzOjRtyFISQoMUBkTd7_SFhm7BGT6HQu2_d0JHOyDYC05GvxjOhhZ4z6HOiG25wkjRghQdlEKSBoiutSfWzt__QIKqJuHlaPEO8ymym95LzzBQu3NUiIUk07_xn7JtkneHLCpIyh6gpswkeqJaXXJP00rqsT-7YgeuH3ObblXE9FLZ6vXobxINbgePuRrrVj4yS79mmC7ipcm5FQPd7neRAJAltRA9KizXAzQNj3cAnbGurDdyQmVBCEY51Va0mKVwtMsty4N04jB6tBZaAuMVVQ6wAFR%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231207%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-2-%26adk%3D1812271804%26client%3Dca-pub-7176323234405639%26fa%3D4%26ifi%3D11%26uci%3Da!b%26btvi%3D5&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fkrank.de&random=1460736348042&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: HTTP/1.1
Server: 176.9.26.250 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.26.9.176.clients.your-server.de
Software: Apache /
Resource Hash: 9c67bd9283586303267078c965ea74d4f400c0f931b2a39f938eebcacd3bcbfb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 19 Dec 2023 17:03:53 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 39692800100716904444556012543014
Connection: close
Content-Length: 1328
Expires: Tue, 19 Dec 2023 17:03:53 +0100

Redirect headers

Pragma: no-cache
Date: Tue, 19 Dec 2023 17:03:53 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=eae71e7683&subid=&uid=a5bead0f32d3cd36&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DChMqi-MyBZf71M9KL7_UPzpufsAum5b2gaZ2cnKfJD_AuEAEg4v30BWCV4pCCoAfIAQmpAgCIDL1wVbI-qAMByAObBKoEjwJP0GOD_rKDENoK51go69blR0NToT0yY20rjXfS8MFI3qVJXX6dVPCeMjYyjH_KAqq_zUoHyvWnexwNU_t-6MhJikBqEMOrCibnlIzMz7asIHvswU5tGmJShEKlv_rfTIJ0ETjjxdhjL1CW_HKxjCV2CLpUHcdRkryPdB9IuJTmqJtzq-s9vhtPCLN7c0gIx-ZGBN_N6jmJ6QhH3skuuiHc49_6mQfbx0MEE0MLDFEkjPYlVwVOS6LV1zMdfpRujrpT6W2bPQ6MBmJzMxs8tESCq1ssqPU1rRNIJ_RR2DtAyCSkZXYBuc3KF9eeeP_oyOw-uR1Wmb11veQ5kcrxur8DlWTE53Si5y-k1UyhfnQAwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WP2dgM_9m4MDgAoBmAsByAsBgAwBogwUKhIKEOS0sQLutbECtbixAqy6sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_iPpGnkOWXQtg7VK4PfQW-LmmizbDEx0ExKjsAVzyadwcixtmc6yUehaeYdAXKmmlnCjOQyDimzPhW3l2e4OuUDU-xTIcHOpJp-4YAQ%26sig%3DAOD64_0EN74tGcZuedovmjgHokNuvIEs_A%26client%3Dca-pub-7176323234405639%26dbm_c%3DAKAmf-Chu5NHS9zajdxQ_ETqDl1N-mYBvk80l64wpHmTHNuYz4gl8O_YY9sosGS7BgFpDC3uQHoo3HwdBMG4jf8qHNmqj9pbzEWC3vO1Vyk48tO1AYbER-_fadeK8u0oORgd76diOj3er6noVHI2hZGV4sAl56x66pwZQ9Q_GfnGCpc4FGSIw5g%26cry%3D1%26dbm_d%3DAKAmf-A1MuvhuH6hpQONKRil24qb43JGcJEW_0cmfzvLwQR3Am6SmJSmUw-zXfsEJa83JVr5JjekT_wHp1I7J6xkCx7qk6Orbi7mBB3YuGph_6Dx9oXghhgBU2wGfFFXD3OkqvwF1aRwFVnkIxwNM68fZ35QObLAybgy9Yk5fr9gVg1YabJAynTx8umaKU4TIAGpDHSIDLfI5Ahi24aqh1mkaPd19o5fjj4YlzzEXuH4Wkqf_nKN8uKVMS3yOwxbRwTk9h6xRNRfFUqJD74PRRTJQDLnDfSTGVipsNJvB5hBvFbDzOjRtyFISQoMUBkTd7_SFhm7BGT6HQu2_d0JHOyDYC05GvxjOhhZ4z6HOiG25wkjRghQdlEKSBoiutSfWzt__QIKqJuHlaPEO8ymym95LzzBQu3NUiIUk07_xn7JtkneHLCpIyh6gpswkeqJaXXJP00rqsT-7YgeuH3ObblXE9FLZ6vXobxINbgePuRrrVj4yS79mmC7ipcm5FQPd7neRAJAltRA9KizXAzQNj3cAnbGurDdyQmVBCEY51Va0mKVwtMsty4N04jB6tBZaAuMVVQ6wAFR%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231207%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-2-%26adk%3D1812271804%26client%3Dca-pub-7176323234405639%26fa%3D4%26ifi%3D11%26uci%3Da!b%26btvi%3D5&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fkrank.de&random=1460736348042&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Tue, 19 Dec 2023 17:03:53 +0100

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0AE8 0
20 B 66ms
65ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8677001633348&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 17:03:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0AE8 0
20 B 66ms
66ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8677001633348&version=m202309260101&ct=77&x=1&cor=11330648608070371000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 17:03:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 0AE8 34 KB
19 KB 67ms
67ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BhcVss10iPk1ZHs5_BvIKiOAXLzTENtjoNvQz55mY6Idl20H3woB52ZRlwr_ezfUNTj7yRGSbGHJpp3wj1xSlg3zdJ8HzY5sOkm-ZTMs-nU_gfkhCf2MyucY6jlY7KGbWm6YuulUlY3rlFIl6u6em9N7GqqIQfXbCTZTl-Le2YKuhdo4I&cry=1&dbm_d=AKAmf-BisM45uZTyz20EzWmyy_Axgg85tk4rnqJO6YH0oVqGvN-lFKWxKNjZNIZjXsQaqBUhM0ii9YJ2u9kKbOp3S9A8iU7onoMI0Hh38C4xqodWGIe6-efe-FXSsJXHsua2zyrm5aVf5pA2A8cAAYONGDW9sCSwCRISjevUc6GvntFG9fe9gQk5YqOlIxXXaJZIFZLx6d1uKeLPgn9dhoKud_eoZz6CaB7UZlhmNhixTubIxwl9_g6CumchrOA1qxIDPfZzvS9LPE0VJrw9PZOTrsmPvklX_Wa3MlnXrOOAl90fUIDHrrR3oINBA7Jx3KAuSS9RhD9nNsPqLND8dHG4P7VSgWbPWPUH6Uq-x1JYV14QuVTAvORulEqlsvnJwpTFs7IqidsF-Gnd6eYAbXyJ_m8Qm9zU_uoj36Pxpj4Wxw0YzA3lRrgO3GSDs6buwzyyEN-MPCNIIXmuAmJG4wahU6O0xchBQ4kqEazw9MjPnen1o9yJXrphN3cwNa4kg2vkrbhvcNXjyAQykzQDuQNcPH4uv2EFsiZBzVVXLwcxQNKZscvIOknZzztdR-UdP-uL681SQXwa9JuzD4ISByzoJ5aLUcvwNqLAGOP37IiaJC-ve1Voz2G-aQr6ACwZgdc6ZBB7vH6SBpPTPeb36EtjZ4vkuZs78z546qj8OdoJc7grxBxhOO_L0Ip7jRuhdyiyDIKviWpuh3iJMW7VG4k_Py9eoRD-xdmtnZRSdZVeVxwZTbSgiAmlmAVbQap8xwTKp6ogvPpo7JvSxkDsDhfPx8djZVLYuYM2JaTjft9RItZLufOp7lsm87h1nDs64eiig-x77j0qtUpFRqWJ8Vzu4EZygcBqA_BzN_8FMak3Y-3NAk3UDvjuZaW1OXfeBgK2zz1ZXrQmZjcC3hwHr0m369v--2eBZMLFm7zljAtFzCSJppYAKbxjeY0UC0kxWobwPEFvDJ6TGK-QUi7Hd7fEgtKz-3tGynqD2EiGgsAi9xPJr_Hm-FiWK-OD9FfyRRpjbnmVWFftaI_Z4X9mVxZq5e3DdS_ZxtFKxG1RMXzSE2KCAKDAvzqyvgR8cagUYJbabR1EVW8MVJByp9hR52qT1PrYlM17QUBy5aWzKsqdl1zyFcE56VfI4S-rJQWFOM4T3RMnDjUl7FdqUiTWx6SRQKhkRDyNwVQ5AkzHKQN13hSqkoGkTe2IQ-X6wNvz5MxMO6zR2ZdGCc0eoj_F3Qc16pJMlNiQpEIhW7de7PhNYzaNRSzzl1KgpFqzIyQ7AK6i5TjXbrNjM77UwCEJsbGA2M7hyQjLRhM4YLE5A1-RTODemkb88fE6EGwwTnRHbIYh4ddnU9d3gmhqhoKoICYYTUnrqXdOdJuhPZ8QxuL6XNsHPVUgJPoley_h0QZd2TeL9sOker9ZVexrntrRdfMZgnXaSkY4osAsn92PG5bhORYLtwle3oBdAp1lCUpF20FSKoGdf6DieFEQTcfGo-r_hhA7fBYN6zEMtKOGEcnwg1SVXkkFz9qiGo6q2usK1tWdmn_6vp1Tqosh6TQIgZ5uBQ7S0OkVJtEubKCuhjEB41fyHSYmKge5AEOfxxknaIjnj_F-VflYm6zo7UPnMqjzGQtaI7LCLYLJbt7Q06JPlkFwRQZ1mP9sHrAlsn9HyGzqsdNqApkoQPP_KAJ0197Zv-46eIznqdq2AJ2w5s0OaBCD6fXeeGRWX2pGIK-ti9lzqfSYQk1JROFnjt-SEMC6VR6JHouIaAk5zAboggyzDdFY9ss_URTvw8hn5PxnDg7j2chWkEm4xRBUOKIz_TJx_Rec4YMtp0DuEzMwSQ9KKbqAmFfbhUnc3mwBPhZkTvcJDArp0CAzo5yiRExntFQa_RJjY7f5ZrA8rlbofWz9QhNhciQfYwzpmpE1CDWbWzMMPMmbyV35Lz0nryalKXXQKw4SqgQRgks_vUdkUr8tfzgmYLwBW-5MZj2X9N3cwYirJSRD4FQsXXGOASY7KiQrONSm2UQ43CjhIZ3zTJjp9ycYrwYahbpJc3JgIca1Y53IlkbIkCUVzPwLnKKgfqQrv5bgLDYlITA8SdGWatW3o6xA3a2nkn7cHOTDikSe04VhUwx7w_pGvPUDGeVNPfesY0Gr5GbNqex2JGIhgM_pQwRUhs4gaeFCubWqWAvo_71epOj_mlha2pE0ELjOOd3fPUj0FE2Kjle8dp1wNxyaiahTGUl8flvIK_vVgySq6_KSTbX8lDbZZTTPkaMvQVIbXqZz3WF27o1Wju_FcDau_jOoOiwBDE6F3R4NRmbakm4w4drSF7ddb6ELtS7Nq7x9pz4TPAx5slTTDqPxGF4Kc2VRfvrzNGNZvtcY3GtqOUcLpboDRY41h8_BIlLc3lVnA7FkbLwxq14QksIybI9OK47xBWvxmzZydJELlHVCFO7v3fAkhqf_BsknGq9yytdY8SmWB701c5u-q2Bil0yCpU6OMe2FD17Bj_NeP2mGIkuxMAP2G4V7im0CXimHS0QIIv9JEbFNR1SoUhL1rlwnmA13Q4dc-x2W4WLf5Q_fbJTq16iAB6YiwTfJto4y50FnTfIFJhJ1j9gfx8l5mjNWfb60xuuZNRcXpLcgxq7TjWqVXBpwyJ19H6hbPH4FRTUHj1IWm-6sDDYYtcjIJfxjyuL3e1DmMWF8FjDb1KTtY-6bCqc2TI08djO3e4t-iY4acLwexIM-IBqQm30zDA80TK-h-bCnEGCyrFBSXHStjTrEOUBA8WZE1ioEF1R1CoPttdIL7q9bf55OtOeIF_TeV4prjdxgl2jpeu6CRaSPOz99saX2guGa2N27NEWQNOm9Atdd4js1SaXppvOG6dpYSZQ_-GZL-3myAfMSbCeqaR8fv3OUkbQRxffrzQaQIrua2esaPGATXTUEOQLEJsNDFd73I4JflP7nXN3ThtWCMz9FSxwd5Lfk67jlF8JeHlmrwokYHpVqfRjx3ojf-EbNiyuyFvMFdAX368M4l6BgRGAKWPxqWhyae7cc1GY0Du1ahXwpy2_bEACGn_uE9YOjz4CrQqig_mZUVG8tB8c5iYROaWoBDmTlaBQMc4gIxIyvmEQTzYMRgGLJXsVbKJ9FsO436cu7dbZEXHG42GTbDcE774ZMIYWap-GF0IZEsRhCbwkwO-nts-qFHv0w2Py6UNNIljX9AsZ1y4owZ1h-h_LajIvDSJFKXLwEi1VLz98IpZXpLrfZZsOYoaEtTDFMkIfoXvD97r2sg-G6KG_9jbG3MC1U1wQggZGX5OGDzTUyYfcSHJnA50S2Rik4BQnymifwwovnMwAwl1YTjBIJSsH9tM2QFAXBlVeSgOVRWL37UMYtEi_CXyRyuhygrsgjAl5I9eeK7scc9b2C6cv4K46RrZQ_QKDQh8nL72oJ7_rCyyaVusvDtkoQ8YgSNu-WVdKvOXssyHdVllXSKHUlNVUUhRavhKO_MtiT0eihVobn93YyCieOBxeYLK3v5aD8EEp-r6zDhWT_GEqaWTpy1yHWqguIhfKbdiMOh1STWhq1nLrer3Bfm555pWTogIggz_odi_cG2NCZIxguJ8ymc7kJ_xhd69zu-notrl9jAE9XMG-qtolNCwb9Y_qklhRpvcf-C9iV0CSVqLCFYTJVRwpxceVZa6wc_mkwpUyuVzqiok5-HUNQk0Q5LIiIK9ORZTgxEimUwt0U8MKCEjTaLu9h1fClvu4mH13OHnKv3ng2NZU-W1NXNlYAXRNMAOejDPjMG2JsjlOItPbfuxmzMPc1rcfgrg8b4zN335D4HWiS-9855bm2phAsqnBavCREblclC7k3jPCydXCALB47GbE95CH3NSXRLkgoz6Je84lOmAeXq5xFCT8Y7c5vpwrAYAehgpS-OrlE_oUFg5CB4FzX-7-qpTfVDwPb-avPk_u_Vsigk0VuULOkUFPAcUkV9U-MC9Fz5lrGn58S9a7QNx5Mp7fC_G58IL4kRrJ_FFhqRtrXB9RQQ1T2Th-nHjbCPIAwXzM9fmdMXfFWx_zSx2B-TEk0pHxvVLhkn9UIifCAyaFtWUU3UWO-vhRf7rA0J5Tanc57AsQ&cid=CAQSTwAvHhf_iPpGnkOWXQtg7VK4PfQW-LmmizbDEx0ExKjsAVzyadwcixtmc6yUehaeYdAXKmmlnCjOQyDimzPhW3l2e4OuUDU-xTIcHOpJp-4YAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fkrank.de%2F&ds=l&xdt=1&iif=1&cor=11330648608070371000&adk=1935140219&idt=231&cac=0&dtd=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

adf617fd002c6a4d5e9961270bcb6b3933aff9b9212d3ae268da98d305b0032e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 17:03:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19890
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 224B 436 B
233 B 356ms
356ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7176323234405639&output=html&h=280&adk=1451227432&adf=4003555302&pi=t.aa~a.3479421391~i.34~rp.4&w=1140&fwrn=4&fwrnh=100&lmt=1703005433&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8954591145&ad_type=text_image&format=1140x280&url=https%3A%2F%2Fkrank.de%2Fproduktcheck%2Fvixan%2F&ea=0&fwr=0&pra=3&rh=200&rw=1140&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703005433201&bpp=1&bdt=957&idt=0&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D280d198f35ef14ab%3AT%3D1703005433%3ART%3D1703005433%3AS%3DALNI_MZkZmmDfd0IpYA5gsHEYaQonRfc3Q&gpic=UID%3D00000d21bb029fba%3AT%3D1703005433%3ART%3D1703005433%3AS%3DALNI_MaVuM8Nv7UaMLTXiYV1bYztsc-SDA&prev_fmts=0x0%2C1140x280%2C1140x280%2C1140x280%2C1140x280%2C1600x1200%2C160x600%2C728x90&nras=9&correlator=4542955141207&frm=20&pv=1&ga_vid=1510633034.1703005432&ga_sid=1703005433&ga_hid=1014792333&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=3999&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44798934%2C95320885&oid=2&pvsid=4179629922089674&tmod=1913693384&uas=0&nvt=1&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=7&uci=a!7&btvi=7&fsb=1&dtd=451

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fe6d9c86fdd5027d5612a2caa2648289b934cc7b8a324f32514c04eaf815644

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://krank.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 17:03:53 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4A62 0
10 B 35ms
35ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?MyZOUw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 17:03:53 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 23CA 39 KB
15 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 11:16:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20841
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Dec 2024 11:16:32 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 0AE8 31 KB
12 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BhcVss10iPk1ZHs5_BvIKiOAXLzTENtjoNvQz55mY6Idl20H3woB52ZRlwr_ezfUNTj7yRGSbGHJpp3wj1xSlg3zdJ8HzY5sOkm-ZTMs-nU_gfkhCf2MyucY6jlY7KGbWm6YuulUlY3rlFIl6u6em9N7GqqIQfXbCTZTl-Le2YKuhdo4I&cry=1&dbm_d=AKAmf-BisM45uZTyz20EzWmyy_Axgg85tk4rnqJO6YH0oVqGvN-lFKWxKNjZNIZjXsQaqBUhM0ii9YJ2u9kKbOp3S9A8iU7onoMI0Hh38C4xqodWGIe6-efe-FXSsJXHsua2zyrm5aVf5pA2A8cAAYONGDW9sCSwCRISjevUc6GvntFG9fe9gQk5YqOlIxXXaJZIFZLx6d1uKeLPgn9dhoKud_eoZz6CaB7UZlhmNhixTubIxwl9_g6CumchrOA1qxIDPfZzvS9LPE0VJrw9PZOTrsmPvklX_Wa3MlnXrOOAl90fUIDHrrR3oINBA7Jx3KAuSS9RhD9nNsPqLND8dHG4P7VSgWbPWPUH6Uq-x1JYV14QuVTAvORulEqlsvnJwpTFs7IqidsF-Gnd6eYAbXyJ_m8Qm9zU_uoj36Pxpj4Wxw0YzA3lRrgO3GSDs6buwzyyEN-MPCNIIXmuAmJG4wahU6O0xchBQ4kqEazw9MjPnen1o9yJXrphN3cwNa4kg2vkrbhvcNXjyAQykzQDuQNcPH4uv2EFsiZBzVVXLwcxQNKZscvIOknZzztdR-UdP-uL681SQXwa9JuzD4ISByzoJ5aLUcvwNqLAGOP37IiaJC-ve1Voz2G-aQr6ACwZgdc6ZBB7vH6SBpPTPeb36EtjZ4vkuZs78z546qj8OdoJc7grxBxhOO_L0Ip7jRuhdyiyDIKviWpuh3iJMW7VG4k_Py9eoRD-xdmtnZRSdZVeVxwZTbSgiAmlmAVbQap8xwTKp6ogvPpo7JvSxkDsDhfPx8djZVLYuYM2JaTjft9RItZLufOp7lsm87h1nDs64eiig-x77j0qtUpFRqWJ8Vzu4EZygcBqA_BzN_8FMak3Y-3NAk3UDvjuZaW1OXfeBgK2zz1ZXrQmZjcC3hwHr0m369v--2eBZMLFm7zljAtFzCSJppYAKbxjeY0UC0kxWobwPEFvDJ6TGK-QUi7Hd7fEgtKz-3tGynqD2EiGgsAi9xPJr_Hm-FiWK-OD9FfyRRpjbnmVWFftaI_Z4X9mVxZq5e3DdS_ZxtFKxG1RMXzSE2KCAKDAvzqyvgR8cagUYJbabR1EVW8MVJByp9hR52qT1PrYlM17QUBy5aWzKsqdl1zyFcE56VfI4S-rJQWFOM4T3RMnDjUl7FdqUiTWx6SRQKhkRDyNwVQ5AkzHKQN13hSqkoGkTe2IQ-X6wNvz5MxMO6zR2ZdGCc0eoj_F3Qc16pJMlNiQpEIhW7de7PhNYzaNRSzzl1KgpFqzIyQ7AK6i5TjXbrNjM77UwCEJsbGA2M7hyQjLRhM4YLE5A1-RTODemkb88fE6EGwwTnRHbIYh4ddnU9d3gmhqhoKoICYYTUnrqXdOdJuhPZ8QxuL6XNsHPVUgJPoley_h0QZd2TeL9sOker9ZVexrntrRdfMZgnXaSkY4osAsn92PG5bhORYLtwle3oBdAp1lCUpF20FSKoGdf6DieFEQTcfGo-r_hhA7fBYN6zEMtKOGEcnwg1SVXkkFz9qiGo6q2usK1tWdmn_6vp1Tqosh6TQIgZ5uBQ7S0OkVJtEubKCuhjEB41fyHSYmKge5AEOfxxknaIjnj_F-VflYm6zo7UPnMqjzGQtaI7LCLYLJbt7Q06JPlkFwRQZ1mP9sHrAlsn9HyGzqsdNqApkoQPP_KAJ0197Zv-46eIznqdq2AJ2w5s0OaBCD6fXeeGRWX2pGIK-ti9lzqfSYQk1JROFnjt-SEMC6VR6JHouIaAk5zAboggyzDdFY9ss_URTvw8hn5PxnDg7j2chWkEm4xRBUOKIz_TJx_Rec4YMtp0DuEzMwSQ9KKbqAmFfbhUnc3mwBPhZkTvcJDArp0CAzo5yiRExntFQa_RJjY7f5ZrA8rlbofWz9QhNhciQfYwzpmpE1CDWbWzMMPMmbyV35Lz0nryalKXXQKw4SqgQRgks_vUdkUr8tfzgmYLwBW-5MZj2X9N3cwYirJSRD4FQsXXGOASY7KiQrONSm2UQ43CjhIZ3zTJjp9ycYrwYahbpJc3JgIca1Y53IlkbIkCUVzPwLnKKgfqQrv5bgLDYlITA8SdGWatW3o6xA3a2nkn7cHOTDikSe04VhUwx7w_pGvPUDGeVNPfesY0Gr5GbNqex2JGIhgM_pQwRUhs4gaeFCubWqWAvo_71epOj_mlha2pE0ELjOOd3fPUj0FE2Kjle8dp1wNxyaiahTGUl8flvIK_vVgySq6_KSTbX8lDbZZTTPkaMvQVIbXqZz3WF27o1Wju_FcDau_jOoOiwBDE6F3R4NRmbakm4w4drSF7ddb6ELtS7Nq7x9pz4TPAx5slTTDqPxGF4Kc2VRfvrzNGNZvtcY3GtqOUcLpboDRY41h8_BIlLc3lVnA7FkbLwxq14QksIybI9OK47xBWvxmzZydJELlHVCFO7v3fAkhqf_BsknGq9yytdY8SmWB701c5u-q2Bil0yCpU6OMe2FD17Bj_NeP2mGIkuxMAP2G4V7im0CXimHS0QIIv9JEbFNR1SoUhL1rlwnmA13Q4dc-x2W4WLf5Q_fbJTq16iAB6YiwTfJto4y50FnTfIFJhJ1j9gfx8l5mjNWfb60xuuZNRcXpLcgxq7TjWqVXBpwyJ19H6hbPH4FRTUHj1IWm-6sDDYYtcjIJfxjyuL3e1DmMWF8FjDb1KTtY-6bCqc2TI08djO3e4t-iY4acLwexIM-IBqQm30zDA80TK-h-bCnEGCyrFBSXHStjTrEOUBA8WZE1ioEF1R1CoPttdIL7q9bf55OtOeIF_TeV4prjdxgl2jpeu6CRaSPOz99saX2guGa2N27NEWQNOm9Atdd4js1SaXppvOG6dpYSZQ_-GZL-3myAfMSbCeqaR8fv3OUkbQRxffrzQaQIrua2esaPGATXTUEOQLEJsNDFd73I4JflP7nXN3ThtWCMz9FSxwd5Lfk67jlF8JeHlmrwokYHpVqfRjx3ojf-EbNiyuyFvMFdAX368M4l6BgRGAKWPxqWhyae7cc1GY0Du1ahXwpy2_bEACGn_uE9YOjz4CrQqig_mZUVG8tB8c5iYROaWoBDmTlaBQMc4gIxIyvmEQTzYMRgGLJXsVbKJ9FsO436cu7dbZEXHG42GTbDcE774ZMIYWap-GF0IZEsRhCbwkwO-nts-qFHv0w2Py6UNNIljX9AsZ1y4owZ1h-h_LajIvDSJFKXLwEi1VLz98IpZXpLrfZZsOYoaEtTDFMkIfoXvD97r2sg-G6KG_9jbG3MC1U1wQggZGX5OGDzTUyYfcSHJnA50S2Rik4BQnymifwwovnMwAwl1YTjBIJSsH9tM2QFAXBlVeSgOVRWL37UMYtEi_CXyRyuhygrsgjAl5I9eeK7scc9b2C6cv4K46RrZQ_QKDQh8nL72oJ7_rCyyaVusvDtkoQ8YgSNu-WVdKvOXssyHdVllXSKHUlNVUUhRavhKO_MtiT0eihVobn93YyCieOBxeYLK3v5aD8EEp-r6zDhWT_GEqaWTpy1yHWqguIhfKbdiMOh1STWhq1nLrer3Bfm555pWTogIggz_odi_cG2NCZIxguJ8ymc7kJ_xhd69zu-notrl9jAE9XMG-qtolNCwb9Y_qklhRpvcf-C9iV0CSVqLCFYTJVRwpxceVZa6wc_mkwpUyuVzqiok5-HUNQk0Q5LIiIK9ORZTgxEimUwt0U8MKCEjTaLu9h1fClvu4mH13OHnKv3ng2NZU-W1NXNlYAXRNMAOejDPjMG2JsjlOItPbfuxmzMPc1rcfgrg8b4zN335D4HWiS-9855bm2phAsqnBavCREblclC7k3jPCydXCALB47GbE95CH3NSXRLkgoz6Je84lOmAeXq5xFCT8Y7c5vpwrAYAehgpS-OrlE_oUFg5CB4FzX-7-qpTfVDwPb-avPk_u_Vsigk0VuULOkUFPAcUkV9U-MC9Fz5lrGn58S9a7QNx5Mp7fC_G58IL4kRrJ_FFhqRtrXB9RQQ1T2Th-nHjbCPIAwXzM9fmdMXfFWx_zSx2B-TEk0pHxvVLhkn9UIifCAyaFtWUU3UWO-vhRf7rA0J5Tanc57AsQ&cid=CAQSTwAvHhf_iPpGnkOWXQtg7VK4PfQW-LmmizbDEx0ExKjsAVzyadwcixtmc6yUehaeYdAXKmmlnCjOQyDimzPhW3l2e4OuUDU-xTIcHOpJp-4YAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fkrank.de%2F&ds=l&xdt=1&iif=1&cor=11330648608070371000&adk=1935140219&idt=231&cac=0&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

565592ede82822decb298ebd1e6f56e9c6a680b1a79cd4208513a834295e4c43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 20:42:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73286
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11872
x-xss-protection: 0
server: cafe
etag: 16225921609732785849
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Jan 2024 20:42:27 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 0AE8 41 KB
14 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 341925
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Dec 2024 18:05:08 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMzAwNTQzMzY2NTMyNAogIHNlcnZlcl9pcDogMTM5Nzk4MzkxCiAgcHJvY2Vzc19pZDogMjkzNjM3MzA5MQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiA5MzI2NDY1...
ad.doubleclick.net/ddm/activity/ Frame 0AE8 0
500 B 70ms
70ms Image
image/png 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMzAwNTQzMzY2NTMyNAogIHNlcnZlcl9pcDogMTM5Nzk4MzkxCiAgcHJvY2Vzc19pZDogMjkzNjM3MzA5MQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiA5MzI2NDY1CmFkdmVydGlzZXJfZG9tYWluOiAiaHR0cHM6Ly9hY2VyLmNvbSIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiA2MjU2NDg2ODc2MjI2NjM4NDkyCmRlYnVnX2tleTogMjk1ODg1NTE4ODI2ODc4NjY5NwppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QUk9EVUNUX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9EQVRFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIjIwMjMtMTItMTkiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0ZMT09ETElHSFRfQ09ORklHX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA5MzI2NDY1CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0NPUkVfUExBVEZPUk1fU0VSVklDRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFURk9STV9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1FVRVJZX0NPVU5UUlkKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiVVMiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQUNFTUVOVF9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMjc5MDkzNjgyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19BRFZFUlRJU0VSX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA0MzA1MjQzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19MSU5FX0lURU1fSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDI4NzIxMjk3CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19DUkVBVElWRV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMjY4Nzc3Njk1CiAgfQp9CmFyY2hldHlwZV9pZDogMTIKYXJjaGV0eXBlX2lkOiAxMwphcmNoZXR5cGVfaWQ6IDE0CmFyY2hldHlwZV9pZDogMTUKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2FjZXIuY29tIgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vbGl6ZW5zaW8uZGUiCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9lc2V0LmNvbSIKaW1wcmVzc2lvbl9ldmVudF9yZXBvcnRpbmdfd2luZG93X2RheXM6IDQKYnJvd3Nlcl9hdHRyaWJ1dGlvbl9hcGlfcmVxdWVzdF9wcm9jZXNzaW5nX2JpdHM6IDczODE5NzUwNAo

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 17:03:53 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0x769a4da34e03e9f10000000000000000","13":"0x505bcd72d92fd3d90000000000000000","14":"0xdfaa47eb4b29b2160000000000000000","15":"0x7c7fffe261a669b0000000000000000"},"debug_key":"2958855188268786697","debug_reporting":true,"destination":"https://acer.com","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["9326465"]},"priority":"0","source_event_id":"6256486876226638492"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 0AE8 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56797a8d28dc6d260778a8d84c1296f517ed4da1f354e761313b4dbb8f6a2db7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 csi
csi.gstatic.com/ Frame 5C1A 0
234 B 97ms
34ms Ping
image/gif 2a00:1450:4013:c05::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lqclgqld&c=2202028893265&slotId=1101014446632.5&qqid=CPzRgM_9m4MDFdLFuwgdzs0Htg&fb=outstream-lima&sei=44752538%2C44807615%2C75259414%2C324123032%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4013:c05::5e Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 17:03:53 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5C1A 0
20 B 67ms
67ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CE76W-MyBZfz1M9KL7_UPzpufsAuFhdHXdMWAsbOBEv_1kOPXAhABIOL99AVgleKQgqAHyAEFqQIAiAy9cFWyPqgDAcgDmwSqBJMCT9BGZAFakssE-S_iM5b8VoCiCcJ1tsIH0RgkEGNmI3c-hypf0X5RsykMT3PaFiheXrXwXeqbZqqUehU70igEhDdvOoq3Jmjlz9yvcdVViP0lkV9j-zZAUS2QIiZb8ddibvxBqx-piSTws017F93MpypPd-egIMNux74M1Mv5449x1gQIw0oOkLufigI21JIL9MXO6Y0dEWMNjk61rngy3zpPuc6d69hKYyr7jB44zTtdGCfsY_6BO6aDNfQR5f7IqBjRlXYaffHQjmvxwKOiInimTAyT133POpM8kcNKFO_cTq-f7CwCoAB6apzepGy1IfJ-rBPCJ95zLI4vcy6pmBDpsy7eH0yPLx-1zGbnlFwatwLABNiTm_vPBOAEA4gFycLp0k2QBgGgBnaAB5yxjrcEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY_Z2Az_2bgwOACgHICwHgCwGADAGiDBQqEgoQ5LSxAu61sQK1uLECrLqxAqoNAkRFsBOIp_IVyBPRpIPkA9ATANgTCogUBdgUAdAVAfgWAYAXAegXBQ&eventType=clickstring&clientTime=1703005433766&ai=CE76W-MyBZfz1M9KL7_UPzpufsAuFhdHXdMWAsbOBEv_1kOPXAhABIOL99AVgleKQgqAHyAEFqQIAiAy9cFWyPqgDAcgDmwSqBJMCT9BGZAFakssE-S_iM5b8VoCiCcJ1tsIH0RgkEGNmI3c-hypf0X5RsykMT3PaFiheXrXwXeqbZqqUehU70igEhDdvOoq3Jmjlz9yvcdVViP0lkV9j-zZAUS2QIiZb8ddibvxBqx-piSTws017F93MpypPd-egIMNux74M1Mv5449x1gQIw0oOkLufigI21JIL9MXO6Y0dEWMNjk61rngy3zpPuc6d69hKYyr7jB44zTtdGCfsY_6BO6aDNfQR5f7IqBjRlXYaffHQjmvxwKOiInimTAyT133POpM8kcNKFO_cTq-f7CwCoAB6apzepGy1IfJ-rBPCJ95zLI4vcy6pmBDpsy7eH0yPLx-1zGbnlFwatwLABNiTm_vPBOAEA4gFycLp0k2QBgGgBnaAB5yxjrcEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY_Z2Az_2bgwOACgHICwHgCwGADAGiDBQqEgoQ5LSxAu61sQK1uLECrLqxAqoNAkRFsBOIp_IVyBPRpIPkA9ATANgTCogUBdgUAdAVAfgWAYAXAegXBQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 17:03:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 5C1A 0
54 B 93ms
34ms Ping
image/gif 2a00:1450:4013:c05::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lqclgqli&c=2202028893265&slotId=1101014446632.5&qqid=CPzRgM_9m4MDFdLFuwgdzs0Htg&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.qh&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4013:c05::5e Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 17:03:53 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 5C1A 31 KB
18 KB 125ms
60ms XHR
text/xml 74.125.133.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-BrYbAN7Zq5S_u-oXQhzubwZxXFefLBM7iu2Wd2IL15den0TJKI87EvcJD4S5W9PGMJnbuv3dqES-yFPrHGo5eCTiQwqw&cry=1&dbm_d=AKAmf-AEDFNb2pYfl-iJbWNbBo560eFrPmoGPRjhNO1NJrMUVwT3jZvTRj_RDtYl-NETgBUzpICJcMe8sGAhDyT1N_DCklbQOOswHffFq601qpJ0q2dxvTSOgUapfTdM1BBZJ47LBCq2WqNIGhf3NFX-sNXznXKVw8SW_YExjrMa1J1is-X-neYZubBgH-YONc-zxCAP8Qip0SZphfJbv8JolnV72IdTmLUTgisON3W1yQw3WIT86jx76oTVzeJTF9DSm-bYCPOa5LhcaigLSxe06v3-337StRfB4AIlv8x9JhahY6E6r7SEzhc64BtcI7CUeo1xwzNhXfod6xf9_9Khpb_cQYeT541y0igLWhHOLbEYpTFlMpri87EwEPTK8xOgFdqRK7t9D325bsE1zsRLROqEPDIBx4e-Dy8Jsr9R6KwEXHcd1t_b7eXF1GprML85Kps7vWWcuiwXQ9FuKcEWNggMflmZdsbOQw28-APNxhKYFIi4zZsvtxWMskvsL8t8-3f7vapQBwiwMvgtVdRo_HRr_0qePZEP0seuXLoA8mfJCunIGn1KdkDnVgMFjIZsk440hKBYHA_eVO8F4LE0W-46VCOyMb8Sy4snYcScy6V52mH1nfh2IqYBK6s6a3WiLxEE2F7hB3z8MyKF1UNDQa794lG5PeD2aBELQaYcPA45vdhxlI4wUCL2LT3onu4fobRfyad0QoJZKoLhOBgkPqG_fKXu4AdsE0HCRu8xiSvonrqOR7B1nLb47UX-vRu2ktn9ZKXBnYy9EHcuYpTO0eG8m36qkiDGwWhCqzUTiq39GUELwR3yI9f83UPWBt3gSYARkPY0oRFBbHIMdmbRAVpA7lXupORtLKayuOLJxYigBjURpVllG9tV1ZqEY-MBP3yma7De7ZaueRjydkDfY6fyoaCHL0NsUbH9HTSxEQklWkwnT8OqAZDNo4sbhb44XL3FMHHwxgbZXpaYbbV8JvNOnnRqjTWQsELmahnuFVaJ9Eh2EPYG0NMKfGhMBFXLXdy1GuWxU8MGP3tunypXUTtDRr0fCpI-lF-eAN5tqIEmxNUR3mfxh0h_JZQmntb1C8fnwHebg-rmR1qL8G0_Ei0mUJcMQZYdSeTemSi2S7abZE2sePEagBv6QcrMRI6SUZlWxZsy3A7ak--8tVYwuPPMpZ_EfmCKU5td5fI8ECOnYGTufUY8Qky9bNNJAdo7dzDPWt7W0gfmoULxbA8ucropW-04zgyLfYBA1EJDq6J6HiRQ7BdTP4WuaDJObPlosndHfTy6GAjVSZl-l7xMPLrIkywrFXDdS02WwGeWhDh_AM27-fmJJlzuNmBQM56OGt3Zo8IQKaBFz4Er9SlBoEoIBizKxA4nsBUHjNwPV2TVsUOqslyKetbArlUNTzecL6amWfv66_3Ym9SgdnX0poE8qesVIRMGehPWbe0ovCCgUfHGZ42ovnTHRGZA4GvUOmjJKT8ukoGJmlU7N-yXBvRhToCf1wxzZDvDtSHRVYmH-8EP8ag43NHv_63hdaU_ni5wtvIlkMDjvEbcGSh6x4khGTn3ocRyqBBY4vYBWTLX7MH9g6VneC3OwZGusruIM9C23YTFm_p3ZM2uhIJD2ad0NAqS9WezWr-W95XHRgGHzAPWygth9efR93yoyRi3lJUZM_wKZwupLYch8HBFDP2ILb_QXRbUd-aVYiQFczm4rYn8vMTOpzHj6yT-NvEUkBoR4xKfW1jssUCqTkN4x2xyaz0Gm0jkDbe_P-SKppUI3xSr_5eJZSvDW3vJwHKPBJc44b1Bxd5jE1U8UL8ItIpdVbFQYWWKoM3ZFWE-Z9tU0GcD3Gw8FyUApqyYUI1jL8prBfPEytBur8RnlLhoMCLVv1utzZCrvqGpEolHkE3Vw0PwmG3Ru-sMgmY4IFAafMAy6zKWp5BCClY-0bvzAZC6vsLbetZYQcU6wJx7pMt1fMZJaCVpUUqxfeRW_YEXI8S108wy4NYGjhzEQN20_1Fn0x4iQgjJXOXgY6XukBX1gth91abnAeJ8eFE-m6dh0GHnb_A-Tc6ETHwdBtYMGEdd0XbZ_DWmLUBmGiB4qfB1BK_YWPXu94OwoUGHJ5nrhYA8EDPsRKGAaZV7Em8zeLB3OjAKQsiod0OubX2erULltk6XjQc7JH3z5E-c6ofomxZEIu7a3P-SsIA0Xa0hF7OSvavqLJx9uScHZyu3iOL3fvgYvOFCyUXFPiSwIHaQ-g-TmIpq3wIP9YpTHeGwziHOf4F4clTCvCLdJHvIWczUm2PSXq_mTQaztoSN5xsTySykieMfQVW74oOgI55MIFF6Bqn2NKJCDVRl83D1b3iBns76K0h7HaQTXcHLD6VD4s4LXNU5U4A-gQFxUb5Jy_dxjI11WpshtQf8wvKI_tqY1I7clLN22QMN1AqO-rshrgB1KkGDnFcOwgToH2B6PbIPF3ThgQhk9B7hgSWvCraCRIlS9fGfj9FvGj3K8Lzrl2fusdMt9Wln3WUfchRYvVblOoWewmRADEXqp6C5K3FuzJo-7IRhYN0MAcUxdUwYxr7zvhvc6lu1XxWgbNx9dsrOik3dSGO8dg9dVv2gLnQ6x7esYw_zNHY3Uu0LfOH_ryALD7sRo2y29iRkjtlBFl6p4cp81IWPLg4bL6fDg8glQv-dKS_ublAJx_3JDYH1NxYcrtYwfY-b8MyOZtX6N3vvofAiFF8lt4z4IOGUB1qV88alQ0snlDLg-FEgsVkjI2amyiBEqerhZKYhVoSRApN2ZaZhczZKU3gYgqVeTjxtnylI9r19yh11AUE4CAKQ3fwm2gijIJfBvkL0E3afkyoVbu5YjP8YFNXCpJl7nHN25yXN3gBrrWYCsgNVITNojZEHw6kgUORuCFVsY-l4OTtNGyZ3mEE6ltL0LyBj0OzRuk_16_HnlQ1FLT-DGdhF4JBnJuqYjSrd9RA-bZ-4UQWJxbNCwVC8FlH3AcFc9oPzOXRn_1m9lgiQd4s0s-7-B2jpvFcz0O2g5mJUX7GWeumSblJ626W2YgqPHAuwAZGvBSXfBg5o6EKyGzlatrnTmVjfAS__kU27OryYImt7U5A0ZskUDaHc4DJGFzxtlLjjlxtaKPYyXgj0pwHd2xeiC_9i_8I9xJOVfHI9GkRS4e2HmSXq_UhOFtutg5M3auxdjRt6XjXdwcEV-9WefiqMmTNWXhO6V4FZyqLivlXv5voTKs8zGkdJC7U6a0qQDUA83Mtb93EgHmIaka8-1swO8QnhjIoODsJCskijn_hTddX4Ss_WMwL_k2gD_ji6dWhvsBox7mPW8onnNoDvg2ei1fYIRqc64Xf4CSmboc7i3hSSDYUYV0WIyvJXC4cP7JMem-I6_Th4DykOhnFdMhCXDWp9Zog4QlHPWLkWCqutsMqa_-CfEWYfzVyM-1t-BTmTpiSBfCkAzB9XGSMURkb8hi2Y9-e0QU3PcvONTwoaT5s7FhLvvEkpJIrlfVPfveLqZVGtNfr6c_RNLHmdGhq0HjJ-HF-CCU1L1qY-y-Qy5urLaZ3uY_6WdQH3J_zb6GdUpwrA5HSfC4huwcu8Th0WhNLuNQnFtlHUtP-wnajMpVqEfDLD6wXW2BlZJPi71c0TYgJ4tV0KD5wbGUye1QerT2ztprUiFSG0sY5cLq0_y53gkKDDdOzjj4CsOtoGQQX-rAt9R0XUzEHrQNGHRBotzXdnX52tAdYrhD76oDisJ7SREuejyOF8EASbuTkhKTNJZKF1V-XlL1rwIJXG75nl35pJXiS4PkUvjOZl3rEbrnKR1H44LtFmCaPLg2PEjxbhC1An4h6K91QDMQtFZK3z_nIjnF41C5nwMpMD4kHE7h_oFaXII_mau7HHUVfvBNos1PjN8RUw-J08fK6OOrPpXkqswMt8yU4xUumEPn2l-LStILD3QRFg7eBZa9MhkzF275mqRLq3TAsPzmMwfgPYIQPUf2W6&cid=CAQSTwAvHhf_iPpGnkOWXQtg7VK4PfQW-LmmizbDEx0ExKjsAVzyadwcixtmc6yUehaeYdAXKmmlnCjOQyDimzPhW3l2e4OuUDU-xTIcHOpJp-4YAQ&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.133.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wo-in-f154.1e100.net

Software

cafe /

Resource Hash

14ec701dafa955b664bf1b9d5d3918498a8831c8de70fb265fe525fa268231d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 17:03:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17551
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 r62eglto.js
ad4m.at/ Frame 0AE8 24 KB
9 KB 21ms
20ms Other
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 17:03:53 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Nov 2023 09:14:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 546544
etag: W/"aa3e81d21ff1f0e18f4862e53a794952"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2%2F%2FQnqO20OWoFK0E1t76VbP1kf9URmHegHgbIyaemw7LyWodxrd57ow%2FE5BVfH0pNwNhcOQxis1qBwpwKChBAC2k3UiVFZG6HiEfmkfUspDkySt4UH4Vx3bnDz24olfKCuT80tI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 838138b9280665b6-FRA
alt-svc: h3=":443"; ma=86400
expires: Wed, 13 Dec 2023 09:14:49 GMT

GET
H2 200 cookie-frame.html Show response
ad4m.at/ Frame 566F 2 KB
1 KB 28ms
28ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/cookie-frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1820486
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=86400, stale-if-error=86400
cf-cache-status: HIT
cf-ray: 838138b9282b65b6-FRA
content-encoding: br
content-language: en
content-type: text/html
date: Tue, 19 Dec 2023 17:03:53 GMT
expires: Tue, 28 Nov 2023 16:19:58 GMT
last-modified: Tue, 28 Nov 2023 11:49:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BK5V%2BqlJb8bTek6f7v%2Fj7ITut3Sqj6FtMblvRQ2Js5USoOj5l7R7rFO3Rev7Vgciw6grteIqdPPDjA9EX8w9rrkD8SAjy80JC6JskUfdV2C1USIWYMtLl2z5H7t%2FT%2FLrgwzlt%2Fs%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 7ABF 38 KB
13 KB 36ms
35ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 28226
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 09:13:27 GMT
expires: Wed, 18 Dec 2024 09:13:27 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 rs Show response
ad4m.at/ Frame 0AE8 2 KB
2 KB 34ms
34ms XHR
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b44947747e16c5ce4f198b661320eed400bdcd4b3c65ecd679abe7574ded43e5

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 19 Dec 2023 17:03:53 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bqdzwhfNlLfA8cHsqKZqjqrW5bHfj9joRSZh6qEz5MBttMafKHTwehIRMhLyGhnZ6xnlcrl2UX38Hg91Sd5ZMiBXGURtMl%2BnEJuW0YsyESlKgDK0ms%2FCbsm2lMx%2FQi5L5leH104%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-allow-credentials: true
cf-ray: 838138b9e83a4d9e-FRA
x-backend-server: aa-reachservice-group-europe-west1-nct2
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 39ms
30ms Preflight
text/plain 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 838138b9bfea4d9e-FRA
content-length: 24
content-type: text/plain
date: Tue, 19 Dec 2023 17:03:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ywwh%2Bhr0A9MY14lhh7Jp9mX8WGE3nwe0IX8yBg7IbmTMwzZTq0tbhUSk%2FVFTLX0pQX9iYll9%2FBgrx9y%2BeJx1ILQCxq%2BYxw72IEyNEHFe6q6F%2FQ29U1JlDEPrlM1dpdPXO%2BktyCY%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-hjdq

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 7ABF 39 KB
15 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 11:16:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20841
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Dec 2024 11:16:32 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 23CA 0
20 B 69ms
69ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BGCO--cyBZabhHq299u8PkrqImAsAAAAAOAHgBAI&bg=!OzilOHfNAAY3kmNgF5I7ADQBe5WfOJ93dOotcoDYA2ybJT0Kny5gHjK_yC2f8YsrVk8lodWjwJO18nV6gXohWgfoGQvcAgAAAIFSAAAAAWgBBwoAKt09Pa_yXk3YFYnf3QhGS92S0tiUOcUZ-tjxP47MA_mFOIaTCVL9Y5NgIpkDM79CXzqcr3i6zq9BhnWBrHWkcA8jCCFkDJNKKAO6aI4vDCVX9bsH1ZBfP-3X5EQmVJZAgr4yTPbpDeDB0HF0vHpObL9LU-4gzOV2TBagZYXpYzj3Ff8TOYUr-HTv_eRceo3bEfD1vP739lQ_EDsMkJH99NhElt6Ah35MIjFfqDF2TSpCuqk4mohH1vJNvSzceZdsjiM8oovyEVDABzxBPNIXOuqYZfKCCctOoVVm93C2uf0v3uAkBWB9PcSCc4dNQQ3zs_gkYwVheQqxlsxvfeYmBqBZmx8CTGsARPsWucYT2MxRYUZILc2q3zfnyss8pOHstt3pKCUCEIdg7Ot_AWle8nET4DFL26JlCL22n5DaUJ4MxmMlYxfp04KcUGh4XJbFY7q_1G8hYcmoLuRQwaRrBjuW1TQaX5vCpOWcBHbEDtf77evg4YvNpYQD9Yt_XsuB1EyfA45tF2Xw1c4Kas577cN4VoVJuDI2iWtqiUiu2ZNpYPlc9oA5pQDnwISAkW5YTefTATlT0uO-hRKEQThLH2wTJjJOaux-VjWmxZGxz6FN4S6n-jZihK4c-VF94ecxBL-hdGH3sOp86bipvgcvfk9Aav4xODhErtWSyL98kPi0zyUPVpp2xrGRgFWyBQIeVH1Y8C2C8qJ6VtJkcaSmnI-2f-MwVUqdVDaLY9HIzME2YrEjiYRxJDmFzNgao2D9HrF-isT_WP5qBacXIaXptCEjOA5JzkbKes71djJRYxkPRjr8jiAUovxKg6H4ntufSylbyBLJ4-UhvER3O3l1KAzg_2Gtsfch4b8MkHr8zK7Re7wsugiWrXyEJadAYhFzw-hY9rMPYsafKUty9haRKewhB0QUXDqNMWEV14xrlk7JkthXxHWOXgnGIBrku5djpvc1yOstaha21zi3la66bZKV33y0TDyIbmEInlO_xyA_7EG7fN8kwtgaIGrBs3lOlZFzmGpBnfxSy_ocFZPT6h1TpEl761ia56IaQHalu1FDC4B8fsOjKc8-JHMoyKSCJ3MLFENknVGpAgtd22ZBOXyD9pp66hON7hF89-CjGlWJh_wZgQF3q0NB0SiA6Cv9qg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 17:03:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
adv.office-partner.de/ Frame F141 930 B
923 B 28ms
7ms Document
text/html 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=eae71e7683&subid=&uid=a5bead0f32d3cd36&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DChMqi-MyBZf71M9KL7_UPzpufsAum5b2gaZ2cnKfJD_AuEAEg4v30BWCV4pCCoAfIAQmpAgCIDL1wVbI-qAMByAObBKoEjwJP0GOD_rKDENoK51go69blR0NToT0yY20rjXfS8MFI3qVJXX6dVPCeMjYyjH_KAqq_zUoHyvWnexwNU_t-6MhJikBqEMOrCibnlIzMz7asIHvswU5tGmJShEKlv_rfTIJ0ETjjxdhjL1CW_HKxjCV2CLpUHcdRkryPdB9IuJTmqJtzq-s9vhtPCLN7c0gIx-ZGBN_N6jmJ6QhH3skuuiHc49_6mQfbx0MEE0MLDFEkjPYlVwVOS6LV1zMdfpRujrpT6W2bPQ6MBmJzMxs8tESCq1ssqPU1rRNIJ_RR2DtAyCSkZXYBuc3KF9eeeP_oyOw-uR1Wmb11veQ5kcrxur8DlWTE53Si5y-k1UyhfnQAwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WP2dgM_9m4MDgAoBmAsByAsBgAwBogwUKhIKEOS0sQLutbECtbixAqy6sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_iPpGnkOWXQtg7VK4PfQW-LmmizbDEx0ExKjsAVzyadwcixtmc6yUehaeYdAXKmmlnCjOQyDimzPhW3l2e4OuUDU-xTIcHOpJp-4YAQ%26sig%3DAOD64_0EN74tGcZuedovmjgHokNuvIEs_A%26client%3Dca-pub-7176323234405639%26dbm_c%3DAKAmf-Chu5NHS9zajdxQ_ETqDl1N-mYBvk80l64wpHmTHNuYz4gl8O_YY9sosGS7BgFpDC3uQHoo3HwdBMG4jf8qHNmqj9pbzEWC3vO1Vyk48tO1AYbER-_fadeK8u0oORgd76diOj3er6noVHI2hZGV4sAl56x66pwZQ9Q_GfnGCpc4FGSIw5g%26cry%3D1%26dbm_d%3DAKAmf-A1MuvhuH6hpQONKRil24qb43JGcJEW_0cmfzvLwQR3Am6SmJSmUw-zXfsEJa83JVr5JjekT_wHp1I7J6xkCx7qk6Orbi7mBB3YuGph_6Dx9oXghhgBU2wGfFFXD3OkqvwF1aRwFVnkIxwNM68fZ35QObLAybgy9Yk5fr9gVg1YabJAynTx8umaKU4TIAGpDHSIDLfI5Ahi24aqh1mkaPd19o5fjj4YlzzEXuH4Wkqf_nKN8uKVMS3yOwxbRwTk9h6xRNRfFUqJD74PRRTJQDLnDfSTGVipsNJvB5hBvFbDzOjRtyFISQoMUBkTd7_SFhm7BGT6HQu2_d0JHOyDYC05GvxjOhhZ4z6HOiG25wkjRghQdlEKSBoiutSfWzt__QIKqJuHlaPEO8ymym95LzzBQu3NUiIUk07_xn7JtkneHLCpIyh6gpswkeqJaXXJP00rqsT-7YgeuH3ObblXE9FLZ6vXobxINbgePuRrrVj4yS79mmC7ipcm5FQPd7neRAJAltRA9KizXAzQNj3cAnbGurDdyQmVBCEY51Va0mKVwtMsty4N04jB6tBZaAuMVVQ6wAFR%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231207%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-2-%26adk%3D1812271804%26client%3Dca-pub-7176323234405639%26fa%3D4%26ifi%3D11%26uci%3Da!b%26btvi%3D5&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fkrank.de&random=1460736348042&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Tue, 19 Dec 2023 17:03:53 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Tue, 26 Dec 2023 17:03:53 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H2 200 e99aace94e6e5873881d3400993e1e7e Show response
pv.medialead.de/trck/epv/ Frame FB07 0
327 B 168ms
19ms Document
application/javascript 91.121.248.44
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=39692800100716904444556012543014&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by: Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=eae71e7683&subid=&uid=a5bead0f32d3cd36&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DChMqi-MyBZf71M9KL7_UPzpufsAum5b2gaZ2cnKfJD_AuEAEg4v30BWCV4pCCoAfIAQmpAgCIDL1wVbI-qAMByAObBKoEjwJP0GOD_rKDENoK51go69blR0NToT0yY20rjXfS8MFI3qVJXX6dVPCeMjYyjH_KAqq_zUoHyvWnexwNU_t-6MhJikBqEMOrCibnlIzMz7asIHvswU5tGmJShEKlv_rfTIJ0ETjjxdhjL1CW_HKxjCV2CLpUHcdRkryPdB9IuJTmqJtzq-s9vhtPCLN7c0gIx-ZGBN_N6jmJ6QhH3skuuiHc49_6mQfbx0MEE0MLDFEkjPYlVwVOS6LV1zMdfpRujrpT6W2bPQ6MBmJzMxs8tESCq1ssqPU1rRNIJ_RR2DtAyCSkZXYBuc3KF9eeeP_oyOw-uR1Wmb11veQ5kcrxur8DlWTE53Si5y-k1UyhfnQAwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WP2dgM_9m4MDgAoBmAsByAsBgAwBogwUKhIKEOS0sQLutbECtbixAqy6sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_iPpGnkOWXQtg7VK4PfQW-LmmizbDEx0ExKjsAVzyadwcixtmc6yUehaeYdAXKmmlnCjOQyDimzPhW3l2e4OuUDU-xTIcHOpJp-4YAQ%26sig%3DAOD64_0EN74tGcZuedovmjgHokNuvIEs_A%26client%3Dca-pub-7176323234405639%26dbm_c%3DAKAmf-Chu5NHS9zajdxQ_ETqDl1N-mYBvk80l64wpHmTHNuYz4gl8O_YY9sosGS7BgFpDC3uQHoo3HwdBMG4jf8qHNmqj9pbzEWC3vO1Vyk48tO1AYbER-_fadeK8u0oORgd76diOj3er6noVHI2hZGV4sAl56x66pwZQ9Q_GfnGCpc4FGSIw5g%26cry%3D1%26dbm_d%3DAKAmf-A1MuvhuH6hpQONKRil24qb43JGcJEW_0cmfzvLwQR3Am6SmJSmUw-zXfsEJa83JVr5JjekT_wHp1I7J6xkCx7qk6Orbi7mBB3YuGph_6Dx9oXghhgBU2wGfFFXD3OkqvwF1aRwFVnkIxwNM68fZ35QObLAybgy9Yk5fr9gVg1YabJAynTx8umaKU4TIAGpDHSIDLfI5Ahi24aqh1mkaPd19o5fjj4YlzzEXuH4Wkqf_nKN8uKVMS3yOwxbRwTk9h6xRNRfFUqJD74PRRTJQDLnDfSTGVipsNJvB5hBvFbDzOjRtyFISQoMUBkTd7_SFhm7BGT6HQu2_d0JHOyDYC05GvxjOhhZ4z6HOiG25wkjRghQdlEKSBoiutSfWzt__QIKqJuHlaPEO8ymym95LzzBQu3NUiIUk07_xn7JtkneHLCpIyh6gpswkeqJaXXJP00rqsT-7YgeuH3ObblXE9FLZ6vXobxINbgePuRrrVj4yS79mmC7ipcm5FQPd7neRAJAltRA9KizXAzQNj3cAnbGurDdyQmVBCEY51Va0mKVwtMsty4N04jB6tBZaAuMVVQ6wAFR%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231207%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-2-%26adk%3D1812271804%26client%3Dca-pub-7176323234405639%26fa%3D4%26ifi%3D11%26uci%3Da!b%26btvi%3D5&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fkrank.de&random=1460736348042&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS: ip44.ip-91-121-248.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
attribution-reporting-register-source: {"source_event_id":"17200521800104416","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length: 0
content-type: application/javascript; charset=utf-8
date: Tue, 19 Dec 2023 17:03:54 GMT
host: pv.medialead.de
proxy-host: pv.medialead.de
server: nginx
vary: Origin

GET
H2 200 link.html Show response
track.webgains.com/ Frame CB52 2 KB
2 KB 134ms
71ms Script
text/html 18.132.158.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=39692800100716904444556012543014&nw=1
Requested by: Host: krank.de
URL: https://krank.de/produktcheck/vixan/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.132.158.37 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-132-158-37.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 5175a4d7297bb1c8997e65e92b28efe48bdc1018a24abd57c8acb506a0518fb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 17:03:54 GMT
last-modified: Tue, 19 Dec 2023 17:03:53 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Tue, 19 Dec 2023 17:04:53 GMT

GET
H2

200

activityi;dc_pre=CKmexs_9m4MDFcjLOwId3zED1g;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8059911493316.245 Show response
5994599.fls.doubleclick.net/ Frame 3F2D
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8059911493316.245?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CKmexs_9m4MDFcjLOwId3zED1g;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8059911493316.245?

391 B
326 B

75ms
75ms

Document
text/html

216.58.206.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CKmexs_9m4MDFcjLOwId3zED1g;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8059911493316.245?

Requested by

Host: krank.de
URL: https://krank.de/produktcheck/vixan/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f6.1e100.net

Software

cafe /

Resource Hash

7af18821617472a0b2215c925d3999c2c6be0cb8d39025b4f2202639da75e20e

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 217
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 17:03:54 GMT
expires: Tue, 19 Dec 2023 17:03:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 17:03:53 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CKmexs_9m4MDFcjLOwId3zED1g;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8059911493316.245?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal900014.redintelligence.net/ Frame D029 7 KB
2 KB 37ms
15ms Document
text/html 176.9.26.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900014.redintelligence.net/request_content.php?s=39692800100716904444556012543014&a=1b30917d
Requested by: Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=eae71e7683&subid=&uid=a5bead0f32d3cd36&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DChMqi-MyBZf71M9KL7_UPzpufsAum5b2gaZ2cnKfJD_AuEAEg4v30BWCV4pCCoAfIAQmpAgCIDL1wVbI-qAMByAObBKoEjwJP0GOD_rKDENoK51go69blR0NToT0yY20rjXfS8MFI3qVJXX6dVPCeMjYyjH_KAqq_zUoHyvWnexwNU_t-6MhJikBqEMOrCibnlIzMz7asIHvswU5tGmJShEKlv_rfTIJ0ETjjxdhjL1CW_HKxjCV2CLpUHcdRkryPdB9IuJTmqJtzq-s9vhtPCLN7c0gIx-ZGBN_N6jmJ6QhH3skuuiHc49_6mQfbx0MEE0MLDFEkjPYlVwVOS6LV1zMdfpRujrpT6W2bPQ6MBmJzMxs8tESCq1ssqPU1rRNIJ_RR2DtAyCSkZXYBuc3KF9eeeP_oyOw-uR1Wmb11veQ5kcrxur8DlWTE53Si5y-k1UyhfnQAwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WP2dgM_9m4MDgAoBmAsByAsBgAwBogwUKhIKEOS0sQLutbECtbixAqy6sQKqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_iPpGnkOWXQtg7VK4PfQW-LmmizbDEx0ExKjsAVzyadwcixtmc6yUehaeYdAXKmmlnCjOQyDimzPhW3l2e4OuUDU-xTIcHOpJp-4YAQ%26sig%3DAOD64_0EN74tGcZuedovmjgHokNuvIEs_A%26client%3Dca-pub-7176323234405639%26dbm_c%3DAKAmf-Chu5NHS9zajdxQ_ETqDl1N-mYBvk80l64wpHmTHNuYz4gl8O_YY9sosGS7BgFpDC3uQHoo3HwdBMG4jf8qHNmqj9pbzEWC3vO1Vyk48tO1AYbER-_fadeK8u0oORgd76diOj3er6noVHI2hZGV4sAl56x66pwZQ9Q_GfnGCpc4FGSIw5g%26cry%3D1%26dbm_d%3DAKAmf-A1MuvhuH6hpQONKRil24qb43JGcJEW_0cmfzvLwQR3Am6SmJSmUw-zXfsEJa83JVr5JjekT_wHp1I7J6xkCx7qk6Orbi7mBB3YuGph_6Dx9oXghhgBU2wGfFFXD3OkqvwF1aRwFVnkIxwNM68fZ35QObLAybgy9Yk5fr9gVg1YabJAynTx8umaKU4TIAGpDHSIDLfI5Ahi24aqh1mkaPd19o5fjj4YlzzEXuH4Wkqf_nKN8uKVMS3yOwxbRwTk9h6xRNRfFUqJD74PRRTJQDLnDfSTGVipsNJvB5hBvFbDzOjRtyFISQoMUBkTd7_SFhm7BGT6HQu2_d0JHOyDYC05GvxjOhhZ4z6HOiG25wkjRghQdlEKSBoiutSfWzt__QIKqJuHlaPEO8ymym95LzzBQu3NUiIUk07_xn7JtkneHLCpIyh6gpswkeqJaXXJP00rqsT-7YgeuH3ObblXE9FLZ6vXobxINbgePuRrrVj4yS79mmC7ipcm5FQPd7neRAJAltRA9KizXAzQNj3cAnbGurDdyQmVBCEY51Va0mKVwtMsty4N04jB6tBZaAuMVVQ6wAFR%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231207%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-2-%26adk%3D1812271804%26client%3Dca-pub-7176323234405639%26fa%3D4%26ifi%3D11%26uci%3Da!b%26btvi%3D5&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fkrank.de&random=1460736348042&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 176.9.26.250 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.26.9.176.clients.your-server.de
Software: Apache /
Resource Hash: 6ac461a46dc723b32d3ea7a86ec702cd019d2f0d5a8f6ff682d95d8e278383ac

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2047
Content-Type: text/html; charset=utf-8
Date: Tue, 19 Dec 2023 17:03:53 GMT
Expires: Tue, 19 Dec 2023 17:03:53 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H2

200

e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/eview/ Frame CB52
Redirect Chain

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=39692800100716904444556012543014&t=htlp&gdpr=1&consent=1&gdpr_consent=
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=39692800100716904444556012543014&t=htlp&gdpr=1&consent=1&gdpr_consent=

43 B
360 B

112ms
20ms

Image
image/gif

91.121.248.44
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=39692800100716904444556012543014&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Server: 91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS: ip44.ip-91-121-248.eu
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 17:03:54 GMT
attribution-reporting-register-source: {"source_event_id":"17200521800104416","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx
host: pv.medialead.de
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
content-length: 43
proxy-host: pv.medialead.de

Redirect headers

location: https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=39692800100716904444556012543014&t=htlp&gdpr=1&consent=1&gdpr_consent=
date: Tue, 19 Dec 2023 17:03:53 GMT
server: nginx
content-length: 138
content-type: text/html

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame CB52 43 B
703 B 96ms
74ms Image
image/gif 92.123.148.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=3266505&v=11601&q=357526&r=113440&pref1=39692800100716904444556012543014&pv=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

92.123.148.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-148-9.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 19 Dec 2023 17:03:53 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 5C1A 0
54 B 36ms
34ms Ping
image/gif 2a00:1450:4013:c05::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lqclgqlp&c=2202028893265&slotId=1101014446632.5&qqid=CPzRgM_9m4MDFdLFuwgdzs0Htg&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4013:c05::5e Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 17:03:53 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 5C1A 41 KB
15 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 19:31:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 336726
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Dec 2024 19:31:47 GMT

HEAD
H/1.1

200
OK

file.mp4
r3---sn-5hne6n6l.c.2mdn.net/videoplayback/id/e18ab1460f931e82/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1734541433/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 5C1A
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/e18ab1460f931e82/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1734541433/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r3---sn-5hne6n6l.c.2mdn.net/videoplayback/id/e18ab1460f931e82/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1734541433/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

85ms
14ms

Fetch
video/mp4

2a00:1450:400e:1a::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-5hne6n6l.c.2mdn.net/videoplayback/id/e18ab1460f931e82/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1734541433/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/8415D68F2FAC14786ED96C4AA2E56164207A781C.411A4095C63BF23DB6CAA777F80339AE11D3B970/key/cms1/cms_redirect/yes/mh/7Y/mip/2a03:1b20:6:f011::1e/mm/42/mn/sn-5hne6n6l/ms/onc/mt/1703004978/mv/u/mvi/3/pl/48/file/file.mp4

Protocol

HTTP/1.1

Server

2a00:1450:400e:1a::8 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 19 Dec 2023 17:03:54 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 4302583
Last-Modified: Thu, 07 Dec 2023 10:13:40 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Tue, 19 Dec 2023 17:03:54 GMT

Redirect headers

date: Tue, 19 Dec 2023 17:03:54 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 650
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r3---sn-5hne6n6l.c.2mdn.net/videoplayback/id/e18ab1460f931e82/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1734541433/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/8415D68F2FAC14786ED96C4AA2E56164207A781C.411A4095C63BF23DB6CAA777F80339AE11D3B970/key/cms1/cms_redirect/yes/mh/7Y/mip/2a03:1b20:6:f011::1e/mm/42/mn/sn-5hne6n6l/ms/onc/mt/1703004978/mv/u/mvi/3/pl/48/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame F141 175 KB
63 KB 44ms
44ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b6e78fbf23f3b5acdb0417689397c8f2c49565422c94fbf585a12fd27d39cb92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 17:03:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64115
x-xss-protection: 0
last-modified: Tue, 19 Dec 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 19 Dec 2023 17:03:53 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame D029 5 KB
682 B 47ms
46ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=39692800100716904444556012543014&a=1b30917d

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900014.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 19 Dec 2023 17:03:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 19 Dec 2023 15:22:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 19 Dec 2023 17:03:53 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame D029 25 KB
25 KB 36ms
14ms Image
image/png 138.201.63.116
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=39692800100716904444556012543014&a=1b30917d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.116 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.116.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 13b6217bed5c9d4a92d3c08bf8a088b329fbcff65c013405ffb4d6133a446612

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900014.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 19 Dec 2023 17:03:53 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 25832
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame D029 27 KB
27 KB 35ms
13ms Image
image/png 138.201.63.116
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-1200x627.jpg
Requested by: Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=39692800100716904444556012543014&a=1b30917d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.116 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.116.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 2a4b31e3702b6aacfe4c4c0a665363d15d506cd440a7f3b9016c2eba1c1bb04f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900014.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 19 Dec 2023 17:03:53 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 27707
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame D029 16 KB
17 KB 34ms
12ms Image
image/png 138.201.63.116
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/36340/creativesup/native2.png
Requested by: Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=39692800100716904444556012543014&a=1b30917d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.116 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.116.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 3170edff38c2485b3eef5da64b87f4a55e35300936fedc9269e9fcc85f0c1b49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900014.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 19 Dec 2023 17:03:53 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16832
Vary: Accept-Encoding
Content-Type: image/png

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame 40CD 3 KB
3 KB 62ms
43ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=164572&b=WKqarfbWr5a51GrSYH1tpHxt7eqSPTETr8C2&f=54xUXfP28eHG9RzSpHPtPHkCRXptETVT28t1&c=728&d=90&e=&g=78aa344fc5d6d03eae7e90c853f32abb%2F5451971727055566093&i=27903&j=22&k=0&l=0&m=0&n=&p=&q=&o=dbmPros&r=1703005433896&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCQ8OK-MyBZf_1M9KL7_UPzpufsAuw7MyzdI6ojczADPAuEAEg4v30BWCV4pCCoAegAdyokOUCyAEJqQIAiAy9cFWyPqgDAcgDmwSqBJQCT9B3-cGq3oIqKqHqw3UGw8pdZMqYoVo3qfCbCAg44hY6nseMvsizzan94Yi4qOieQpFpuEomdzindC-I8NiwSdnZNMNrtUtv5ERfQj-hG2PTy2JQmjr6YwN5YfS1dMy89whxLdm6n6vKFaKGWt4PKzkIB4qaQbgvtxUMcO4Fa_YrKqwAFnPG3ZhXvz-23tS--eaU2r7YMelp6BOzeVp8Y9qxTcYpwamRFKDzkRM1snQcaEDApPT9UGoWESMBivSQV2ulis9rMu69u_7iM34RcNrmX2Nb08dHSYZhpmzwR5pfBhNKyPmm4NhRVopLZIV6wDbVsOXTfkicZ2ghT5Ob4eFjX0aJJEZweQKP9-KD3SAfFF6GwATq_pn2pgLgBAOIBeL9pNgHkAYBoAZNgAeM1--aAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WP2dgM_9m4MDgAoBmAsByAsBgAwBogwUKhIKEOS0sQLutbECtbixAqy6sQKqDQJERbATo8D3FNATANgTCtgUAdAVAfgWAYAXAegXAQ%2526ae%253D1%2526num%253D1%2526cid%253DCAQSTwAvHhf_iPpGnkOWXQtg7VK4PfQW-LmmizbDEx0ExKjsAVzyadwcixtmc6yUehaeYdAXKmmlnCjOQyDimzPhW3l2e4OuUDU-xTIcHOpJp-4YAQ%2526sig%253DAOD64_0xArGKeKVQsNhKAQSCMua3m934ew%2526client%253Dca-pub-7176323234405639%2526dbm_c%253DAKAmf-DHRc1nLq8CLJvDabKHfcq86gTNphH-jh_SUtoC2Or5nVdmRqsByAkCBnsd49HEFzlXYlRL6l553OpKvNiPar0kc9NbnDnc89LyRmf7plwEmUwl2O7-s1qpS7tkHpC4AkRVuI-g3ObG5CMPig9Nrqytfwasvj6U9CgYYY46KIR3RGX7xQM%2526cry%253D1%2526dbm_d%253DAKAmf-AciAz0mTrjMRtbN9MxWjbJdp0Yu_VPFJxjAEA3OOtKv49Vy04hGJSjYLwUQs_OyD9tc5PZFFgkn7TFiT13VaQfaAl1L7Qetg6pLMLs2qHwonuwobFhfTvW_J7PhKFm9fqi9VRsWoR_jQI1j-_QEExwadzTM4ZcVi6CrIXZA7Gj-4LgkQu6XJaflyXXBOsDteOqa8h5ekpn7DJfNNYgz-p7Eb38PBHSX8dgAAEvXxUcSpBABuaCweLpMbt5Vfiibi7ckgBdEG265aDLccS4-eKb3bSRKsYyrbYwXyH70OSazMkY0b0ZjGfC4Y6RbSuEUODh7Fpx9YZ9wTA_kfI8w-h-OpgonXox3G1zSLLmGmCX-9oWTqoKI0dfQ5wuTaOkC-bGqm3VG5G56iA5ZjSEKdJWaBP9GAIkqrr3f1osES3f5_qf5VrLse18BuAcFnEQCshcKG871i_k-fEC_vX7F-gnfCkhKyOgHr4dBvgsOSJsztwLF7MAb53Zbg6clq1HuCpxJDGeIWSHckfzyfdYVOk_WFtKu0gWmp_8znggk4UpFBDCOTCaZsCKCho85YbxtqO3hT1K%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b5587444fd8e5160f4c58a7b5a26596ba51724e702e31d5238b4a84532e9cb9

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 838138ba4ab265b6-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 17:03:53 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 3702 23 KB
8 KB 35ms
35ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 37651
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Dec 2023 06:36:22 GMT
expires: Wed, 18 Dec 2024 06:36:22 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK viewability Show response
hal900014.redintelligence.net/ Frame D029 0
150 B 35ms
12ms Script
text/html 176.9.26.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900014.redintelligence.net/viewability?s=39692800100716904444556012543014&a=ea6d7bbf&vb=m
Requested by: Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=39692800100716904444556012543014&a=1b30917d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 176.9.26.250 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.26.9.176.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900014.redintelligence.net/request_content.php?s=39692800100716904444556012543014&a=1b30917d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 19 Dec 2023 17:03:54 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7ABF 0
20 B 69ms
69ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BLajI-cyBZezNKPfO1PIP4_6V-AoAAAAAOAHgBAI&bg=!wcKlwo3NAAY3kmNgF5I7ADQBe5WfOPb-43_BkEs44RYap6W8hYACzeXeRCH2ptVAMCVAA00rHtIA41hrDa9HLV3ebJVwAgAAAD9SAAAAAWgBB5kDQTzr-TTE9yCt0FzL7YT5hfSwFyHpKgIGV9M6qHF1lS4d0GRidgSKHTkpyn7UUJ2AKLEOVuNoSM46_rEQS6ruqKbty6tSwnorYvzg-MJcZxsoNjz5eAuB3p3C91TXCsOZG3b1TvlnCCATGgKuzwcB4CTDXkhu92sG9gWxnZlBLQUqaOnwh7hA5rY_TJ0Rbi9xP0w2j52mUjXiPACNe5FqPhHxb_gXohbQXvs2ExzfVEHO2I1TzlUd31zPYDqIxR-H3oOqRNXRXRnkrrNpXc3J2OPvrIJ87EHU8RG9VUOcIKja7vCR9cX3jUjmDSlg2Dc94XxiJEUgfgG4C9hjLwboheNqqtMpu1lbLLd3lfNHvfVv4YFarFg2Cd3M3EMJIXiGzbUBtfXn9GSHlZLoo_s466JtVFc7_zgSntz7z-aQ4fKHITH7dzh8ea3fIs6JPJ266xnh6mzmdnU2wzXbVGv_HCMTK1L5jUfZaIKX1l4Wga2gg8Mmd6zmQEz9za18uEtjdlI6PZlEItG3YgZDaS6OsP1i01xMeIQJMNHmfBIKDpmkNqKixZerh8f--31MHxe9HrbgqMcghezi9uXnR4SkAmUrfMD2_VuihiBex5AGd_Eb1k6diYXHB_K0_APJvJdmbUmaPiOleZ1F4tKUCbD74jdwqPQzRRmLUPjvfOQ--ki9hqIx1pl4vjHGbItw72uJs1uzzoymdQrLLeafakwPjEAM6aW3i9A2qOAQPAMPL2CwG0umXwAh0pSn7cRhEILvwWoOrP91uEzsay6zxvGkz_yUVyvluXsxws8eM8JLetj4PhYq0g37VLEEBZ6cYBAXkzt3NfpvBdJBDKF4vqF0AL3P82Br_SvjTQ6ZDNQg6HGCAss8VBMEPXSVorEbmCc1pwwDsik7eNTW53HOgjx9THowvNtsWe6Am2fVlJoacA2V_hONcIcfFWdMcuSygyDiydLP6XFAR3PBUmsSaZqF2mmkuQ-rD3nSwhxtl0ExsN4x9Ft6MC3nK3qVHTBVMYithrJMo4Jnx6t3wWWP5POEaJDSRsbNSaImB6ABaffpDTTYowfndz-kK4DE08Q5CdjNgtalvSKNFL_jeub6GE9NDzNs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 17:03:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 3702 39 KB
15 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 11:16:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20842
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Dec 2024 11:16:32 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.50/one-ad/ Frame 40CD 115 KB
14 KB 23ms
23ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.50/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=164572&b=WKqarfbWr5a51GrSYH1tpHxt7eqSPTETr8C2&f=54xUXfP28eHG9RzSpHPtPHkCRXptETVT28t1&c=728&d=90&e=&g=78aa344fc5d6d03eae7e90c853f32abb%2F5451971727055566093&i=27903&j=22&k=0&l=0&m=0&n=&p=&q=&o=dbmPros&r=1703005433896&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCQ8OK-MyBZf_1M9KL7_UPzpufsAuw7MyzdI6ojczADPAuEAEg4v30BWCV4pCCoAegAdyokOUCyAEJqQIAiAy9cFWyPqgDAcgDmwSqBJQCT9B3-cGq3oIqKqHqw3UGw8pdZMqYoVo3qfCbCAg44hY6nseMvsizzan94Yi4qOieQpFpuEomdzindC-I8NiwSdnZNMNrtUtv5ERfQj-hG2PTy2JQmjr6YwN5YfS1dMy89whxLdm6n6vKFaKGWt4PKzkIB4qaQbgvtxUMcO4Fa_YrKqwAFnPG3ZhXvz-23tS--eaU2r7YMelp6BOzeVp8Y9qxTcYpwamRFKDzkRM1snQcaEDApPT9UGoWESMBivSQV2ulis9rMu69u_7iM34RcNrmX2Nb08dHSYZhpmzwR5pfBhNKyPmm4NhRVopLZIV6wDbVsOXTfkicZ2ghT5Ob4eFjX0aJJEZweQKP9-KD3SAfFF6GwATq_pn2pgLgBAOIBeL9pNgHkAYBoAZNgAeM1--aAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WP2dgM_9m4MDgAoBmAsByAsBgAwBogwUKhIKEOS0sQLutbECtbixAqy6sQKqDQJERbATo8D3FNATANgTCtgUAdAVAfgWAYAXAegXAQ%2526ae%253D1%2526num%253D1%2526cid%253DCAQSTwAvHhf_iPpGnkOWXQtg7VK4PfQW-LmmizbDEx0ExKjsAVzyadwcixtmc6yUehaeYdAXKmmlnCjOQyDimzPhW3l2e4OuUDU-xTIcHOpJp-4YAQ%2526sig%253DAOD64_0xArGKeKVQsNhKAQSCMua3m934ew%2526client%253Dca-pub-7176323234405639%2526dbm_c%253DAKAmf-DHRc1nLq8CLJvDabKHfcq86gTNphH-jh_SUtoC2Or5nVdmRqsByAkCBnsd49HEFzlXYlRL6l553OpKvNiPar0kc9NbnDnc89LyRmf7plwEmUwl2O7-s1qpS7tkHpC4AkRVuI-g3ObG5CMPig9Nrqytfwasvj6U9CgYYY46KIR3RGX7xQM%2526cry%253D1%2526dbm_d%253DAKAmf-AciAz0mTrjMRtbN9MxWjbJdp0Yu_VPFJxjAEA3OOtKv49Vy04hGJSjYLwUQs_OyD9tc5PZFFgkn7TFiT13VaQfaAl1L7Qetg6pLMLs2qHwonuwobFhfTvW_J7PhKFm9fqi9VRsWoR_jQI1j-_QEExwadzTM4ZcVi6CrIXZA7Gj-4LgkQu6XJaflyXXBOsDteOqa8h5ekpn7DJfNNYgz-p7Eb38PBHSX8dgAAEvXxUcSpBABuaCweLpMbt5Vfiibi7ckgBdEG265aDLccS4-eKb3bSRKsYyrbYwXyH70OSazMkY0b0ZjGfC4Y6RbSuEUODh7Fpx9YZ9wTA_kfI8w-h-OpgonXox3G1zSLLmGmCX-9oWTqoKI0dfQ5wuTaOkC-bGqm3VG5G56iA5ZjSEKdJWaBP9GAIkqrr3f1osES3f5_qf5VrLse18BuAcFnEQCshcKG871i_k-fEC_vX7F-gnfCkhKyOgHr4dBvgsOSJsztwLF7MAb53Zbg6clq1HuCpxJDGeIWSHckfzyfdYVOk_WFtKu0gWmp_8znggk4UpFBDCOTCaZsCKCho85YbxtqO3hT1K%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=164572&b=WKqarfbWr5a51GrSYH1tpHxt7eqSPTETr8C2&f=54xUXfP28eHG9RzSpHPtPHkCRXptETVT28t1&c=728&d=90&e=&g=78aa344fc5d6d03eae7e90c853f32abb%2F5451971727055566093&i=27903&j=22&k=0&l=0&m=0&n=&p=&q=&o=dbmPros&r=1703005433896&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCQ8OK-MyBZf_1M9KL7_UPzpufsAuw7MyzdI6ojczADPAuEAEg4v30BWCV4pCCoAegAdyokOUCyAEJqQIAiAy9cFWyPqgDAcgDmwSqBJQCT9B3-cGq3oIqKqHqw3UGw8pdZMqYoVo3qfCbCAg44hY6nseMvsizzan94Yi4qOieQpFpuEomdzindC-I8NiwSdnZNMNrtUtv5ERfQj-hG2PTy2JQmjr6YwN5YfS1dMy89whxLdm6n6vKFaKGWt4PKzkIB4qaQbgvtxUMcO4Fa_YrKqwAFnPG3ZhXvz-23tS--eaU2r7YMelp6BOzeVp8Y9qxTcYpwamRFKDzkRM1snQcaEDApPT9UGoWESMBivSQV2ulis9rMu69u_7iM34RcNrmX2Nb08dHSYZhpmzwR5pfBhNKyPmm4NhRVopLZIV6wDbVsOXTfkicZ2ghT5Ob4eFjX0aJJEZweQKP9-KD3SAfFF6GwATq_pn2pgLgBAOIBeL9pNgHkAYBoAZNgAeM1--aAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WP2dgM_9m4MDgAoBmAsByAsBgAwBogwUKhIKEOS0sQLutbECtbixAqy6sQKqDQJERbATo8D3FNATANgTCtgUAdAVAfgWAYAXAegXAQ%2526ae%253D1%2526num%253D1%2526cid%253DCAQSTwAvHhf_iPpGnkOWXQtg7VK4PfQW-LmmizbDEx0ExKjsAVzyadwcixtmc6yUehaeYdAXKmmlnCjOQyDimzPhW3l2e4OuUDU-xTIcHOpJp-4YAQ%2526sig%253DAOD64_0xArGKeKVQsNhKAQSCMua3m934ew%2526client%253Dca-pub-7176323234405639%2526dbm_c%253DAKAmf-DHRc1nLq8CLJvDabKHfcq86gTNphH-jh_SUtoC2Or5nVdmRqsByAkCBnsd49HEFzlXYlRL6l553OpKvNiPar0kc9NbnDnc89LyRmf7plwEmUwl2O7-s1qpS7tkHpC4AkRVuI-g3ObG5CMPig9Nrqytfwasvj6U9CgYYY46KIR3RGX7xQM%2526cry%253D1%2526dbm_d%253DAKAmf-AciAz0mTrjMRtbN9MxWjbJdp0Yu_VPFJxjAEA3OOtKv49Vy04hGJSjYLwUQs_OyD9tc5PZFFgkn7TFiT13VaQfaAl1L7Qetg6pLMLs2qHwonuwobFhfTvW_J7PhKFm9fqi9VRsWoR_jQI1j-_QEExwadzTM4ZcVi6CrIXZA7Gj-4LgkQu6XJaflyXXBOsDteOqa8h5ekpn7DJfNNYgz-p7Eb38PBHSX8dgAAEvXxUcSpBABuaCweLpMbt5Vfiibi7ckgBdEG265aDLccS4-eKb3bSRKsYyrbYwXyH70OSazMkY0b0ZjGfC4Y6RbSuEUODh7Fpx9YZ9wTA_kfI8w-h-OpgonXox3G1zSLLmGmCX-9oWTqoKI0dfQ5wuTaOkC-bGqm3VG5G56iA5ZjSEKdJWaBP9GAIkqrr3f1osES3f5_qf5VrLse18BuAcFnEQCshcKG871i_k-fEC_vX7F-gnfCkhKyOgHr4dBvgsOSJsztwLF7MAb53Zbg6clq1HuCpxJDGeIWSHckfzyfdYVOk_WFtKu0gWmp_8znggk4UpFBDCOTCaZsCKCho85YbxtqO3hT1K%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 17:03:54 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1074158
cf-polished: origSize=118430
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 02 Nov 2023 10:26:17 GMT
server: cloudflare
etag: W/"486507ccce9ac587d11c0ef3f32a109a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=37k7ZGEC3jCRn09Xr9SVuJhL%2FoUFQ%2Frc01EA%2Fn3ubAJRzulLX4%2FklRL8AeTr7h9bo4kRBVtMzmI%2BgJTfKROKQzNG%2BZ5HnYVJJt6DeJP2vlQcDctIzJRpGpFrlbcRIPtjMCmfbLbDfH0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=86400
cf-ray: 838138ba8bccbbd7-FRA
expires: Wed, 20 Dec 2023 17:03:54 GMT

GET
H2 200 38DA74C26C67CAA08358FCB0733752D5C03C635710EE37F26A5DDC17BC9C61308ECBE8E1198167D06745FEF08FC440A85101E78A531013264DC63396BE64EEEE
assets.ad4m.at/ Frame 40CD 16 KB
17 KB 46ms
27ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/38DA74C26C67CAA08358FCB0733752D5C03C635710EE37F26A5DDC17BC9C61308ECBE8E1198167D06745FEF08FC440A85101E78A531013264DC63396BE64EEEE
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=164572&b=WKqarfbWr5a51GrSYH1tpHxt7eqSPTETr8C2&f=54xUXfP28eHG9RzSpHPtPHkCRXptETVT28t1&c=728&d=90&e=&g=78aa344fc5d6d03eae7e90c853f32abb%2F5451971727055566093&i=27903&j=22&k=0&l=0&m=0&n=&p=&q=&o=dbmPros&r=1703005433896&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCQ8OK-MyBZf_1M9KL7_UPzpufsAuw7MyzdI6ojczADPAuEAEg4v30BWCV4pCCoAegAdyokOUCyAEJqQIAiAy9cFWyPqgDAcgDmwSqBJQCT9B3-cGq3oIqKqHqw3UGw8pdZMqYoVo3qfCbCAg44hY6nseMvsizzan94Yi4qOieQpFpuEomdzindC-I8NiwSdnZNMNrtUtv5ERfQj-hG2PTy2JQmjr6YwN5YfS1dMy89whxLdm6n6vKFaKGWt4PKzkIB4qaQbgvtxUMcO4Fa_YrKqwAFnPG3ZhXvz-23tS--eaU2r7YMelp6BOzeVp8Y9qxTcYpwamRFKDzkRM1snQcaEDApPT9UGoWESMBivSQV2ulis9rMu69u_7iM34RcNrmX2Nb08dHSYZhpmzwR5pfBhNKyPmm4NhRVopLZIV6wDbVsOXTfkicZ2ghT5Ob4eFjX0aJJEZweQKP9-KD3SAfFF6GwATq_pn2pgLgBAOIBeL9pNgHkAYBoAZNgAeM1--aAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WP2dgM_9m4MDgAoBmAsByAsBgAwBogwUKhIKEOS0sQLutbECtbixAqy6sQKqDQJERbATo8D3FNATANgTCtgUAdAVAfgWAYAXAegXAQ%2526ae%253D1%2526num%253D1%2526cid%253DCAQSTwAvHhf_iPpGnkOWXQtg7VK4PfQW-LmmizbDEx0ExKjsAVzyadwcixtmc6yUehaeYdAXKmmlnCjOQyDimzPhW3l2e4OuUDU-xTIcHOpJp-4YAQ%2526sig%253DAOD64_0xArGKeKVQsNhKAQSCMua3m934ew%2526client%253Dca-pub-7176323234405639%2526dbm_c%253DAKAmf-DHRc1nLq8CLJvDabKHfcq86gTNphH-jh_SUtoC2Or5nVdmRqsByAkCBnsd49HEFzlXYlRL6l553OpKvNiPar0kc9NbnDnc89LyRmf7plwEmUwl2O7-s1qpS7tkHpC4AkRVuI-g3ObG5CMPig9Nrqytfwasvj6U9CgYYY46KIR3RGX7xQM%2526cry%253D1%2526dbm_d%253DAKAmf-AciAz0mTrjMRtbN9MxWjbJdp0Yu_VPFJxjAEA3OOtKv49Vy04hGJSjYLwUQs_OyD9tc5PZFFgkn7TFiT13VaQfaAl1L7Qetg6pLMLs2qHwonuwobFhfTvW_J7PhKFm9fqi9VRsWoR_jQI1j-_QEExwadzTM4ZcVi6CrIXZA7Gj-4LgkQu6XJaflyXXBOsDteOqa8h5ekpn7DJfNNYgz-p7Eb38PBHSX8dgAAEvXxUcSpBABuaCweLpMbt5Vfiibi7ckgBdEG265aDLccS4-eKb3bSRKsYyrbYwXyH70OSazMkY0b0ZjGfC4Y6RbSuEUODh7Fpx9YZ9wTA_kfI8w-h-OpgonXox3G1zSLLmGmCX-9oWTqoKI0dfQ5wuTaOkC-bGqm3VG5G56iA5ZjSEKdJWaBP9GAIkqrr3f1osES3f5_qf5VrLse18BuAcFnEQCshcKG871i_k-fEC_vX7F-gnfCkhKyOgHr4dBvgsOSJsztwLF7MAb53Zbg6clq1HuCpxJDGeIWSHckfzyfdYVOk_WFtKu0gWmp_8znggk4UpFBDCOTCaZsCKCho85YbxtqO3hT1K%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed457c43bf5e002f0429c5f71befe741150044c568e5a58143f30bb7b67dd968

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 17:03:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 545754
cf-polished: qual=85, origFmt=jpeg, origSize=96090
alt-svc: h3=":443"; ma=86400
content-length: 16590
cf-bgj: imgq:85,h2pri
last-modified: Mon, 11 Dec 2023 18:41:57 GMT
server: cloudflare
etag: "3e9e67600eb7218239a197cab6bff801"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZjcitZN3fzDanJazyZBczLzXypjFlRqskZ6yoyaF5d0zsNUBYkmaDSqi5xTHV6N5h49gmZ1hSe8Ya5i4mt3OyPQ5nEdYdwBiDd2zM8%2BHROO0TKetwSCDX%2FEt6H0A5uXaE2oGyxM%2BWNVNzvCI"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=315360000, immutable
accept-ranges: bytes
cf-ray: 838138baab4165b6-FRA

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame F141 274 KB
91 KB 43ms
43ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5f9175c9138f729ebc3a28f109226dce66bae4593d558ccc56a4ef8cc0e755ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 17:03:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93073
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 19 Dec 2023 17:03:54 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame CB52 53 KB
19 KB 77ms
17ms Script
application/javascript 52.222.139.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=39692800100716904444556012543014&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.139.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-139-14.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fbc6bed540723f219a878e5735ae8cb1c05aa9f7012bf21870cd79e41af25bcd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 02:11:35 GMT
content-encoding: gzip
via: 1.1 631cbe67f42dc4b925732ef1044517ca.cloudfront.net (CloudFront)
last-modified: Sat, 09 Dec 2023 12:01:22 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
age: 54302
x-amz-server-side-encryption: AES256
etag: W/"1180a1bfee0aad979766ecd6180b923e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 9kLYk1844XTYcRGqhcSlkHgjhBmRZJvV74RGu2PymH62N21qyWNAOQ==

GET
H2 200 1x1.gif
cdn.track.production.webgains.team/7121/ Frame CB52 85 B
420 B 59ms
14ms Image
image/gif 18.239.50.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1.gif?Expires=1703005734&Signature=bRwZhf0yhKz9XTqp86xfAktH3aNvG92Qs6kO4qrtF4JdsS5QM3ZWEk~7NIf5Ewe6k3ltF7PZwk35KcrgvXiNxRMjkRYSuB-DGp8kc7xiEcelnO0hkdkz3QLl-jgKcSK4YD97Z1UprxcHhG8B76uhd~NYKSCLAuBtpYxTcD-F6LhTmzWgz4wB8ttIZ6NlxO5iRjHf6Ak-Rlg75q2b6Xc276KjpY5znOBwx1Mh1AVRx31pcZWM~1QW1AZyNAVzXYcQHXH-MZithyuD5LkrkEgdcmUFd5VAOmdPJIljx1SvEiLLbvEY6t0HatIdncWgKtw8E8CKhkRyQZXC5RPKZBJZtg__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.50.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-50-87.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 22:01:08 GMT
x-amz-version-id: null
via: 1.1 0f5a5feace742eb20ef71e34731fb1fa.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P3
age: 68566
etag: "70af33d70b6810475aae19743c8c435b"
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 85
x-amz-cf-id: nGJcJoGlmy779WmEmBqL3hqXj0SwZmfLLyA2XE__lVgD3Tqh69v6LA==

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3702 0
20 B 69ms
69ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BcRJg-cyBZdy0NNKI1wazjJq4AQAAAAA4AeAEAg&bg=!SkmlSQbNAAY3kmNgF5I7ADQBe5WfOOHUtNEFy8XIZHmZVC86hiY56PWLTCQS0h2ZauxjIEqG-AVU073CKthzx3NKGohQAgAAAC5SAAAAAmgBBwoAF_GtcjBLBn3RAituVzCgUUxiKMDkGgj6mQNIrBNXkMebpr84I7NaF_LokzPdT1_n6jwGo0G487u6W8f-sMLMZwC4D4lWbgkEMv40zcodYWAQnWHtWU-ElbTOZRvhKXQ3krL1cD1mkqDYqmYZE0nPUdi1HgLiR08quvURvqhr5Z_lOaDS8jE8ZKDnLrqEAmb7FD4duyCiSZ5uL1bgzd8azSVfp2j3Bas5Ob9ugCxXT508C7ElFi7A0jlqP2DyhNFfnZJtekW8890Mugzv2O4w9u9MjRO2X5bQwmDpEwAK5vKMv4N008Yb5llihWItZ0Lkt6s2FiG8KJMRNLJ_JhQCQvpeuTWNE1FRmTFNgcInZ9M7lX5ruDbkYXMUiuR6tsg7_5S2cO-NEqHkJ7IggANIciLuZ9tnJVHrwv1KvjIMIHbWOpmx9yyV3OQuTglOH_CXLUwemd7N5BAvYsZ5wejs6gGrOvdvRbutzF2CF1rkcLMNjxilS2T4nI-r2RP697d73Zy7ouOuf85jQ-i758bl3Xyn9wckkDX3wGkVQMEli2U0o1unh4Awfxgy1zu0joNbX-xBFnRyfLM1pwW0QGZMrIEdt--mJaC9KDTzAeFgOy1VEd6JNhW_WztAYfq1pJbwCzlqVi1BS0XOe5nZilk-V6cF2_K_qd34ZX6gB6vvT468qXmNMYbIaSLdaWohykjX6c8-mBo4VuQhZBm-8IaORC0GX76KZTl7YxBEidKUiqBzaz6vOG5rO7vcIBKXE8Sz6BMjYHcPyB_r_74e1DmsC1Y47uEEF0wQTs8UE3rI_b4nA2q8uZlqBYCEt8M4YacccbjkCmfKcWxfWBPqUTu1AlEwOZWw_NC-ScN_YqydqIUU6fD8vy5Oe1pFMazD9KXhcj4SCBf9AjZzqTFHzEKH_dlnMzHtJi7EZY2cJFhA26d24L3n471hj2Q2bFx2HfEyv94VQFGwD5rIcgk8f9T_5ZW0BoXGbyHdLUxnhl1YDwru94UK6yFpMaItwpaMYqXfJ8Dp6Fa5HotosZDIhEiE1S3jPpsMBFG-oe3122gFhUC2-M4awQwACJ-1eG9M1A8AA7y5UNhUkDfIocEXrEANPdZLhSc1wHOwa-FCrLWYzsVmuVomuBF_TpI5JzgBzUakX1s0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 17:03:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CKmexs_9m4MDFcjLOwId3zED1g;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8059911493316.245
adservice.google.com/ddm/fls/z/ Frame 3F2D 42 B
401 B 150ms
71ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CKmexs_9m4MDFcjLOwId3zED1g;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8059911493316.245

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CKmexs_9m4MDFcjLOwId3zED1g;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=8059911493316.245?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 17:03:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 206 file.mp4
r3---sn-5hne6n6l.c.2mdn.net/videoplayback/id/e18ab1460f931e82/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1734541433/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 5C1A 457 KB
0 30ms
14ms Media
video/mp4 2a00:1450:400e:1a::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:1a::8 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Range: bytes=0-

Response headers

expires: Tue, 19 Dec 2023 17:03:54 GMT
date: Tue, 19 Dec 2023 17:03:54 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-4302582/4302583
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 4302583
last-modified: Thu, 07 Dec 2023 10:13:40 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 71ms
71ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=4179629922089674&bg=!3t2l3ZLNAAY3kmNgF5I7ADQBe5WfOGV7rDIdAGs3cBaJQLld51gTSXynBG03Z4Vn-puF4w8jqj4sfM8e5SNpYn0Qiq9OAgAAAGhSAAAAAWgBB5kC1GW24DHffNZrfrpR0OIvjff8QGH7pt1DSseOtIYlBm4_tyGpoBcAn6oIhOcqleEwLK5-zxxAVR68fFhmH23bkWWHcD0hTndnYMZu-17gEMAWHlEVefpsUOhFIL6D02Ol-rSa4BfFl1bIqQ499UgDJpag9rt6v7PCfSACEWl3PcNKVb7Sx-6TlBerk2pXofun4565A9EEQqoKGJ4UckHo65XQxSkg0CGEyUMCT4WCdjOxsQEz6w4xAfQj9qfYVB7xrlIYT41ylK8VsKfnymTfyg3kySOaS61MLAH2jovvi20eoQWt-Bl8OY2ZvVVbcPbN7SZCW-zikhKc3X5exjHHOtkjPGzFjZTb8ZSJLSpocebzY1wFZsPuwFd2fg7YQGBaeBPVDrR27_aRXxUvofjpsaSolHN7Y5UgTbq4rQuFQKPPSanxuBylZW-pftDMKMpLWMoEByyfnMJBUD0BMmZzCuy8zpj0HmOYP41As_KeA0aoqzmRiuwSh7qBbLLLZmWnfYTkTGq8olJ7nXpcsamigLBFDtJnOrq-YNmE-mxW4FVFd0r7QaRlob1h5wFcwTvY1iaXryLvtiAz_mhjfcxm6TFmIXIEqUZAYAMW9xLM5IrENO91LhKtQfARMw9EaT039wC_GyyN-TYdIUh12Svpa7gFBZLOQPeqDTnc-UT8oahVBy-LCn8F9UztVvqtwXXy1XUfgK7Jiyvvza6q0Cr5tLb4enghUDEdUROs3dZUvYlc58q4Ixj4glj36Lx3CTs9IgJ8knvqneqgMVHbjRH8Wmt41PCsqQr3gvaYcWQc40NPWGI0w1Xz8tOpF3FARbX0KlAQL1S-1HUmP46X_2nGxYWzTAaj2orRqhoIfF9_lW02YXOUTgb5NBUBIep56_CgYafpEh9M8KulfvbRUX3QplVMPEG24AALz9hOlntplwik7-oQX8fi8tKM_8jFFyRTEtdwp58
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://krank.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame CB52 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 75566db55bca80de851ce94c7e86ac5ccc137e27695ce151b72441a55ae2d2eb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame D029 14 KB
15 KB 123ms
45ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900014.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 17:12:00 GMT
x-content-type-options: nosniff
age: 85914
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 17 Dec 2024 17:12:00 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame D029 15 KB
15 KB 114ms
36ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900014.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 08:54:05 GMT
x-content-type-options: nosniff
age: 29389
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 08:54:05 GMT

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame CB52 16 B
209 B 77ms
76ms Fetch
application/json 3.9.60.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.9.60.26 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-9-60-26.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 19 Dec 2023 17:03:54 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 75ms
19ms Preflight 3.9.60.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.9.60.26 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-9-60-26.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Tue, 19 Dec 2023 17:03:54 GMT
server: nginx

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0AE8 42 B
64 B 71ms
71ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvGpjlu5-Cnc3GaSh9QSWd8BVY_jM9gV2U_7s-3HJukJeLt4mdH-l0Sy_fWdLyhueHrPwrbJJHBs__xflqo8mrDA18lP1ffc44TM_7HC7MCcV-MGQ9SoumptOC0ySfHkonCf9FeBuhka0xVbx4itVuyf6lw&sai=AMfl-YQIoZMtwfvncUofWPuUa4fDyTTlkMU87maw9lDfZPHvaPeBctLCjGDQdDsLu3g1_TxpfRgdMYIxGd8lWg0Iss_r0MvYhDf138kvfsdvI9XjPG0tPonYQeOfm7yTsxVqI1DTuXxyRsmTDwjpEQt70w&sig=Cg0ArKJSzJk7iXUb43E_EAE&cid=CAQSTwAvHhf_iPpGnkOWXQtg7VK4PfQW-LmmizbDEx0ExKjsAVzyadwcixtmc6yUehaeYdAXKmmlnCjOQyDimzPhW3l2e4OuUDU-xTIcHOpJp-4YAQ&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=481,979,1000,1000,1000&tos=481,498,21,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703005433382&rpt=372&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 17:03:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0AE8 0
20 B 66ms
66ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8677001633348&version=m202309260101&ct=77&x=1&cor=11330648608070371000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 17:03:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 5C1A 0
17 B 34ms
34ms Ping
image/gif 2a00:1450:4013:c05::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lqclgqpe&c=2202028893265&slotId=1101014446632.5&qqid=CPzRgM_9m4MDFdLFuwgdzs0Htg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2093&mt=video%2Fmp4&vs=1024x576&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=347&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.ua~vil.12s&ua_e=1&ape=1&ple=0&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4013:c05::5e Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 17:03:54 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CB52 0
20 B 71ms
71ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8161985025884&version=m202309260101&ct=77&x=1&cor=1064581815932469800

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 17:03:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CB52 42 B
64 B 76ms
70ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvL0ZaRqNB8ZAqPsYMpAd5EGSsDUUzN4HMUHotj2y05k4BZjBI0lZQKzNyqe2xdvMHXgYzo0f6bKLiai33fz4Q73tiPVxNLs5n6RfSK0_Njz_zpDtT2J__KwyN7ktQx_04UygH9pUa3shA&sai=AMfl-YSGNb10TAzh9QI_ICPXD69prsRnhZQMwubJla5u2B5932z1sIgv033vvMPJ2taQioFAoOL1SCUirWOfTZZyblQOttDi6v3K3jV0J4zlFKDs360ZWQ35Y6ga8FC4w8fLjsH7FAfINRZC1I3LtdLD8A&sig=Cg0ArKJSzPAp88H47yqSEAE&cid=CAQSTwAvHhf_iPpGnkOWXQtg7VK4PfQW-LmmizbDEx0ExKjsAVzyadwcixtmc6yUehaeYdAXKmmlnCjOQyDimzPhW3l2e4OuUDU-xTIcHOpJp-4YAQ&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703005433371&rpt=522&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 17:03:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal900014.redintelligence.net/ Frame D029 0
150 B 34ms
12ms Script
text/html 176.9.26.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900014.redintelligence.net/viewability?s=39692800100716904444556012543014&a=ea6d7bbf&vb=v
Requested by: Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=39692800100716904444556012543014&a=1b30917d
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 176.9.26.250 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.26.9.176.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900014.redintelligence.net/request_content.php?s=39692800100716904444556012543014&a=1b30917d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 19 Dec 2023 17:03:55 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

104 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ad4m.at/cookie-frame.html	1970-01-20 17:46:37	Name: userId Value: 5QCsFC7wKoeQzJpWgB3V1CY39krM5K-_
krank.de/	1969-12-31 23:59:59	Name: PHPSESSID Value: s9fqjrinhj49uskei8m8seo8rt
.krank.de/	1970-01-20 17:04:51	Name: _gid Value: GA1.2.552735074.1703005432
.krank.de/	1970-01-20 17:03:25	Name: _gat Value: 1
.krank.de/	1970-01-21 02:39:25	Name: _ga_QVNJPTS5GE Value: GS1.1.1703005432.1.0.1703005432.0.0.0
.krank.de/	1970-01-21 02:39:25	Name: _ga Value: GA1.1.1510633034.1703005432
.krank.de/	1970-01-21 02:39:25	Name: _ga_N88Q73T6W9 Value: GS1.2.1703005432.1.0.1703005432.0.0.0
.adnxs.com/	1970-01-20 19:13:01	Name: uuid2 Value: 4628910470360905755
.casalemedia.com/	1970-01-20 19:13:01	Name: CMPS Value: 2203
.casalemedia.com/	1970-01-21 01:49:01	Name: CMID Value: ZYHM.fTHH-gAfhwBrZx5cAAA
.casalemedia.com/	1970-01-20 19:13:01	Name: CMPRO Value: 2203
.doubleclick.net/	1970-01-20 21:22:37	Name: APC Value: AfxxVi6Vxx22HD8jtS2tEjDthOAoxsqwKMpKifm9Tv3LQBldiDvpKg
.krank.de/	1970-01-21 02:25:01	Name: __gads Value: ID=280d198f35ef14ab:T=1703005433:RT=1703005433:S=ALNI_MZkZmmDfd0IpYA5gsHEYaQonRfc3Q
.krank.de/	1970-01-21 02:25:01	Name: __gpi Value: UID=00000d21bb029fba:T=1703005433:RT=1703005433:S=ALNI_MaVuM8Nv7UaMLTXiYV1bYztsc-SDA
.doubleclick.net/	1970-01-21 02:25:01	Name: IDE Value: AHWqTUkG_wmCC2XWugTTzFYSh6VSqxmIkhct8gCTwpqZZoB9mq7uYXLs93awolG6F3c
.adnxs.com/	1970-01-20 19:13:01	Name: anj Value: dTM7k!M41.D>6NRF']wIg2IlfJ8MIN!@wnfH8K6pQK`!5=E<L5?%M12PszCb]#lx5>WR_9J^4jf[Wu`A8e<hu/0^!%nugO%v4VB%nox*5IrQ
.doubleclick.net/	1970-01-20 17:46:37	Name: ar_debug Value: 1
.redintelligence.net/	1970-01-20 19:13:01	Name: 8lcfmzhxc8d6_uid Value: 06ce6a5f9626016a
.awin1.com/	1970-01-20 17:13:30	Name: awpv11601 Value: 113440\|1703005433\|96ea70d0-9e90-11ee-b1a8-22396ad6a5ca
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 357526:3266505
.office-partner.de/	1970-01-21 02:39:25	Name: source Value: {"webgains_webgains":{"timestamp":1703005434016,"clickCookie":false}}

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5994599.fls.doubleclick.net
ad.doubleclick.net
ad4m.at
adservice.google.com
adv.office-partner.de
analytics.webgains.io
api.webgains.io
as.ad4m.at
assets.ad4m.at
bid.g.doubleclick.net
cdn.track.production.webgains.team
cm.g.doubleclick.net
connect.facebook.net
cse.google.com
csi.gstatic.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal900014.redintelligence.net
ib.adnxs.com
imasdk.googleapis.com
krank.de
login.app.dd58261f4c2eb9476784nalytics.vixan.de
medialead.de
pagead2.googlesyndication.com
platform.twitter.com
pv.medialead.de
r3---sn-5hne6n6l.c.2mdn.net
region1.google-analytics.com
static.addtoany.com
stats.g.doubleclick.net
syndication.twitter.com
tpc.googlesyndication.com
track.webgains.com
www.awin1.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
104.244.42.136
138.201.63.116
142.250.181.226
142.250.181.230
172.64.151.101
176.9.26.250
18.132.158.37
18.239.50.87
2001:4860:4802:32::36
216.58.206.38
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700:10::ac43:2794
2606:4700:20::681a:bd1
2a00:1450:4001:803::200a
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:811::2002
2a00:1450:4001:812::200e
2a00:1450:4001:813::2003
2a00:1450:4001:81c::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:830::200e
2a00:1450:4001:831::2002
2a00:1450:4001:831::2004
2a00:1450:4001:831::200a
2a00:1450:400c:c00::9c
2a00:1450:400e:1a::8
2a00:1450:4013:c05::5e
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a0b:4d07:102::1
3.9.60.26
35.204.103.237
37.252.172.123
52.222.139.14
62.116.173.69
74.125.133.154
91.121.248.44
92.123.148.9
94.23.99.218
042a9121e1c7bcdc3bfc48ed5e23b8dd1f64f375ef5872a5984e5d5096444702
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185
0ac3338ea07141915c27dc3c376ececa51364fda6191be42b721740a014ac7b2
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c6ba4901cfb68b03ca9a97ce1d7cbb688d6802c60819dd7cea0522aca8a0576
0db16c25165bfd35ea9114187f3e97d7084a33135cb56fe276f6cdd2ab675647
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
13b6217bed5c9d4a92d3c08bf8a088b329fbcff65c013405ffb4d6133a446612
14ec701dafa955b664bf1b9d5d3918498a8831c8de70fb265fe525fa268231d0
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
1fe6d9c86fdd5027d5612a2caa2648289b934cc7b8a324f32514c04eaf815644
28c5732eefa979245ff326045f37b6b7cdfc92385c594caea33e265e4a066c7b
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
2a4b31e3702b6aacfe4c4c0a665363d15d506cd440a7f3b9016c2eba1c1bb04f
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2bc5b6d2e8459d438a3ba116d12e11c71fa1c2deac8191dce05d5a40d125529f
2c058b31694d10c9b109f3bd8a1426e1b6d80da1e073248a5cee31faf8d1503b
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3170edff38c2485b3eef5da64b87f4a55e35300936fedc9269e9fcc85f0c1b49
320f88c7a9672864d92d9369cde081ba7c6e9a27cd0592755b011be432373882
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
390bb80c8ec894a3669df1522e5f88b9f1c2a7dc7b2a6aa39ea8a6401b1aea80
39e7b02b640ded5a95d93431b38dd4c2a920b5a454aa6d681f6896e48e8c6218
3c9e7e961c8ae48bc5c643637c1ca200f7b3752fb57419eec5cb51c78564aab3
41b43f64c3e5d7f9eca80634429adb1b8e0a1c5e1fe67ad71ec651a991ebfe68
426e16d014775c77916610f675f58880874c645817ed26d01873dde3466e6007
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cff9fb65fc83264255d86501f3999d43eb7e1ba9eebea778bb7420338711953
501efd26e0adb1b58e4e630bed3978be00907c298ebb68c6b3c12ba0ca435a0c
5175a4d7297bb1c8997e65e92b28efe48bdc1018a24abd57c8acb506a0518fb8
534ce8ca70861a23af8878f09f33e73005552e4886241e2f691ec08e9cf295a0
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5582bbf1c3b406ffdbd9e1d13670811b5ead487a3ca596426772bd33103822ed
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565592ede82822decb298ebd1e6f56e9c6a680b1a79cd4208513a834295e4c43
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
56797a8d28dc6d260778a8d84c1296f517ed4da1f354e761313b4dbb8f6a2db7
5a4192e762a449dfd6e63bee835e0941627223c9159e8219acdd01881a1ac175
5afae4fdead31c173a0ae121f7cb84909b3f7729fd7235930f22758f297910f2
5f5a0db09b2c7d59fce00d749f6b857d80edafcca6897c038c5b77fb942f1393
5f9175c9138f729ebc3a28f109226dce66bae4593d558ccc56a4ef8cc0e755ba
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
656a1eb296fbc789f057ee05bcffe0847e786f202cf53c5489db647b27693e97
6ac461a46dc723b32d3ea7a86ec702cd019d2f0d5a8f6ff682d95d8e278383ac
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
705ddd320c7afe5895ed0bb7438874918110baaaec1ad4b7da72bd13de82f96d
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18
732b57831fe378649456c0b82a607c55298567e12653ca2d63471ea748948d1d
74ec1e2bfcf647ccdeaf5b127294db846ee4a6f8ffd6c909d4938370d4187d1f
75566db55bca80de851ce94c7e86ac5ccc137e27695ce151b72441a55ae2d2eb
77fd2e01fe7322b437084ad512b3c3df777ce7d092b975eb8b29ecb4fb612187
7af18821617472a0b2215c925d3999c2c6be0cb8d39025b4f2202639da75e20e
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
844208d3f740c48ca14df4373b0d232cb9e81f3934b53114833ca717b03a90f5
85dc665d9f7d524c1d33a9fa6fe24b1492d9303b7c0d9fdfcdabd5b5845dc6a1
8b5587444fd8e5160f4c58a7b5a26596ba51724e702e31d5238b4a84532e9cb9
8bddaaa274cff5d99af7c41fc35887a3d4a095358ad6acc0bf4070916bd3c964
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
9858aba970f31a0ffac37a23df86b15aac549d4ad87adc33a3d11becc8325e67
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
9c67bd9283586303267078c965ea74d4f400c0f931b2a39f938eebcacd3bcbfb
9d7652564782396fa6413b79a9254c604a39e048ce295a039c7d3d9fa9c6bc00
9ee1397f4da0e0c981a979bc1ea43be1d0c28bf3619636df8ab9dc09fa770aaf
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a02263cf75c29f80fdb1b381769cd5ba8d13287b4c370eacb3bbd6df56a92912
a5402de70228d4bf5379b518225b702918f6ae277e9293f9d16334c2b1fa31e3
a83788811cd52eb54fe35da0ba0c1c034c692f1e745d08e31edc75448ed727b1
ab86f686b2e5133d5a05b7a94d1294ad711858e6aef9a931118ab1d8f1e2600d
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
adf617fd002c6a4d5e9961270bcb6b3933aff9b9212d3ae268da98d305b0032e
adf975f34a79e3892a2458d9815080b136b4a2bbeb97588918d05e2e360bec3a
af7e9bc6cdfb6091a82d22dbdf6405ba0b72d0f26774cdfa89e0dcdccaaeac4c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b199ed28ba39e8d3bdc0d2860b8f710808796f2c7272406178010428f509d397
b44947747e16c5ce4f198b661320eed400bdcd4b3c65ecd679abe7574ded43e5
b449768353265b429cd5cc5e3b273f9d8d905a5eea68fa304b6a80006fc706e3
b6e78fbf23f3b5acdb0417689397c8f2c49565422c94fbf585a12fd27d39cb92
b738bf74f1670331a09929a243b3e23ad16534d34ae62781d34467fd05545ba4
c257dd41ead6c70f0b5f1e3fd49b988f91a878578d6cb6746aeea2b41c8bb8cb
c7c56cd7ca8a63577040a1b8ca4dc8936a7068f5431cbeea37e61ff7de681ce8
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
d599fffe804273a7badc94f53d809094b40a9de15040a9a7af2e0648638a3996
d73a2da9645c4a8b90bc9e0b7540e05ee374ea8d0db34369fa79f5593b19df77
db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e1dc5baf8a68252c111ebb2597263b7f0f94a4bedc1bb9eb6a96fe7594fb034d
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5dfa36ef318ce3f9a9bd1ffcdf9fe06b47a145ff325219daad731d8514aee00
e688c863b85a28f75e5c1c7f21092f1f419649e10496f9f1fc36826112bbd348
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ed457c43bf5e002f0429c5f71befe741150044c568e5a58143f30bb7b67dd968
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fbc6bed540723f219a878e5735ae8cb1c05aa9f7012bf21870cd79e41af25bcd
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

krank.de Open in urlscan Pro 35.204.103.237 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

157 Requests

92 %HTTPS

56 %IPv6

25 Domains

43 Subdomains

39 IPs

8 Countries

2556 kBTransfer

7998 kBSize

21 Cookies

8 Outgoing links

Page URL History

Redirected requests

157 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

krank.de Open in urlscan Pro
35.204.103.237 Public Scan

Screenshot
Live screenshot

Full Image

157
Requests

92 %
HTTPS

56 %
IPv6

25
Domains

43
Subdomains

39
IPs

8
Countries

2556 kB
Transfer

7998 kB
Size

21
Cookies

157 HTTP transactions
3 data transactions