oatuu.org Open in urlscan Pro
159.69.15.250 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://oatuu.org/
Effective URL:
https://oatuu.org/
Submission: On July 31 via manual (July 31st 2023, 5:10:44 pm UTC) from US — Scanned from DE

Summary HTTP 144 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 27 IPs in 9 countries across 30 domains to perform 144 HTTP transactions. The main IP is 159.69.15.250, located in Germany and belongs to HETZNER-AS, DE. The main domain is oatuu.org.
TLS certificate: Issued by R3 on June 8th 2023. Valid for: 3 months.

This is the only time oatuu.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 21	159.69.15.250 159.69.15.250	24940 (HETZNER-AS) (HETZNER-AS)
15	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
35	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
2 5	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
12	2606:4700:20:... 2606:4700:20::ac43:4a81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:249... 2600:9000:2491:f000:1b:f040:3600:93a1	16509 (AMAZON-02) (AMAZON-02)
1	154.58.197.185 154.58.197.185	174 (COGENT-174) (COGENT-174)
1	2600:9000:210... 2600:9000:2104:8000:3:4706:a6c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	91.228.74.208 91.228.74.208	16509 (AMAZON-02) (AMAZON-02)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3 17	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1 1	64.227.64.62 64.227.64.62	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	70.42.32.127 70.42.32.127	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1 1	193.0.160.130 193.0.160.130	54312 (ROCKETFUEL) (ROCKETFUEL)
3 3	188.42.105.236 188.42.105.236	7979 (SERVERS-COM) (SERVERS-COM)
1	2a00:1450:400... 2a00:1450:4001:80b::2006	() ()
1	2606:4700:20:... 2606:4700:20::681a:71b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	46.228.164.11 46.228.164.11	() ()
2 2	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2	18.185.50.28 18.185.50.28	16509 (AMAZON-02) (AMAZON-02)
2 2	2a05:d018:d29... 2a05:d018:d29:3605:772d:4ded:ba46:e399	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.6.243 37.157.6.243	198622 (ADFORM) (ADFORM)
1	3.124.112.76 3.124.112.76	16509 (AMAZON-02) (AMAZON-02)
1	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
2	2606:4700:20:... 2606:4700:20::681a:bd1	() ()
1	18.135.127.129 18.135.127.129	() ()
144	27

21 159.69.15.250 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.250.15.69.159.clients.your-server.de

oatuu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2491:f000:1b:f040:3600:93a1 (United States)

ASN16509 (AMAZON-02, US)

ads.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 154.58.197.185 (Philippines)

ASN174 (COGENT-174, US)
PTR: staticip-hv4m185.hispavista.com

t.hspvst.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2104:8000:3:4706:a6c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cti.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.228.74.208 (United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 172.217.23.98 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f98.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.227.64.62 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 70.42.32.127 (United States) 2 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.130 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.42.105.236 (Luxembourg) 3 redirects

ASN7979 (SERVERS-COM, US)

sync.gonet-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2006 (None, )

ASN- ()

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:71b (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.228.164.11 (None, ) 1 redirects

ASN- ()

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.159.118 (Bad Durrheim, Germany) 2 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.185.50.28 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-50-28.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3605:772d:4ded:ba46:e399 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.243 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.124.112.76 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-112-76.eu-central-1.compute.amazonaws.com

i.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.251 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:bd1 (None, )

ASN- ()

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.135.127.129 (None, )

ASN- ()

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
50	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 130 tpc.googlesyndication.com — Cisco Umbrella Rank: 155	666 KB
33	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 cm.g.doubleclick.net — Cisco Umbrella Rank: 239	169 KB
21	oatuu.org 1 redirects oatuu.org	332 KB
14	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 31172 ad4m.at — Cisco Umbrella Rank: 10539 assets.ad4m.at	944 KB
5	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 3	1 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 213	281 KB
3	gonet-ads.com 3 redirects sync.gonet-ads.com — Cisco Umbrella Rank: 27685	1 KB
3	criteo.com dis.criteo.com — Cisco Umbrella Rank: 623	1 KB
3	w55c.net ads.w55c.net — Cisco Umbrella Rank: 14599 cti.w55c.net — Cisco Umbrella Rank: 4085 i.w55c.net — Cisco Umbrella Rank: 2360	118 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 607	1 KB
2	yahoo.com 2 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 466	1 KB
2	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 350	291 B
2	adition.com 2 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1613	1 KB
2	turn.com 1 redirects ad.turn.com r.turn.com	869 B
2	ad4mat.net static-de.ad4mat.net — Cisco Umbrella Rank: 165191 prod-rtb.ad4mat.net — Cisco Umbrella Rank: 134262	4 KB
2	zemanta.com 2 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 564	1 KB
2	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 802	796 B
1	webgains.com track.webgains.com
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 762	338 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 2157	173 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 379	265 B
1	2mdn.net s0.2mdn.net	490 B
1	rfihub.com 1 redirects a.rfihub.com — Cisco Umbrella Rank: 3338	1 KB
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2808	553 B
1	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 384	996 B
1	hspvst.com t.hspvst.com — Cisco Umbrella Rank: 181395	926 B
1	gstatic.com www.gstatic.com	14 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 79	2 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1196	600 B
0	awin1.com Failed www.awin1.com Failed
144	30

	Domain	Requested by
35	tpc.googlesyndication.com	pagead2.googlesyndication.com oatuu.org googleads.g.doubleclick.net tpc.googlesyndication.com
21	oatuu.org	1 redirects oatuu.org
17	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
16	googleads.g.doubleclick.net	pagead2.googlesyndication.com oatuu.org googleads.g.doubleclick.net
15	pagead2.googlesyndication.com	oatuu.org pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
6	assets.ad4m.at	as.ad4m.at
5	www.google.com	2 redirects tpc.googlesyndication.com googleads.g.doubleclick.net
5	www.googletagservices.com	oatuu.org googleads.g.doubleclick.net
4	ad4m.at	as.ad4m.at ad4m.at
4	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
3	sync.gonet-ads.com	3 redirects
3	dis.criteo.com	googleads.g.doubleclick.net
2	c1.adform.net	2 redirects
2	pr-bh.ybp.yahoo.com	2 redirects
2	x.bidswitch.net	googleads.g.doubleclick.net
2	dsp.adfarm1.adition.com	2 redirects
2	b1sync.zemanta.com	2 redirects
2	cms.quantserve.com	1 redirects googleads.g.doubleclick.net
1	track.webgains.com	as.ad4m.at
1	onetag-sys.com	1 redirects
1	tr.blismedia.com	googleads.g.doubleclick.net
1	match.adsrvr.org	googleads.g.doubleclick.net
1	prod-rtb.ad4mat.net	googleads.g.doubleclick.net
1	i.w55c.net	googleads.g.doubleclick.net
1	r.turn.com
1	ad.turn.com	1 redirects
1	static-de.ad4mat.net	as.ad4m.at
1	s0.2mdn.net
1	a.rfihub.com	1 redirects
1	match.adsby.bidtheatre.com	1 redirects
1	px.ads.linkedin.com	1 redirects
1	cti.w55c.net	googleads.g.doubleclick.net
1	t.hspvst.com	googleads.g.doubleclick.net
1	ads.w55c.net	googleads.g.doubleclick.net
1	www.gstatic.com	googleads.g.doubleclick.net
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
0	www.awin1.com Failed	as.ad4m.at
144	38

This site contains links to these domains. Also see Links.

Domain
ytmp3.page

Subject Issuer	Validity	Valid
oatuu.org R3	`2023-06-08` - `2023-09-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-07` - `2024-05-06`	a year	crt.sh
ads.w55c.net Amazon RSA 2048 M02	`2023-07-19` - `2024-08-16`	a year	crt.sh
*.hspvst.com Gandi Standard SSL CA 2	`2022-12-12` - `2023-12-09`	a year	crt.sh
*.w55c.net Amazon RSA 2048 M02	`2023-05-29` - `2024-06-25`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2023-07-31` - `2023-10-29`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-06-09` - `2023-09-07`	3 months	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh

This page contains 23 frames:

Primary Page: https://oatuu.org/
Frame ID: 2A19C50355C1349C209DC65AFB14AEA9
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20190131/zrt_lookup.html
Frame ID: 43DBD3E7F0D683B0DC564E9EC21CCE7E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3634999250096065&output=html&adk=1812271804&adf=3025194257&lmt=1690823439&plat=3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x1080_r&format=0x0&url=https%3A%2F%2Foatuu.org%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690823438931&bpp=6&bdt=349&idt=333&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8570523530761&frm=20&pv=2&ga_vid=815090737.1690823439&ga_sid=1690823439&ga_hid=1719278672&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076088%2C31076483%2C44788442%2C44796632%2C44798156&oid=2&pvsid=1029501597027859&tmod=47417270&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=381
Frame ID: 13948AB78E2C325F2467FC41463C6C99
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3634999250096065&output=html&h=280&adk=202424628&adf=4235140782&pi=t.aa~a.3867267941~i.35~rp.4&w=800&fwrn=4&fwrnh=100&lmt=1690823440&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7917813666&ad_type=text_image&format=800x280&url=https%3A%2F%2Foatuu.org%2F&fwr=0&pra=3&rh=200&rw=800&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690823440279&bpp=3&bdt=1698&idt=3&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1d50d67b1c2a0c7a-22d438ca29e30005%3AT%3D1690823439%3ART%3D1690823439%3AS%3DALNI_MaDJbualFQCt2O0Mx4YjSKDf92Xpw&gpic=UID%3D00000d34b4b593f5%3AT%3D1690823439%3ART%3D1690823439%3AS%3DALNI_Mb03PC-y9t69B01HCvfyuxM8sBKXw&prev_fmts=0x0&nras=2&correlator=8570523530761&frm=20&pv=1&ga_vid=815090737.1690823439&ga_sid=1690823439&ga_hid=1719278672&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=220&ady=4429&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076088%2C31076483%2C44788442%2C44796632%2C44798156&oid=2&pvsid=1029501597027859&tmod=47417270&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=6dl1E7Xtvk&p=https%3A//oatuu.org&dtd=9
Frame ID: 1FDED8E98F44758B559A318C20992BCB
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3634999250096065&output=html&h=600&adk=2072332743&adf=76851998&pi=t.aa~a.3734439331~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1690823440&rafmt=1&to=qs&pwprc=7917813666&format=300x600&url=https%3A%2F%2Foatuu.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690823440342&bpp=1&bdt=1760&idt=-M&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1d50d67b1c2a0c7a-22d438ca29e30005%3AT%3D1690823439%3ART%3D1690823439%3AS%3DALNI_MaDJbualFQCt2O0Mx4YjSKDf92Xpw&gpic=UID%3D00000d34b4b593f5%3AT%3D1690823439%3ART%3D1690823439%3AS%3DALNI_Mb03PC-y9t69B01HCvfyuxM8sBKXw&prev_fmts=0x0%2C800x280&nras=3&correlator=8570523530761&frm=20&pv=1&ga_vid=815090737.1690823439&ga_sid=1690823439&ga_hid=1719278672&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1402&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076088%2C31076483%2C44788442%2C44796632%2C44798156&oid=2&pvsid=1029501597027859&tmod=47417270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=q3yg7VZiXm&p=https%3A//oatuu.org&dtd=12
Frame ID: 7422108BB23C413E83FEEB367CBC8CE0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3634999250096065&output=html&h=600&adk=2072332743&adf=4062780367&pi=t.aa~a.3186878767~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1690823440&rafmt=1&to=qs&pwprc=7917813666&format=300x600&url=https%3A%2F%2Foatuu.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690823440342&bpp=1&bdt=1761&idt=1&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1d50d67b1c2a0c7a-22d438ca29e30005%3AT%3D1690823439%3ART%3D1690823439%3AS%3DALNI_MaDJbualFQCt2O0Mx4YjSKDf92Xpw&gpic=UID%3D00000d34b4b593f5%3AT%3D1690823439%3ART%3D1690823439%3AS%3DALNI_Mb03PC-y9t69B01HCvfyuxM8sBKXw&prev_fmts=0x0%2C800x280%2C300x600&nras=4&correlator=8570523530761&frm=20&pv=1&ga_vid=815090737.1690823439&ga_sid=1690823439&ga_hid=1719278672&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=2417&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076088%2C31076483%2C44788442%2C44796632%2C44798156&oid=2&pvsid=1029501597027859&tmod=47417270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=QQ74Fvac0e&p=https%3A//oatuu.org&dtd=22
Frame ID: D2A61458925933E2C5A21E7CA772BCCA
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1
Frame ID: 83CE8A9EA4A99FEDE896DF599AB7EC8B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1
Frame ID: EBAF04FA2F1F12958C262654169F1A07
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12778012691870549939/index.html
Frame ID: EC8CC32EA60840F52FFD5E3E3CF39F34
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/abg_lite_fy2021.js
Frame ID: 937758555214CB5BE946822DDCD6CD06
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: D05CE79189B6E29AFA2D12FD9822B07C
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C31A1BC2EAE113F22E9612D1AF4CE9F6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E234042027644FE887133B7820BD00E8
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1h7ge563djadg64gx04p8s0hnmvdnwwyn96eahdqk2s7ef2gn9fm77bczvrtvqwjvm2daezj40ayzbqxxa33jyjasrrpjz0xzzntx7jr652m038sejkc9tzf55hv8gcabc90yng3vb7rszfaw3jcby0fermbr8jqvp12ckp6sm5xd76cq10z7ce798zvyawvqw9ej57f9j2z5w1sw0f21h7vtwc4jrjjffxshhz21spv2jvarf054m5q2svgp5qdqb30vv19b5b2x6n4pna73w2d97vq8rzrttrhqqjkjxpsd48zvg811ytdxqp14n9fkpg13tn69bjyde4y1p8tq4xr8w1pbyfmwd77c9mvh0gxppj887vs6bvpcaqefn7ra0f84cmfs9gp3kvdbfrm40jmytqwn6xwzk1kdb92ahr5spee6s3k7zbt38stn24g744mzgfs1w&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCImntEOvHZPeqGoibygX-obrIB5DhgYRctqjCivACwI23ARABIABgoQKCARdjYS1wdWItMzYzNDk5OTI1MDA5NjA2NcgBCakC-EeJzJ1_sj6oAwHIAwKqBLwBT9AdcnMcCfsES1GODxto3FuqYfCdSwLJEm4woOndg86GSi7eZ71PN-9USsUWyqpXgcibL9kw_G67KpEncrYkJ36rUAnf5xQxchy0VXDv2_e9dcUkLjqOkBrjJZ2_8ua2Hq4mCpTLCSlcJ6sPDdwBSBJVQK-KuD2kKWUQ4Jw7T_9U1fqsOOUr3uoMU5TLPzRuQO-87E6yfGoPMmRDYJNcwhiPnz9coHR7IPeDZfgnBSMYBtMmgjJUR4D-xVWABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3HWP8rXTGZ7HPfkcIClpkYKBPV6Q%26client%3Dca-pub-3634999250096065%26adurl%3D
Frame ID: 849D7FE3785524CE9F3FE355F08E6C41
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/window_focus_fy2021.js
Frame ID: 3E86912ADDF6667E7F076A6C4F53BD77
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 291B6A7E66BFFB5AA028E122EFEC50D5
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js
Frame ID: 89F211378136128C53767DF2ABDAED30
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 9FE896820CBF613D9C2D0826DA7D2480
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CBAF8C74BC42FDA6BFB04CA598AF5E59
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: F389CE4E17E4A026F299EF2ACF592E3E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 73477BAB3040EECB3C68B76EC7366590
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js
Frame ID: 19185C185DAA70DA451AE6A1D27CF782
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=197862%2C14019%2C19769&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ%2C8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5%2CZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=160&d=600&e=&g=293cd94b600d34d2205de1c34cd031c7%2F13338568988728896521&i=71725%2C21596%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1690823442138&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g1kgac58shx4767wx680dbc68ke69yawdc34qfhg8stqtk2adj2bqzwcnrv7m6wgp07yn21xp1wxqcbs8fe1jf5hdqw83ph2k5y2j6ct6zd6wqz87ymtsqjg539cpvn8j813tvwx8hp5h1e20qmne6yr6wzhy3tgkbkr1et9dnsha21c73jwmz1jmf95n6v5edp1g9ymv730hzy8g0heqr80htg2xcn8jqktcvhe9dgax17kmzbqqg04ycdy3e1qamv0t7fabepch49483r5fyd%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCImntEOvHZPeqGoibygX-obrIB5DhgYRctqjCivACwI23ARABIABgoQKCARdjYS1wdWItMzYzNDk5OTI1MDA5NjA2NcgBCakC-EeJzJ1_sj6oAwHIAwKqBLwBT9AdcnMcCfsES1GODxto3FuqYfCdSwLJEm4woOndg86GSi7eZ71PN-9USsUWyqpXgcibL9kw_G67KpEncrYkJ36rUAnf5xQxchy0VXDv2_e9dcUkLjqOkBrjJZ2_8ua2Hq4mCpTLCSlcJ6sPDdwBSBJVQK-KuD2kKWUQ4Jw7T_9U1fqsOOUr3uoMU5TLPzRuQO-87E6yfGoPMmRDYJNcwhiPnz9coHR7IPeDZfgnBSMYBtMmgjJUR4D-xVWABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3HWP8rXTGZ7HPfkcIClpkYKBPV6Q%2526client%253Dca-pub-3634999250096065%2526adurl%253D&y=1&s=&z=0
Frame ID: B71AC80DFBBC469D22C71A626F76282C
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Trade Union's Guide to Music and Education for Children - OATUU

Page URL History Show full URLs

http://oatuu.org/ HTTP 301
https://oatuu.org/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

144
Requests

90 %
HTTPS

46 %
IPv6

30
Domains

38
Subdomains

27
IPs

9
Countries

2535 kB
Transfer

5077 kB
Size

27
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://ytmp3.page/tmp/
Title: ytmp3

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://oatuu.org/ HTTP 301
https://oatuu.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 58

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 71

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEGCBN-OZD5-o08V2KA2-ZB4&google_cver=1&google_push=AaAOQGFJjLRIJYJOU_Yqvqd-WMEGmsFKLqC900rxnarVlAYMAeC-F_PKBUPTNBhlJb1CxwAYS6DX4h9awbH0csHLXB9_YsVHdJKTQuM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AaAOQGFJjLRIJYJOU_Yqvqd-WMEGmsFKLqC900rxnarVlAYMAeC-F_PKBUPTNBhlJb1CxwAYS6DX4h9awbH0csHLXB9_YsVHdJKTQuM

Request Chain 72

https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEIFRgwfgz9hBUqoPVfcLnt4&google_cver=1&google_push=AaAOQGEjcH5zd9Qlpni5IKdPUSR_OYdUEAVdqP1SYhIodWBusSYnwy0Ntql-qXeSwNuO0JKWwyvb5d9EYHiM3QWl2kkooPuB4W1E1GY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AaAOQGEjcH5zd9Qlpni5IKdPUSR_OYdUEAVdqP1SYhIodWBusSYnwy0Ntql-qXeSwNuO0JKWwyvb5d9EYHiM3QWl2kkooPuB4W1E1GY

Request Chain 74

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEP12xwJu0ZhD7nNEl6SCoM0&google_cver=1&google_push=AaAOQGFYgRE0mJ-IlSzYAI7I_Al0ZZCl7gyzeVYYN9hCmAiWjQWEp2-ypgijyNU98eHZDDcOn_t1sYvAOeswy6yTH33j0wL3_o88Kuk HTTP 302
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEP12xwJu0ZhD7nNEl6SCoM0&google_push=AaAOQGFYgRE0mJ-IlSzYAI7I_Al0ZZCl7gyzeVYYN9hCmAiWjQWEp2-ypgijyNU98eHZDDcOn_t1sYvAOeswy6yTH33j0wL3_o88Kuk&s=2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AaAOQGFYgRE0mJ-IlSzYAI7I_Al0ZZCl7gyzeVYYN9hCmAiWjQWEp2-ypgijyNU98eHZDDcOn_t1sYvAOeswy6yTH33j0wL3_o88Kuk&google_hm=LTN6ak1nQmFRNjJ0R1JZRm1IYUc=

Request Chain 75

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEGh7NW6a3fLEUI95lDSjitY&google_cver=1&google_push=AaAOQGH66Iwx_Rirl--gpz_a_13G4Kx2kQqtK1WAZmfgqDqNmWJC97s_pJawoRoJJvtQjLPPLc0Qy5qoy0XvJbrJVc2vFIL9kuzvbyIN HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AaAOQGH66Iwx_Rirl--gpz_a_13G4Kx2kQqtK1WAZmfgqDqNmWJC97s_pJawoRoJJvtQjLPPLc0Qy5qoy0XvJbrJVc2vFIL9kuzvbyIN&google_hm=MzAxMTE0NTYyNzQwMjgyMDg1Mw==

Request Chain 76

https://sync.gonet-ads.com/match/google?google_gid=CAESEPBiVCcwFVdoSaImpRufgfM&google_cver=1&google_push=AaAOQGE1hf-mk1tXkMtH6bVKq_eQCvu9_GI0-NabL2yktgjaOUj1db23Ar0m1uKR-gUpnL0_SiQrZZJMKts6umcqC6f2OGfhQwOlcj6C HTTP 302
https://sync.gonet-ads.com/match/google?google_gid=CAESEPBiVCcwFVdoSaImpRufgfM&google_cver=1&google_push=AaAOQGE1hf-mk1tXkMtH6bVKq_eQCvu9_GI0-NabL2yktgjaOUj1db23Ar0m1uKR-gUpnL0_SiQrZZJMKts6umcqC6f2OGfhQwOlcj6C&chk=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=Njk0YTJjMjk3MzRjN2M4Mw&google_push=AaAOQGE1hf-mk1tXkMtH6bVKq_eQCvu9_GI0-NabL2yktgjaOUj1db23Ar0m1uKR-gUpnL0_SiQrZZJMKts6umcqC6f2OGfhQwOlcj6C HTTP 302
https://sync.gonet-ads.com/match/google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=Njk0YTJjMjk3MzRjN2M4Mw&google_push= HTTP 302
https://s0.2mdn.net/dot.gif?google_error=5

Request Chain 110

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEF9rjJ2XNV86JCkrwRcxTdM&google_cver=1&google_push=AaAOQGEfuNrhKXUIk7KhJgoORau3Enb74-bEitRiwKZCxCdJ_iihmsNaolT9vBl3FjMeb_IkUo8ez9uLJdLOW1SzudFM5pIfNXN17s69 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzU0MDgyODQ1NzExMTE2MjA5MQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEF9rjJ2XNV86JCkrwRcxTdM&google_cver=1

Request Chain 111

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEN4ydNxQhkd7WxpyvOM9Y7w&google_cver=1&google_push=AaAOQGHnfVpi7pnB0oJdQcvEtZB-4S5lZJt_UqMPqMdrCrZr9ERM7e2EmtFeY125D3zHRYtjfbqyPwAs_O1hPMzFqXD8cfGcRXx0ujM HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AaAOQGHnfVpi7pnB0oJdQcvEtZB-4S5lZJt_UqMPqMdrCrZr9ERM7e2EmtFeY125D3zHRYtjfbqyPwAs_O1hPMzFqXD8cfGcRXx0ujM&google_hm=bKwy-D3qh_5NU4n1EvzkTw

Request Chain 112

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESELiw5QCAdn4-LoNS7Q6SXyk&google_cver=1&google_push=AaAOQGHuus3ULyjWSKtP1hFj-Gjm8aZ6sy5BZLFJUM7vTlD6KPokQ7SvRyWOsVjmwWzG3-zMXvfpsK2Nw5FKY8JKdta_MihLmlpQLZcp HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI2MjAzMTM4MjQyODcxMTA1Mw%3D%3D&google_push=AaAOQGHuus3ULyjWSKtP1hFj-Gjm8aZ6sy5BZLFJUM7vTlD6KPokQ7SvRyWOsVjmwWzG3-zMXvfpsK2Nw5FKY8JKdta_MihLmlpQLZcp

Request Chain 114

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEN0T8TsX3LXdjIWZYjwjIc0&google_cver=1&google_push=AaAOQGHdR-_juTK2JygyQl_GDgsgPJibYXtEPqPozjmyu96w8J21ho673rkI9FRrNjF5GQNhjbdfdFHf8pTfmc80Y7TO4EWadkfD0RUC HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGHdR-_juTK2JygyQl_GDgsgPJibYXtEPqPozjmyu96w8J21ho673rkI9FRrNjF5GQNhjbdfdFHf8pTfmc80Y7TO4EWadkfD0RUC&google_hm=eS1DV1RGNFl4RTJwSEYuUVBBMWNmaF84QjNlU0pFOU16Tn5B

Request Chain 116

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMRrquUMVs2Te9Us8yIDy6U&google_cver=1&google_push=AaAOQGHqhpcYLZqYE2YyqqFTiV2F5VcaMF068uF1zDuUOFnTT2FNkKjv23J6PsADrpIMSUt8j_dubQFw2CmtLq75WvGAmionEeldv0XL HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMRrquUMVs2Te9Us8yIDy6U&google_cver=1&google_push=AaAOQGHqhpcYLZqYE2YyqqFTiV2F5VcaMF068uF1zDuUOFnTT2FNkKjv23J6PsADrpIMSUt8j_dubQFw2CmtLq75WvGAmionEeldv0XL HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTEwMDU3NDcyMjA2MzcxMTcxNA&google_push=AaAOQGHqhpcYLZqYE2YyqqFTiV2F5VcaMF068uF1zDuUOFnTT2FNkKjv23J6PsADrpIMSUt8j_dubQFw2CmtLq75WvGAmionEeldv0XL

Request Chain 122

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 126

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEHS3HhFn2o3KLzwcSxs2sB0&google_cver=1&google_push=AaAOQGF1kCLqzLfJqi0Cf6hfuOzJ9GWnTrJ4krOyOKtBVxAH2vCDqBB-Etv06fZrLIHlQgZV3X2mgaI7-mGHYGq-ddqunIj1TX3_Zbc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI2MjAzMTM4MjQyODcxMTA1Mw%3D%3D&google_push=AaAOQGF1kCLqzLfJqi0Cf6hfuOzJ9GWnTrJ4krOyOKtBVxAH2vCDqBB-Etv06fZrLIHlQgZV3X2mgaI7-mGHYGq-ddqunIj1TX3_Zbc

Request Chain 128

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFVPp6J3jVGG79J1cHAZjYo&google_cver=1&google_push=AaAOQGFj8i3XOrJSY09GxsWLqfTdUfVaoCPqWWf7AlZDSVuMf15hhZDyqDfToQhBKWBZ19oNEYpOLLum-ugpzHneMFbzrQ-FT9uyIow HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGFj8i3XOrJSY09GxsWLqfTdUfVaoCPqWWf7AlZDSVuMf15hhZDyqDfToQhBKWBZ19oNEYpOLLum-ugpzHneMFbzrQ-FT9uyIow&google_hm=eS16bWIxQmdaRTJwR2NFNXR2UFpKak84dlZTUXk0d05IMH5B

Request Chain 130

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEMGLPbIb84Hq_JZWo39XckY&google_cver=1&google_push=AaAOQGGNdZzkkwHoJE4hwMGExJMXMnyeCZCIoct6ZmD93x22wptGN43CYt3QFABEQHgdDKD0cdoL8rt91WbFLMUpKwp85yLlBmsJhw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGGNdZzkkwHoJE4hwMGExJMXMnyeCZCIoct6ZmD93x22wptGN43CYt3QFABEQHgdDKD0cdoL8rt91WbFLMUpKwp85yLlBmsJhw

144 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
oatuu.org/
Redirect Chain

http://oatuu.org/
https://oatuu.org/

85 KB
19 KB

1232ms
193ms

Document
text/html

159.69.15.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://oatuu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 159.69.15.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.15.69.159.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 312114499c9ee55a86d7b541d9335bf9871248362dcc40acbd44663a2daa2bc6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 31 Jul 2023 17:10:38 GMT
link: <https://oatuu.org/wp-json/>; rel="https://api.w.org/" <https://oatuu.org/wp-json/wp/v2/pages/13>; rel="alternate"; type="application/json" <https://oatuu.org/>; rel=shortlink
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding
x-litespeed-tag: e1a_HTTP.200,e1a_PGSRP

Redirect headers

Connection: keep-alive
Content-Length: 178
Content-Type: text/html
Date: Mon, 31 Jul 2023 17:10:37 GMT
Location: https://oatuu.org/
Server: nginx/1.18.0 (Ubuntu)

GET
H2 200 style.min.css
oatuu.org/wp-includes/css/dist/block-library/ 95 KB
13 KB 13ms
12ms Stylesheet
text/css 159.69.15.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://oatuu.org/wp-includes/css/dist/block-library/style.min.css?ver=6.2.2
Requested by: Host: oatuu.org
URL: https://oatuu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 159.69.15.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.15.69.159.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oatuu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 17:10:38 GMT
content-encoding: gzip
last-modified: Thu, 30 Mar 2023 15:07:08 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"6425a59c-17ced"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 classic-themes.min.css
oatuu.org/wp-includes/css/ 291 B
423 B 13ms
12ms Stylesheet
text/css 159.69.15.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://oatuu.org/wp-includes/css/classic-themes.min.css?ver=6.2.2
Requested by: Host: oatuu.org
URL: https://oatuu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 159.69.15.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.15.69.159.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oatuu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 17:10:38 GMT
last-modified: Thu, 30 Mar 2023 15:07:08 GMT
server: nginx/1.18.0 (Ubuntu)
accept-ranges: bytes
etag: "6425a59c-123"
content-length: 291
content-type: text/css

GET
H2 200 wp-show-posts-min.css
oatuu.org/wp-content/plugins/wp-show-posts/css/ 3 KB
1 KB 14ms
13ms Stylesheet
text/css 159.69.15.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://oatuu.org/wp-content/plugins/wp-show-posts/css/wp-show-posts-min.css?ver=1.1.4
Requested by: Host: oatuu.org
URL: https://oatuu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 159.69.15.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.15.69.159.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: b6c98830eda91aabaa34aa286c07b90ac239a8ab887430430d070f1e87f22b96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oatuu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 17:10:38 GMT
content-encoding: gzip
last-modified: Tue, 31 Jan 2023 14:16:40 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"63d922c8-d9d"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 style.css
oatuu.org/wp-content/themes/squaretype/ 222 KB
31 KB 21ms
20ms Stylesheet
text/css 159.69.15.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://oatuu.org/wp-content/themes/squaretype/style.css?ver=3.0.7
Requested by: Host: oatuu.org
URL: https://oatuu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 159.69.15.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.15.69.159.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: d5334ba3a0c967b6606b090ae1c583eb9e93c53d59f63f8f716897fe3f63c184

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oatuu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 17:10:38 GMT
content-encoding: gzip
last-modified: Tue, 04 Jul 2023 17:25:33 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"64a4560d-3793c"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 jquery.min.js Show response
oatuu.org/wp-includes/js/jquery/ 88 KB
31 KB 23ms
22ms Script
application/javascript 159.69.15.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://oatuu.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.4
Requested by: Host: oatuu.org
URL: https://oatuu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 159.69.15.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.15.69.159.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oatuu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 17:10:38 GMT
content-encoding: gzip
last-modified: Thu, 30 Mar 2023 15:07:08 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"6425a59c-15ed7"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 jquery-migrate.min.js Show response
oatuu.org/wp-includes/js/jquery/ 13 KB
5 KB 28ms
27ms Script
application/javascript 159.69.15.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://oatuu.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0
Requested by: Host: oatuu.org
URL: https://oatuu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 159.69.15.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.15.69.159.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oatuu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 17:10:38 GMT
content-encoding: gzip
last-modified: Thu, 30 Mar 2023 15:07:08 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"6425a59c-3470"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 153 KB
52 KB 178ms
92ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3634999250096065

Requested by

Host: oatuu.org
URL: https://oatuu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abdd72ab7cad073d9ea4bae38c13ef78542f612c293b80665c374bfbf41a86f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://oatuu.org/
Origin: https://oatuu.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 17:10:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52496
x-xss-protection: 0
server: cafe
etag: 12816812563693748395
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 31 Jul 2023 17:10:38 GMT

GET
H2 200 cropped-logo-oatuu.png
oatuu.org/wp-content/uploads/2023/03/ 5 KB
5 KB 13ms
12ms Image
image/png 159.69.15.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://oatuu.org/wp-content/uploads/2023/03/cropped-logo-oatuu.png
Requested by: Host: oatuu.org
URL: https://oatuu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 159.69.15.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.15.69.159.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 8981d6057e1d3ec281dd1a03e023e1a61465a2e3b31170bc31f40def12e9b547

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oatuu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 17:10:38 GMT
last-modified: Thu, 23 Mar 2023 21:50:36 GMT
server: nginx/1.18.0 (Ubuntu)
accept-ranges: bytes
etag: "641cc9ac-14cb"
content-length: 5323
content-type: image/png

GET
H2 200 index.js Show response
oatuu.org/wp-content/plugins/contact-form-7/includes/swv/js/ 10 KB
3 KB 11ms
10ms Script
application/javascript 159.69.15.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://oatuu.org/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.7
Requested by: Host: oatuu.org
URL: https://oatuu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 159.69.15.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.15.69.159.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 52db930f81d97113dde679cac624cb5435b56d4ac486e91a0b6692d2cb615a84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oatuu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 17:10:38 GMT
content-encoding: gzip
last-modified: Wed, 31 May 2023 09:14:32 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"64770ff8-2801"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 index.js Show response
oatuu.org/wp-content/plugins/contact-form-7/includes/js/ 13 KB
4 KB 11ms
11ms Script
application/javascript 159.69.15.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://oatuu.org/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.7
Requested by: Host: oatuu.org
URL: https://oatuu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 159.69.15.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.15.69.159.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oatuu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 17:10:38 GMT
content-encoding: gzip
last-modified: Wed, 31 May 2023 09:14:32 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"64770ff8-328f"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 imagesloaded.min.js Show response
oatuu.org/wp-includes/js/ 5 KB
2 KB 11ms
9ms Script
application/javascript 159.69.15.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://oatuu.org/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Requested by: Host: oatuu.org
URL: https://oatuu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 159.69.15.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.15.69.159.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oatuu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 17:10:38 GMT
content-encoding: gzip
last-modified: Fri, 20 Jan 2023 10:07:12 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"63ca67d0-15fd"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 colcade.js Show response
oatuu.org/wp-content/themes/squaretype/js/ 9 KB
3 KB 11ms
10ms Script
application/javascript 159.69.15.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://oatuu.org/wp-content/themes/squaretype/js/colcade.js?ver=0.2.0
Requested by: Host: oatuu.org
URL: https://oatuu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 159.69.15.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.15.69.159.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 671109482151e1dd0e4e1cd6b99f02602cf0fa90e857f134ffee045a82cee848

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oatuu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 17:10:38 GMT
content-encoding: gzip
last-modified: Tue, 04 Jul 2023 17:25:33 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"64a4560d-2529"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 ofi.min.js Show response
oatuu.org/wp-content/themes/squaretype/js/ 3 KB
2 KB 12ms
10ms Script
application/javascript 159.69.15.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://oatuu.org/wp-content/themes/squaretype/js/ofi.min.js?ver=3.2.3
Requested by: Host: oatuu.org
URL: https://oatuu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 159.69.15.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.15.69.159.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 37217cfedb39356d2a0fd317e4a8ee87d225f4364e3afc7473ab5a8e7d97ec64

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oatuu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 17:10:38 GMT
content-encoding: gzip
last-modified: Tue, 04 Jul 2023 17:25:33 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"64a4560d-cdb"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 scripts.js Show response
oatuu.org/wp-content/themes/squaretype/js/ 43 KB
11 KB 13ms
11ms Script
application/javascript 159.69.15.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://oatuu.org/wp-content/themes/squaretype/js/scripts.js?ver=3.0.7
Requested by: Host: oatuu.org
URL: https://oatuu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 159.69.15.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.15.69.159.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 94a8263818c4f334dfaa61597db2b0cacaa6b32cf49b5971054c2d01a5ec070d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oatuu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 17:10:38 GMT
content-encoding: gzip
last-modified: Tue, 04 Jul 2023 17:25:33 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"64a4560d-accc"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 wp-emoji-release.min.js Show response
oatuu.org/wp-includes/js/ 18 KB
5 KB 13ms
13ms Script
application/javascript 159.69.15.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://oatuu.org/wp-includes/js/wp-emoji-release.min.js?ver=6.2.2
Requested by: Host: oatuu.org
URL: https://oatuu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 159.69.15.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.15.69.159.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oatuu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 17:10:38 GMT
content-encoding: gzip
last-modified: Thu, 30 Mar 2023 15:07:08 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"6425a59c-4904"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 icons.ttf
oatuu.org/wp-content/themes/squaretype/css/icons/ 13 KB
13 KB 10ms
9ms Font
application/octet-stream 159.69.15.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://oatuu.org/wp-content/themes/squaretype/css/icons/icons.ttf
Requested by: Host: oatuu.org
URL: https://oatuu.org/wp-content/themes/squaretype/style.css?ver=3.0.7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 159.69.15.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.15.69.159.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 75f54230555d30c4d0eae3e6d07cec3e278d8b2e89e57c37a7740fa3b66a0565

Request headers

Referer: https://oatuu.org/wp-content/themes/squaretype/style.css?ver=3.0.7
Origin: https://oatuu.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 17:10:38 GMT
last-modified: Tue, 04 Jul 2023 17:25:33 GMT
server: nginx/1.18.0 (Ubuntu)
accept-ranges: bytes
etag: "64a4560d-344c"
content-length: 13388
content-type: application/octet-stream

GET
H2 200 hg-grotesk-700.woff2
oatuu.org/wp-content/themes/squaretype/css/fonts/ 34 KB
34 KB 10ms
10ms Font
application/octet-stream 159.69.15.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://oatuu.org/wp-content/themes/squaretype/css/fonts/hg-grotesk-700.woff2
Requested by: Host: oatuu.org
URL: https://oatuu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 159.69.15.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.15.69.159.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d74aa15684dbebfdd8d4cd6813e443406c3e7de42d2f5bc12a79e60af627b22

Request headers

Referer: https://oatuu.org/
Origin: https://oatuu.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 17:10:38 GMT
last-modified: Tue, 04 Jul 2023 17:25:33 GMT
server: nginx/1.18.0 (Ubuntu)
accept-ranges: bytes
etag: "64a4560d-880c"
content-length: 34828
content-type: application/octet-stream

GET
H2 200 hg-grotesk-500.woff2
oatuu.org/wp-content/themes/squaretype/css/fonts/ 35 KB
35 KB 11ms
11ms Font
application/octet-stream 159.69.15.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://oatuu.org/wp-content/themes/squaretype/css/fonts/hg-grotesk-500.woff2
Requested by: Host: oatuu.org
URL: https://oatuu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 159.69.15.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.15.69.159.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 5f68209356839610d4b9bbf5a522130858fb1c1172a4f72fa76406f4ecb2f650

Request headers

Referer: https://oatuu.org/
Origin: https://oatuu.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 17:10:38 GMT
last-modified: Tue, 04 Jul 2023 17:25:33 GMT
server: nginx/1.18.0 (Ubuntu)
accept-ranges: bytes
etag: "64a4560d-8a68"
content-length: 35432
content-type: application/octet-stream

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlE92JQEk.woff
oatuu.org/wp-content/fonts/poppins/ 10 KB
10 KB 10ms
9ms Font
application/font-woff 159.69.15.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://oatuu.org/wp-content/fonts/poppins/pxiByp8kv8JHgFVrLCz7Z1xlE92JQEk.woff
Requested by: Host: oatuu.org
URL: https://oatuu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 159.69.15.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.15.69.159.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 630ac4e1f57654d1b617f454e401526e56b8dbae8f27786b7e152c25208dfd1f

Request headers

Referer: https://oatuu.org/
Origin: https://oatuu.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 17:10:38 GMT
last-modified: Tue, 04 Jul 2023 17:36:57 GMT
server: nginx/1.18.0 (Ubuntu)
accept-ranges: bytes
etag: "64a458b9-28c0"
content-length: 10432
content-type: application/font-woff

GET
H2 200 piano-g4cf6ca8d0_640.jpg
oatuu.org/wp-content/uploads/2023/04/ 104 KB
105 KB 12ms
10ms Image
image/jpeg 159.69.15.250
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://oatuu.org/wp-content/uploads/2023/04/piano-g4cf6ca8d0_640.jpg
Requested by: Host: oatuu.org
URL: https://oatuu.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 159.69.15.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.250.15.69.159.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 99aca0ded905748ef672c04dcc995cf80b27947c8169f68852b17c4a3445d678

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oatuu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 17:10:38 GMT
last-modified: Mon, 24 Apr 2023 04:50:26 GMT
server: nginx/1.18.0 (Ubuntu)
accept-ranges: bytes
etag: "64460a92-1a18c"
content-length: 106892
content-type: image/jpeg

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/ 363 KB
125 KB 214ms
123ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3634999250096065&plah=oatuu.org

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3634999250096065

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00ea45d07c8a1aa90a93c81fbc5e13b4b2bbd90fd0060247a6cf3bba348b73f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oatuu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 17:10:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127310
x-xss-protection: 0
server: cafe
etag: 17840782299869856122
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 31 Jul 2023 17:10:39 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230726/r20190131/ Frame 43DB 10 KB
5 KB 123ms
38ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230726/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3634999250096065

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://oatuu.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 24555
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 31 Jul 2023 10:21:24 GMT
etag: 12368291122986407432
expires: Mon, 14 Aug 2023 10:21:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 385 B
600 B 665ms
46ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=oatuu.org&callback=_gfp_s_&client=ca-pub-3634999250096065

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3634999250096065&plah=oatuu.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

12cb675023716d6fcf98abe5dd732eec1ff8c62d967e396df17537bb3a174165

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oatuu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 17:10:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 248
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1394 321 KB
84 KB 844ms
836ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3634999250096065&output=html&adk=1812271804&adf=3025194257&lmt=1690823439&plat=3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x1080_r&format=0x0&url=https%3A%2F%2Foatuu.org%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690823438931&bpp=6&bdt=349&idt=333&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8570523530761&frm=20&pv=2&ga_vid=815090737.1690823439&ga_sid=1690823439&ga_hid=1719278672&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076088%2C31076483%2C44788442%2C44796632%2C44798156&oid=2&pvsid=1029501597027859&tmod=47417270&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=381

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f01e409bcd286fe55e33734621ab375cd96c7f4d5586688c6e6bee4efd9908

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://oatuu.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 85867
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 31 Jul 2023 17:10:40 GMT
expires: Mon, 31 Jul 2023 17:10:40 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 87ms
86ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230726&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2c0dc9de4234e0d540391b0814261d7d71c5f60a679fffa7cdc697bbfb1e079c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oatuu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 17:10:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11645
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/ 154 KB
52 KB 87ms
87ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307200101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b8a4edd9fb9ea9ec29d808c785e14013fd209692a4d7e4ce896ef67148c6c37d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oatuu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 17:10:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53526
x-xss-protection: 0
server: cafe
etag: 6180808484219103494
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Jul 2023 17:10:40 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1FDE 92 KB
36 KB 771ms
766ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3634999250096065&output=html&h=280&adk=202424628&adf=4235140782&pi=t.aa~a.3867267941~i.35~rp.4&w=800&fwrn=4&fwrnh=100&lmt=1690823440&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7917813666&ad_type=text_image&format=800x280&url=https%3A%2F%2Foatuu.org%2F&fwr=0&pra=3&rh=200&rw=800&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690823440279&bpp=3&bdt=1698&idt=3&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1d50d67b1c2a0c7a-22d438ca29e30005%3AT%3D1690823439%3ART%3D1690823439%3AS%3DALNI_MaDJbualFQCt2O0Mx4YjSKDf92Xpw&gpic=UID%3D00000d34b4b593f5%3AT%3D1690823439%3ART%3D1690823439%3AS%3DALNI_Mb03PC-y9t69B01HCvfyuxM8sBKXw&prev_fmts=0x0&nras=2&correlator=8570523530761&frm=20&pv=1&ga_vid=815090737.1690823439&ga_sid=1690823439&ga_hid=1719278672&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=220&ady=4429&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076088%2C31076483%2C44788442%2C44796632%2C44798156&oid=2&pvsid=1029501597027859&tmod=47417270&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=6dl1E7Xtvk&p=https%3A//oatuu.org&dtd=9

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7517798bcf7c566d04e64ade89152a78e760cdf91c4ee1ccc78c6fe291b647b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://oatuu.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 37015
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 31 Jul 2023 17:10:41 GMT
expires: Mon, 31 Jul 2023 17:10:41 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7422 45 KB
16 KB 304ms
300ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3634999250096065&output=html&h=600&adk=2072332743&adf=76851998&pi=t.aa~a.3734439331~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1690823440&rafmt=1&to=qs&pwprc=7917813666&format=300x600&url=https%3A%2F%2Foatuu.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690823440342&bpp=1&bdt=1760&idt=-M&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1d50d67b1c2a0c7a-22d438ca29e30005%3AT%3D1690823439%3ART%3D1690823439%3AS%3DALNI_MaDJbualFQCt2O0Mx4YjSKDf92Xpw&gpic=UID%3D00000d34b4b593f5%3AT%3D1690823439%3ART%3D1690823439%3AS%3DALNI_Mb03PC-y9t69B01HCvfyuxM8sBKXw&prev_fmts=0x0%2C800x280&nras=3&correlator=8570523530761&frm=20&pv=1&ga_vid=815090737.1690823439&ga_sid=1690823439&ga_hid=1719278672&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1402&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076088%2C31076483%2C44788442%2C44796632%2C44798156&oid=2&pvsid=1029501597027859&tmod=47417270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=q3yg7VZiXm&p=https%3A//oatuu.org&dtd=12

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4fc31fe542c5c2a52cba77af755a57f4581d7cb69644d595530ba940a5d9b1c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://oatuu.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 16502
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 31 Jul 2023 17:10:40 GMT
expires: Mon, 31 Jul 2023 17:10:40 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D2A6 39 KB
16 KB 602ms
599ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3634999250096065&output=html&h=600&adk=2072332743&adf=4062780367&pi=t.aa~a.3186878767~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1690823440&rafmt=1&to=qs&pwprc=7917813666&format=300x600&url=https%3A%2F%2Foatuu.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690823440342&bpp=1&bdt=1761&idt=1&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1d50d67b1c2a0c7a-22d438ca29e30005%3AT%3D1690823439%3ART%3D1690823439%3AS%3DALNI_MaDJbualFQCt2O0Mx4YjSKDf92Xpw&gpic=UID%3D00000d34b4b593f5%3AT%3D1690823439%3ART%3D1690823439%3AS%3DALNI_Mb03PC-y9t69B01HCvfyuxM8sBKXw&prev_fmts=0x0%2C800x280%2C300x600&nras=4&correlator=8570523530761&frm=20&pv=1&ga_vid=815090737.1690823439&ga_sid=1690823439&ga_hid=1719278672&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=2417&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076088%2C31076483%2C44788442%2C44796632%2C44798156&oid=2&pvsid=1029501597027859&tmod=47417270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=QQ74Fvac0e&p=https%3A//oatuu.org&dtd=22

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1bd0459d68588e32cbdb48fb00c89ac32c94ad56345bcf4c25cb7cb078b37a88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://oatuu.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 16140
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 31 Jul 2023 17:10:40 GMT
expires: Mon, 31 Jul 2023 17:10:40 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 163ms
58ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oatuu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 17:10:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 31 Jul 2023 17:10:40 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/ Frame 83CE 10 KB
4 KB 53ms
38ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://oatuu.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 63028
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 30 Jul 2023 23:40:12 GMT
etag: 12368291122986407432
expires: Sun, 13 Aug 2023 23:40:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/ Frame EBAF 10 KB
4 KB 46ms
36ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://oatuu.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 63028
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 30 Jul 2023 23:40:12 GMT
etag: 12368291122986407432
expires: Sun, 13 Aug 2023 23:40:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12778012691870549939/ Frame EC8C 115 KB
21 KB 41ms
39ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12778012691870549939/index.html

Requested by

Host: oatuu.org
URL: https://oatuu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71080af6c05c7861fd4e9899d5702c956af710482687ef7ef47e510524d80ac8

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 306080
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 19711
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Fri, 28 Jul 2023 04:09:20 GMT
expires: Sat, 27 Jul 2024 04:09:20 GMT
last-modified: Tue, 26 Jul 2022 13:09:08 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/ Frame 9377 23 KB
9 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/abg_lite_fy2021.js

Requested by

Host: oatuu.org
URL: https://oatuu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93028274da1d373cd41165f6a442568ddd482370e8093e45d14a4ad0f6981f19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 15:09:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7248
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9132
x-xss-protection: 0
server: cafe
etag: 17712579318771444318
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Aug 2023 15:09:52 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D05C 143 B
166 B 37ms
36ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: oatuu.org
URL: https://oatuu.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 145
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 31 Jul 2023 17:08:15 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame 9377 3 KB
1 KB 63ms
62ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/window_focus_fy2021.js

Requested by

Host: oatuu.org
URL: https://oatuu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 11:50:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19238
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Aug 2023 11:50:02 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame 9377 20 KB
8 KB 62ms
62ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: oatuu.org
URL: https://oatuu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ecb4fb492aee0a820dfc4a395fb80e2ac2e864bbf38aa1ae28d6d70fb9e6da3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 03:48:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48130
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8293
x-xss-protection: 0
server: cafe
etag: 11502554701003060455
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Aug 2023 03:48:30 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9377 179 KB
57 KB 135ms
48ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: oatuu.org
URL: https://oatuu.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 17:10:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57355
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690371356542162"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 31 Jul 2023 17:10:40 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame EBAF 14 KB
2 KB 157ms
48ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 31 Jul 2023 17:10:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 15:55:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 31 Jul 2023 17:10:40 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame EBAF 2 KB
973 B 50ms
50ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 22:55:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65690
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 13 Aug 2023 22:55:50 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/ Frame EBAF 23 KB
9 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93028274da1d373cd41165f6a442568ddd482370e8093e45d14a4ad0f6981f19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 15:09:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7248
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9132
x-xss-protection: 0
server: cafe
etag: 17712579318771444318
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Aug 2023 15:09:52 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame EBAF 3 KB
1 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 11:50:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19238
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Aug 2023 11:50:02 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame EBAF 20 KB
8 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ecb4fb492aee0a820dfc4a395fb80e2ac2e864bbf38aa1ae28d6d70fb9e6da3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 03:48:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48130
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8293
x-xss-protection: 0
server: cafe
etag: 11502554701003060455
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Aug 2023 03:48:30 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EBAF 179 KB
56 KB 162ms
103ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 17:10:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57355
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690371356542162"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 31 Jul 2023 17:10:40 GMT

GET
H2 200 92cd137fb2ab4f826a326c70369c8a48.js Show response
www.gstatic.com/mysidia/ Frame EBAF 33 KB
14 KB 132ms
37ms Script
text/javascript 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/92cd137fb2ab4f826a326c70369c8a48.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

541fb110d3896cc361dd08f655c22accc06bed9c580cc3367e3ef09deff5503d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 16:23:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 175616
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14171
x-xss-protection: 0
last-modified: Thu, 27 Jul 2023 20:56:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 27 Oct 2023 16:23:44 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/15786462984891238532/ Frame EBAF 17 KB
17 KB 39ms
38ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15786462984891238532/14763004658117789537?w=400&h=209

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6415839d0c8d17764442e6c48cbf59c6ff9d727b5d098f7df7f215bf14f8e0da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 15:14:15 GMT
x-content-type-options: nosniff
age: 266185
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17353
x-xss-protection: 0
last-modified: Thu, 21 Jul 2022 16:00:11 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 27 Jul 2024 15:14:15 GMT

GET
DATA 200
OK truncated
/ Frame EBAF 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame EBAF 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame EC8C 16 KB
6 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12778012691870549939/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 07:13:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35837
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5660
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 01 Aug 2023 07:13:23 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame EC8C 34 KB
13 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12778012691870549939/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 19:42:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77295
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 31 Jul 2023 19:42:25 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C31A 13 KB
5 KB 42ms
39ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://oatuu.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 19069
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 31 Jul 2023 11:52:51 GMT
expires: Tue, 30 Jul 2024 11:52:51 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E234 783 B
999 B 169ms
48ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

56a17a336308d9f6d92919a781323e303aff44415f1ebe84adc30d865aaf4fcd

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-LppbmRZJAqNOhsNsA1DoQg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://oatuu.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-LppbmRZJAqNOhsNsA1DoQg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 31 Jul 2023 17:10:40 GMT
expires: Mon, 31 Jul 2023 17:10:40 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 849D 2 KB
2 KB 63ms
29ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1h7ge563djadg64gx04p8s0hnmvdnwwyn96eahdqk2s7ef2gn9fm77bczvrtvqwjvm2daezj40ayzbqxxa33jyjasrrpjz0xzzntx7jr652m038sejkc9tzf55hv8gcabc90yng3vb7rszfaw3jcby0fermbr8jqvp12ckp6sm5xd76cq10z7ce798zvyawvqw9ej57f9j2z5w1sw0f21h7vtwc4jrjjffxshhz21spv2jvarf054m5q2svgp5qdqb30vv19b5b2x6n4pna73w2d97vq8rzrttrhqqjkjxpsd48zvg811ytdxqp14n9fkpg13tn69bjyde4y1p8tq4xr8w1pbyfmwd77c9mvh0gxppj887vs6bvpcaqefn7ra0f84cmfs9gp3kvdbfrm40jmytqwn6xwzk1kdb92ahr5spee6s3k7zbt38stn24g744mzgfs1w&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCImntEOvHZPeqGoibygX-obrIB5DhgYRctqjCivACwI23ARABIABgoQKCARdjYS1wdWItMzYzNDk5OTI1MDA5NjA2NcgBCakC-EeJzJ1_sj6oAwHIAwKqBLwBT9AdcnMcCfsES1GODxto3FuqYfCdSwLJEm4woOndg86GSi7eZ71PN-9USsUWyqpXgcibL9kw_G67KpEncrYkJ36rUAnf5xQxchy0VXDv2_e9dcUkLjqOkBrjJZ2_8ua2Hq4mCpTLCSlcJ6sPDdwBSBJVQK-KuD2kKWUQ4Jw7T_9U1fqsOOUr3uoMU5TLPzRuQO-87E6yfGoPMmRDYJNcwhiPnz9coHR7IPeDZfgnBSMYBtMmgjJUR4D-xVWABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3HWP8rXTGZ7HPfkcIClpkYKBPV6Q%26client%3Dca-pub-3634999250096065%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3634999250096065&output=html&h=600&adk=2072332743&adf=76851998&pi=t.aa~a.3734439331~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1690823440&rafmt=1&to=qs&pwprc=7917813666&format=300x600&url=https%3A%2F%2Foatuu.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690823440342&bpp=1&bdt=1760&idt=-M&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1d50d67b1c2a0c7a-22d438ca29e30005%3AT%3D1690823439%3ART%3D1690823439%3AS%3DALNI_MaDJbualFQCt2O0Mx4YjSKDf92Xpw&gpic=UID%3D00000d34b4b593f5%3AT%3D1690823439%3ART%3D1690823439%3AS%3DALNI_Mb03PC-y9t69B01HCvfyuxM8sBKXw&prev_fmts=0x0%2C800x280&nras=3&correlator=8570523530761&frm=20&pv=1&ga_vid=815090737.1690823439&ga_sid=1690823439&ga_hid=1719278672&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1402&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076088%2C31076483%2C44788442%2C44796632%2C44798156&oid=2&pvsid=1029501597027859&tmod=47417270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=q3yg7VZiXm&p=https%3A//oatuu.org&dtd=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65d62be141d7ac3ea31e29a9e23ad24cd562c93f8aa7c12c916a70e77880123f

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7ef774c95e95377b-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 31 Jul 2023 17:10:40 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame 3E86 3 KB
1 KB 45ms
41ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 11:50:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19238
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Aug 2023 11:50:02 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 291B 1 KB
643 B 45ms
38ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 5860
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 31 Jul 2023 15:33:00 GMT
etag: 48472445140208031
expires: Tue, 01 Aug 2023 15:33:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame 3E86 20 KB
8 KB 45ms
39ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ecb4fb492aee0a820dfc4a395fb80e2ac2e864bbf38aa1ae28d6d70fb9e6da3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 03:48:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48130
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8293
x-xss-protection: 0
server: cafe
etag: 11502554701003060455
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Aug 2023 03:48:30 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 3E86 0
0 140ms
46ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS-Xg7Pl2ABikjZ8TBrMspgOC1pBp4THr6NX56OJcgAmY2cPheEl9I5U-IRzwJh0qEWQExWaymAvl9gdNOOnvO6OfwbNQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3634999250096065&output=html&h=600&adk=2072332743&adf=76851998&pi=t.aa~a.3734439331~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1690823440&rafmt=1&to=qs&pwprc=7917813666&format=300x600&url=https%3A%2F%2Foatuu.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690823440342&bpp=1&bdt=1760&idt=-M&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1d50d67b1c2a0c7a-22d438ca29e30005%3AT%3D1690823439%3ART%3D1690823439%3AS%3DALNI_MaDJbualFQCt2O0Mx4YjSKDf92Xpw&gpic=UID%3D00000d34b4b593f5%3AT%3D1690823439%3ART%3D1690823439%3AS%3DALNI_Mb03PC-y9t69B01HCvfyuxM8sBKXw&prev_fmts=0x0%2C800x280&nras=3&correlator=8570523530761&frm=20&pv=1&ga_vid=815090737.1690823439&ga_sid=1690823439&ga_hid=1719278672&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1402&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076088%2C31076483%2C44788442%2C44796632%2C44798156&oid=2&pvsid=1029501597027859&tmod=47417270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=q3yg7VZiXm&p=https%3A//oatuu.org&dtd=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3E86 179 KB
56 KB 63ms
54ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 17:10:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57355
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690371356542162"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 31 Jul 2023 17:10:40 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D05C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

51ms
44ms

Document
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 31 Jul 2023 17:10:41 GMT
expires: Mon, 31 Jul 2023 17:10:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 31 Jul 2023 17:10:40 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame EBAF 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 371ae72844eb406e215e0b62864935f8539f7b8b1afa9a589cbf5048f25ce4e4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame 849D 114 KB
14 KB 42ms
24ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1h7ge563djadg64gx04p8s0hnmvdnwwyn96eahdqk2s7ef2gn9fm77bczvrtvqwjvm2daezj40ayzbqxxa33jyjasrrpjz0xzzntx7jr652m038sejkc9tzf55hv8gcabc90yng3vb7rszfaw3jcby0fermbr8jqvp12ckp6sm5xd76cq10z7ce798zvyawvqw9ej57f9j2z5w1sw0f21h7vtwc4jrjjffxshhz21spv2jvarf054m5q2svgp5qdqb30vv19b5b2x6n4pna73w2d97vq8rzrttrhqqjkjxpsd48zvg811ytdxqp14n9fkpg13tn69bjyde4y1p8tq4xr8w1pbyfmwd77c9mvh0gxppj887vs6bvpcaqefn7ra0f84cmfs9gp3kvdbfrm40jmytqwn6xwzk1kdb92ahr5spee6s3k7zbt38stn24g744mzgfs1w&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCImntEOvHZPeqGoibygX-obrIB5DhgYRctqjCivACwI23ARABIABgoQKCARdjYS1wdWItMzYzNDk5OTI1MDA5NjA2NcgBCakC-EeJzJ1_sj6oAwHIAwKqBLwBT9AdcnMcCfsES1GODxto3FuqYfCdSwLJEm4woOndg86GSi7eZ71PN-9USsUWyqpXgcibL9kw_G67KpEncrYkJ36rUAnf5xQxchy0VXDv2_e9dcUkLjqOkBrjJZ2_8ua2Hq4mCpTLCSlcJ6sPDdwBSBJVQK-KuD2kKWUQ4Jw7T_9U1fqsOOUr3uoMU5TLPzRuQO-87E6yfGoPMmRDYJNcwhiPnz9coHR7IPeDZfgnBSMYBtMmgjJUR4D-xVWABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3HWP8rXTGZ7HPfkcIClpkYKBPV6Q%26client%3Dca-pub-3634999250096065%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1h7ge563djadg64gx04p8s0hnmvdnwwyn96eahdqk2s7ef2gn9fm77bczvrtvqwjvm2daezj40ayzbqxxa33jyjasrrpjz0xzzntx7jr652m038sejkc9tzf55hv8gcabc90yng3vb7rszfaw3jcby0fermbr8jqvp12ckp6sm5xd76cq10z7ce798zvyawvqw9ej57f9j2z5w1sw0f21h7vtwc4jrjjffxshhz21spv2jvarf054m5q2svgp5qdqb30vv19b5b2x6n4pna73w2d97vq8rzrttrhqqjkjxpsd48zvg811ytdxqp14n9fkpg13tn69bjyde4y1p8tq4xr8w1pbyfmwd77c9mvh0gxppj887vs6bvpcaqefn7ra0f84cmfs9gp3kvdbfrm40jmytqwn6xwzk1kdb92ahr5spee6s3k7zbt38stn24g744mzgfs1w&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCImntEOvHZPeqGoibygX-obrIB5DhgYRctqjCivACwI23ARABIABgoQKCARdjYS1wdWItMzYzNDk5OTI1MDA5NjA2NcgBCakC-EeJzJ1_sj6oAwHIAwKqBLwBT9AdcnMcCfsES1GODxto3FuqYfCdSwLJEm4woOndg86GSi7eZ71PN-9USsUWyqpXgcibL9kw_G67KpEncrYkJ36rUAnf5xQxchy0VXDv2_e9dcUkLjqOkBrjJZ2_8ua2Hq4mCpTLCSlcJ6sPDdwBSBJVQK-KuD2kKWUQ4Jw7T_9U1fqsOOUr3uoMU5TLPzRuQO-87E6yfGoPMmRDYJNcwhiPnz9coHR7IPeDZfgnBSMYBtMmgjJUR4D-xVWABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3HWP8rXTGZ7HPfkcIClpkYKBPV6Q%26client%3Dca-pub-3634999250096065%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 17:10:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1687950287
age: 453453
cf-polished: origSize=117335
x-guploader-uploadid: ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Jun 2023 11:05:15 GMT
server: cloudflare
etag: W/"5d49535c2a84a9762127b3d9e77d7e02"
vary: Accept-Encoding
x-goog-generation: 1687950315098833
content-type: text/css
x-goog-hash: crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Trn4gLDamhxerN1oe1JdCG43OtOEsBORDkaAjaYrSz1IFWeUVGjR0iJGu513AkdsmX81O3Rx5guw9DvtjLGCZKG7rBLILQ34UIbhttL0iq4ogNAccrq%2BqiXslagm36jDTJ5rBwviDR4%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 117335
cf-ray: 7ef774ca4803377b-FRA
expires: Mon, 31 Jul 2023 18:10:41 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 849D 25 KB
10 KB 50ms
21ms Script
application/javascript 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1h7ge563djadg64gx04p8s0hnmvdnwwyn96eahdqk2s7ef2gn9fm77bczvrtvqwjvm2daezj40ayzbqxxa33jyjasrrpjz0xzzntx7jr652m038sejkc9tzf55hv8gcabc90yng3vb7rszfaw3jcby0fermbr8jqvp12ckp6sm5xd76cq10z7ce798zvyawvqw9ej57f9j2z5w1sw0f21h7vtwc4jrjjffxshhz21spv2jvarf054m5q2svgp5qdqb30vv19b5b2x6n4pna73w2d97vq8rzrttrhqqjkjxpsd48zvg811ytdxqp14n9fkpg13tn69bjyde4y1p8tq4xr8w1pbyfmwd77c9mvh0gxppj887vs6bvpcaqefn7ra0f84cmfs9gp3kvdbfrm40jmytqwn6xwzk1kdb92ahr5spee6s3k7zbt38stn24g744mzgfs1w&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCImntEOvHZPeqGoibygX-obrIB5DhgYRctqjCivACwI23ARABIABgoQKCARdjYS1wdWItMzYzNDk5OTI1MDA5NjA2NcgBCakC-EeJzJ1_sj6oAwHIAwKqBLwBT9AdcnMcCfsES1GODxto3FuqYfCdSwLJEm4woOndg86GSi7eZ71PN-9USsUWyqpXgcibL9kw_G67KpEncrYkJ36rUAnf5xQxchy0VXDv2_e9dcUkLjqOkBrjJZ2_8ua2Hq4mCpTLCSlcJ6sPDdwBSBJVQK-KuD2kKWUQ4Jw7T_9U1fqsOOUr3uoMU5TLPzRuQO-87E6yfGoPMmRDYJNcwhiPnz9coHR7IPeDZfgnBSMYBtMmgjJUR4D-xVWABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3HWP8rXTGZ7HPfkcIClpkYKBPV6Q%26client%3Dca-pub-3634999250096065%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 17:10:41 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 11 Jul 2023 16:29:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 520817
etag: W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qEjE0FqreIfoZYhRHdi8jZbzI2e6tfJwI5RyV6bjDRfCd%2BQth5ZrOYRakY7aTTSyHsUA7MyaFOsJHD9UCMakn3Hjghs0jArqP3hAxtecyQ%2BKiCUM8a8xfaWirE1UZNqpGsRkQzA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7ef774ca5816377b-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 25 Jul 2023 16:30:14 GMT

GET
H2 200 XassetItoqP6jy.png
ads.w55c.net/t/d/ Frame D2A6 115 KB
115 KB 337ms
7ms Image
image/png 2600:9000:2491:f000:1b:f040:3600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.w55c.net/t/d/XassetItoqP6jy.png?at=0&rtbhost=conf01-europe-west1.rtb.roku.com&btid=MEI1RjI3QzFEMTFDMTc1MTlCMjgxNjNGNkFEMjJGRDd8R0ZFNGo2aGJkd3wxNjkwODIzNDQwNTU0fDF8WG1FS1o4a2t0eHxYUlBNSXRvc2p5fC0xMjYwMjk4MzY1X0VYfDU0OTc0fHx8fC4wUHxVU0Q&ei=GOOGLE_CONTENTNETWORK&ac=WFMwUE56aXZTMTpYU1pHTkNKTWpzfDB8MHxFVVI7&js=0&ob=0&ccw=SUFCMSMwLjMwMjQzNjU2fElBQjE5IzAuMTQ0MjIzMzV8SUFCMS02IzAuMTQ0MjIzMzV8SUFCMTktMjIjMC4xNDQyMjMzNXxJQUI3IzAuMTA0NTI3OTJ8SUFCNSMwLjA3ODQwNjA5fElBQjUtOCMwLjA2Mzc5Njk1fElBQjgtMTcjMC4wMjk0NjE5M3xJQUI4IzAuMDI5NDYxOTN8SUFCNi02IzAuMDI2MTMxOTh8SUFCNi0yIzAuMDI2MTMxOTh8SUFCMTQtNiMwLjAyNjEzMTk4fElBQjYjMC4wMjYxMzE5OHxJQUIxNCMwLjAyNjEzMTk4&ci=Xmwo1n97Q8&psid=NTkzOTA4MTEyNTc&s=https%3A%2F%2Foatuu.org&ts=1690823440563&c=DE&r=G-HE&epid=R0NvYXR1dS5vcmc&mi=d2Vi&wp_exchange=NWP
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3634999250096065&output=html&h=600&adk=2072332743&adf=4062780367&pi=t.aa~a.3186878767~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1690823440&rafmt=1&to=qs&pwprc=7917813666&format=300x600&url=https%3A%2F%2Foatuu.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690823440342&bpp=1&bdt=1761&idt=1&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1d50d67b1c2a0c7a-22d438ca29e30005%3AT%3D1690823439%3ART%3D1690823439%3AS%3DALNI_MaDJbualFQCt2O0Mx4YjSKDf92Xpw&gpic=UID%3D00000d34b4b593f5%3AT%3D1690823439%3ART%3D1690823439%3AS%3DALNI_Mb03PC-y9t69B01HCvfyuxM8sBKXw&prev_fmts=0x0%2C800x280%2C300x600&nras=4&correlator=8570523530761&frm=20&pv=1&ga_vid=815090737.1690823439&ga_sid=1690823439&ga_hid=1719278672&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=2417&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076088%2C31076483%2C44788442%2C44796632%2C44798156&oid=2&pvsid=1029501597027859&tmod=47417270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=QQ74Fvac0e&p=https%3A//oatuu.org&dtd=22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:f000:1b:f040:3600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c7f57f8671ee2aff1234cee199a90f523f7584a2181162d3241af4b1044ad78b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id: rN0_5fRoOcsGF_KFZPSSLYgtxVawLB3A
date: Mon, 31 Jul 2023 07:25:09 GMT
via: 1.1 4dd80d99fd5d0f6baaaf5179cd921f72.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 35138
x-amz-server-side-encryption: AES256
x-amz-meta-width: 300
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-meta-filesize: 117303
x-amz-meta-height: 600
content-length: 117303
last-modified: Wed, 03 May 2023 17:26:36 GMT
server: AmazonS3
etag: "fe8949a32932989dc9c205e6a6345266"
vary: Accept-Encoding
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: Y6vuy__vVgAGoIUZk4FhA8P5BcqD2NRpQn1xFiOLlWPZonJuSZgOLA==

GET
H/1.1 200
OK pixel.php
t.hspvst.com/ Frame D2A6 95 B
926 B 145ms
35ms Image
image/png 154.58.197.185
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.hspvst.com/pixel.php?id=2677&t=P&cb=9140384218133024
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3634999250096065&output=html&h=600&adk=2072332743&adf=4062780367&pi=t.aa~a.3186878767~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1690823440&rafmt=1&to=qs&pwprc=7917813666&format=300x600&url=https%3A%2F%2Foatuu.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690823440342&bpp=1&bdt=1761&idt=1&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1d50d67b1c2a0c7a-22d438ca29e30005%3AT%3D1690823439%3ART%3D1690823439%3AS%3DALNI_MaDJbualFQCt2O0Mx4YjSKDf92Xpw&gpic=UID%3D00000d34b4b593f5%3AT%3D1690823439%3ART%3D1690823439%3AS%3DALNI_Mb03PC-y9t69B01HCvfyuxM8sBKXw&prev_fmts=0x0%2C800x280%2C300x600&nras=4&correlator=8570523530761&frm=20&pv=1&ga_vid=815090737.1690823439&ga_sid=1690823439&ga_hid=1719278672&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=2417&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076088%2C31076483%2C44788442%2C44796632%2C44798156&oid=2&pvsid=1029501597027859&tmod=47417270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=QQ74Fvac0e&p=https%3A//oatuu.org&dtd=22
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 154.58.197.185 , Philippines, ASN174 (COGENT-174, US),
Reverse DNS: staticip-hv4m185.hispavista.com
Software: Apache / PHP/5.4.45-1~dotdeb+7.1
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Mon, 31 Jul 2023 17:10:39 GMT
Server: Apache
X-Powered-By: PHP/5.4.45-1~dotdeb+7.1
Transfer-Encoding: chunked
P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Content-Type: image/png
Cache-Control: max-age=315360000
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Keep-Alive: timeout=3, max=1000
Expires: Thu, 28 Jul 2033 17:10:39 GMT

GET
H2 200 creative_add_on.js Show response
cti.w55c.net/ct/ Frame D2A6 5 KB
3 KB 90ms
15ms Script
application/javascript 2600:9000:2104:8000:3:4706:a6c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cti.w55c.net/ct/creative_add_on.js?w=300&h=600&zindex=0&ci=Xmwo1n97Q8&ei=GOOGLE_CONTENTNETWORK&ob=0&ai=0DaDXCcU00&epid=R0NvYXR1dS5vcmc&fiu=WG1FS1o4a2t0eA&s=https%3A%2F%2Foatuu.org&ciu=XRPMItosjy&btid=MEI1RjI3QzFEMTFDMTc1MTlCMjgxNjNGNkFEMjJGRDd8R0ZFNGo2aGJkd3wxNjkwODIzNDQwNTU0fDF8WG1FS1o4a2t0eHxYUlBNSXRvc2p5fC0xMjYwMjk4MzY1X0VYfDU0OTc0fHx8fC4wUHxVU0Q&c=DE&dt=2dt0005&sd=oatuu.org&cip=1&hmt=1&uidu=CAESENSyYm1VzfJ-xSCtparB9qc&spidu=GOOGLE_CONTENTNETWORK&pidu=oatuu.org&hmpvu=674305c2-9ac1-49f0-9522-7f29e26e02d2&hmtsu=3&odtu=2&mtfu=1&crdmu=300x600&cridu=XRPMItosjy&

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3634999250096065&output=html&h=600&adk=2072332743&adf=4062780367&pi=t.aa~a.3186878767~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1690823440&rafmt=1&to=qs&pwprc=7917813666&format=300x600&url=https%3A%2F%2Foatuu.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690823440342&bpp=1&bdt=1761&idt=1&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1d50d67b1c2a0c7a-22d438ca29e30005%3AT%3D1690823439%3ART%3D1690823439%3AS%3DALNI_MaDJbualFQCt2O0Mx4YjSKDf92Xpw&gpic=UID%3D00000d34b4b593f5%3AT%3D1690823439%3ART%3D1690823439%3AS%3DALNI_Mb03PC-y9t69B01HCvfyuxM8sBKXw&prev_fmts=0x0%2C800x280%2C300x600&nras=4&correlator=8570523530761&frm=20&pv=1&ga_vid=815090737.1690823439&ga_sid=1690823439&ga_hid=1719278672&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=2417&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076088%2C31076483%2C44788442%2C44796632%2C44798156&oid=2&pvsid=1029501597027859&tmod=47417270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=QQ74Fvac0e&p=https%3A//oatuu.org&dtd=22

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2104:8000:3:4706:a6c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e8090651b52c256938df2fb0582f24521fe0476939aab81d01b7f31a7ac75beb

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id: 0IYa12QvFdrNK.CC2JhaeEJAYjkhUjCe
content-encoding: gzip
via: 1.1 e328b143eb69c36369a2def78300d502.cloudfront.net (CloudFront)
date: Tue, 25 Jul 2023 07:31:24 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-amz-cf-pop: AMS1-C1
age: 575137
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 17 Sep 2021 21:17:39 GMT
server: AmazonS3
etag: W/"a6c8a5bdec77729759b220b95bf503f9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: must-revalidate
x-amz-cf-id: 58h7HK-MCFfvFr_G83sSSRbHpIu8kVHpIBkCEpFpru9U208OcFYQqg==

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame D2A6 3 KB
1 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3634999250096065&output=html&h=600&adk=2072332743&adf=4062780367&pi=t.aa~a.3186878767~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1690823440&rafmt=1&to=qs&pwprc=7917813666&format=300x600&url=https%3A%2F%2Foatuu.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690823440342&bpp=1&bdt=1761&idt=1&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1d50d67b1c2a0c7a-22d438ca29e30005%3AT%3D1690823439%3ART%3D1690823439%3AS%3DALNI_MaDJbualFQCt2O0Mx4YjSKDf92Xpw&gpic=UID%3D00000d34b4b593f5%3AT%3D1690823439%3ART%3D1690823439%3AS%3DALNI_Mb03PC-y9t69B01HCvfyuxM8sBKXw&prev_fmts=0x0%2C800x280%2C300x600&nras=4&correlator=8570523530761&frm=20&pv=1&ga_vid=815090737.1690823439&ga_sid=1690823439&ga_hid=1719278672&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=2417&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076088%2C31076483%2C44788442%2C44796632%2C44798156&oid=2&pvsid=1029501597027859&tmod=47417270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=QQ74Fvac0e&p=https%3A//oatuu.org&dtd=22

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 11:50:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19239
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Aug 2023 11:50:02 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame D2A6 20 KB
8 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3634999250096065&output=html&h=600&adk=2072332743&adf=4062780367&pi=t.aa~a.3186878767~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1690823440&rafmt=1&to=qs&pwprc=7917813666&format=300x600&url=https%3A%2F%2Foatuu.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690823440342&bpp=1&bdt=1761&idt=1&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1d50d67b1c2a0c7a-22d438ca29e30005%3AT%3D1690823439%3ART%3D1690823439%3AS%3DALNI_MaDJbualFQCt2O0Mx4YjSKDf92Xpw&gpic=UID%3D00000d34b4b593f5%3AT%3D1690823439%3ART%3D1690823439%3AS%3DALNI_Mb03PC-y9t69B01HCvfyuxM8sBKXw&prev_fmts=0x0%2C800x280%2C300x600&nras=4&correlator=8570523530761&frm=20&pv=1&ga_vid=815090737.1690823439&ga_sid=1690823439&ga_hid=1719278672&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=2417&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076088%2C31076483%2C44788442%2C44796632%2C44798156&oid=2&pvsid=1029501597027859&tmod=47417270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=QQ74Fvac0e&p=https%3A//oatuu.org&dtd=22

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ecb4fb492aee0a820dfc4a395fb80e2ac2e864bbf38aa1ae28d6d70fb9e6da3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 03:48:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48131
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8293
x-xss-protection: 0
server: cafe
etag: 11502554701003060455
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Aug 2023 03:48:30 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D2A6 179 KB
56 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3634999250096065&output=html&h=600&adk=2072332743&adf=4062780367&pi=t.aa~a.3186878767~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1690823440&rafmt=1&to=qs&pwprc=7917813666&format=300x600&url=https%3A%2F%2Foatuu.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690823440342&bpp=1&bdt=1761&idt=1&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1d50d67b1c2a0c7a-22d438ca29e30005%3AT%3D1690823439%3ART%3D1690823439%3AS%3DALNI_MaDJbualFQCt2O0Mx4YjSKDf92Xpw&gpic=UID%3D00000d34b4b593f5%3AT%3D1690823439%3ART%3D1690823439%3AS%3DALNI_Mb03PC-y9t69B01HCvfyuxM8sBKXw&prev_fmts=0x0%2C800x280%2C300x600&nras=4&correlator=8570523530761&frm=20&pv=1&ga_vid=815090737.1690823439&ga_sid=1690823439&ga_hid=1719278672&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=2417&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076088%2C31076483%2C44788442%2C44796632%2C44798156&oid=2&pvsid=1029501597027859&tmod=47417270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=QQ74Fvac0e&p=https%3A//oatuu.org&dtd=22

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 17:10:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57355
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690371356542162"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 31 Jul 2023 17:10:41 GMT

GET
DATA 200
OK truncated
/ Frame 3E86 220 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 08c6618d143dc10d1fc61ba5ad62a51fab0d514030a0b699d38bfcdafe992f7d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame EBAF 0
19 B 81ms
80ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CVURID-vHZLukHZTLgAOVkpf4Bqmq2eJwnI-S1ogRzvn8wI8OEAEg2o61hwFgleKQgqAHoAGrzar1A8gBCakC-EeJzJ1_sj6oAwHIA8sEqgTHAU_QCt3Ej_gXa74izVrLQhXx4T5lLPk5t9GoxerhlkIpENQ8OjLn768oQhIh7mPDDw30cCAZsDBjKWbtFxYnTVlLNIUSMQJvBRrMfM2m1OYfpOUY3tBqwkNtaPej00xrSRXsne8tsG-62ZkHAZ_deLc0FhTLmvQw8xVdN4VUZBifdY2NNOFvIQZeIAb8OrJJozWxe3mCXCCv6jrGKIZsLvwvjqP_V27M1FKqbc_GnoYtzNATnbg43lihlWOQrDrHictmh7XyzknABNvekJC4BJIFBAgEGAGSBQQIBRgEoAYugAe9stUKqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQl7AS0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi0zNjM0OTk5MjUwMDk2MDY1GAA&sigh=HJh9YgfH4qw&uach_m=[UACH]&cid=CAQSGwBpAlJWtfRY-Lhl6wG-B23quX5VonUQqYQRJRgB&template_id=5000&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 31 Jul 2023 17:10:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame 291B 35 B
463 B 344ms
11ms Image
image/gif 91.228.74.208
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEK4lV-BtpmdU79vti_6a7lQ&google_cver=1&google_push=AaAOQGGgK0MoKDtCPRXPmIQiy6CIoAD5abC3PCwvz3VPoQMtboBCLGdyypRqfTTS3GpuJvngZN9Sp2fa1LbFPjmQjYRoHpcBsVANObQ

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.208 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jul 2023 17:10:41 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 291B
Redirect Chain

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEGCBN-OZD5-o08V2KA2-ZB4&google_cver=1&google_push=AaAOQGFJjLRIJYJOU_Yqvqd-WMEGmsFKLqC900rxnarVlAYMAeC-F_PKBUPTNBhlJb1CxwAYS6DX4...
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AaAOQGFJjLRIJYJOU_Yqvqd-WMEGmsFKLqC900rxnarVlAYMAeC-F_PKBUPTNBhlJb1CxwAYS6DX4h9awbH0csHLXB9_YsVHdJKTQuM

170 B
232 B

55ms
55ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AaAOQGFJjLRIJYJOU_Yqvqd-WMEGmsFKLqC900rxnarVlAYMAeC-F_PKBUPTNBhlJb1CxwAYS6DX4h9awbH0csHLXB9_YsVHdJKTQuM

Requested by

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jul 2023 17:10:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 31 Jul 2023 17:10:40 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 8ACAA4A9477F40FC99C6B8EFA734D598 Ref B: FRAEDGE1413 Ref C: 2023-07-31T17:10:41Z
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-ltx1
location: https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AaAOQGFJjLRIJYJOU_Yqvqd-WMEGmsFKLqC900rxnarVlAYMAeC-F_PKBUPTNBhlJb1CxwAYS6DX4h9awbH0csHLXB9_YsVHdJKTQuM
x-cache: CONFIG_NOCACHE
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYBy4KbXjPTMc4h5qm61A==

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 291B
Redirect Chain

https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEIFRgwfgz9hBUqoPVfcLnt4&google_cver=1&google_push=AaAOQGEjcH5zd9Qlpni5IKdPUSR_OYdUEAVdqP1SYhIodWBusSYnwy0Ntql-qXeSwNuO0JKWwyvb5d9EYHi...
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AaAOQGEjcH5zd9Qlpni5IKdPUSR_OYdUEAVdqP1SYhIodWBusSYnwy0Ntql-qXeSwNuO0JKWwyvb5d9EYHiM3QWl2kkooPuB4W1E1GY

170 B
329 B

315ms
52ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AaAOQGEjcH5zd9Qlpni5IKdPUSR_OYdUEAVdqP1SYhIodWBusSYnwy0Ntql-qXeSwNuO0JKWwyvb5d9EYHiM3QWl2kkooPuB4W1E1GY

Requested by

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jul 2023 17:10:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AaAOQGEjcH5zd9Qlpni5IKdPUSR_OYdUEAVdqP1SYhIodWBusSYnwy0Ntql-qXeSwNuO0JKWwyvb5d9EYHiM3QWl2kkooPuB4W1E1GY
Date: Mon, 31 Jul 2023 17:10:41 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 291B 43 B
363 B 52ms
15ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAaAOQGECea-4kT9hpmeH9Kh39N3kfySzVIMTmVJWZADhh6J82_uW89n8-RGqegzEolPp_QjDQ7ub3MoIu87J4YyjiitB5rs5ZslwuA&google_gid=CAESEOcO8WyB20q32zA7tglhloM&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jul 2023 17:10:41 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 238808
expires: Mon, 31 Jul 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 291B
Redirect Chain

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEP12xwJu0ZhD7nNEl6SCoM0&google_cver=1&google_push=AaAOQGFYgRE0mJ-IlSzYAI7I_Al0ZZCl7gyzeVYYN9hCmAiWjQWEp2-ypgijyNU98eHZDDcOn_t1sYvAOeswy...
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEP12xwJu0ZhD7nNEl6SCoM0&google_push=AaAOQGFYgRE0mJ-IlSzYAI7I_Al0ZZCl7gyzeVYYN9hCmAiWjQWEp2-ypgijyNU98eHZDDcOn_t1sYvAOeswy...
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AaAOQGFYgRE0mJ-IlSzYAI7I_Al0ZZCl7gyzeVYYN9hCmAiWjQWEp2-ypgijyNU98eHZDDcOn_t1sYvAOeswy6yTH33j0wL3_o88Kuk&google_hm=LTN6ak1nQmFRNjJ0R...

170 B
188 B

70ms
53ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AaAOQGFYgRE0mJ-IlSzYAI7I_Al0ZZCl7gyzeVYYN9hCmAiWjQWEp2-ypgijyNU98eHZDDcOn_t1sYvAOeswy6yTH33j0wL3_o88Kuk&google_hm=LTN6ak1nQmFRNjJ0R1JZRm1IYUc=

Requested by

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jul 2023 17:10:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 31 Jul 2023 17:10:41 GMT
Content-Type: text/html; charset=utf-8
Location: https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AaAOQGFYgRE0mJ-IlSzYAI7I_Al0ZZCl7gyzeVYYN9hCmAiWjQWEp2-ypgijyNU98eHZDDcOn_t1sYvAOeswy6yTH33j0wL3_o88Kuk&google_hm=LTN6ak1nQmFRNjJ0R1JZRm1IYUc=
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 239
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 291B
Redirect Chain

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEGh7NW6a3fLEUI95lDSjitY&google_cver=1&google_push=AaAOQGH66Iwx_Rirl--gpz_a_13G4Kx2kQqtK1WAZmfgqDqNmWJC97s_pJawoRoJJvtQjLPPLc0Qy5qoy0XvJbrJVc2vFIL...
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AaAOQGH66Iwx_Rirl--gpz_a_13G4Kx2kQqtK1WAZmfgqDqNmWJC97s_pJawoRoJJvtQjLPPLc0Qy5qoy0XvJbrJVc2vFIL9kuzvbyIN&google_hm=MzAxMTE...

170 B
232 B

49ms
48ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AaAOQGH66Iwx_Rirl--gpz_a_13G4Kx2kQqtK1WAZmfgqDqNmWJC97s_pJawoRoJJvtQjLPPLc0Qy5qoy0XvJbrJVc2vFIL9kuzvbyIN&google_hm=MzAxMTE0NTYyNzQwMjgyMDg1Mw==

Requested by

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jul 2023 17:10:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AaAOQGH66Iwx_Rirl--gpz_a_13G4Kx2kQqtK1WAZmfgqDqNmWJC97s_pJawoRoJJvtQjLPPLc0Qy5qoy0XvJbrJVc2vFIL9kuzvbyIN&google_hm=MzAxMTE0NTYyNzQwMjgyMDg1Mw==
Date: Mon, 31 Jul 2023 17:10:41 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

dot.gif
s0.2mdn.net/ Frame 291B
Redirect Chain

https://sync.gonet-ads.com/match/google?google_gid=CAESEPBiVCcwFVdoSaImpRufgfM&google_cver=1&google_push=AaAOQGE1hf-mk1tXkMtH6bVKq_eQCvu9_GI0-NabL2yktgjaOUj1db23Ar0m1uKR-gUpnL0_SiQrZZJMKts6umcqC6f2...
https://sync.gonet-ads.com/match/google?google_gid=CAESEPBiVCcwFVdoSaImpRufgfM&google_cver=1&google_push=AaAOQGE1hf-mk1tXkMtH6bVKq_eQCvu9_GI0-NabL2yktgjaOUj1db23Ar0m1uKR-gUpnL0_SiQrZZJMKts6umcqC6f2...
https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=Njk0YTJjMjk3MzRjN2M4Mw&google_push=AaAOQGE1hf-mk1tXkMtH6bVKq_eQCvu9_GI0-NabL2yktgjaOUj1db23Ar0m1uKR-gUpnL0_SiQrZZJMKts6umcqC6f2OGf...
https://sync.gonet-ads.com/match/google
https://cm.g.doubleclick.net/pixel?google_nid=gonet_ads_&google_hm=Njk0YTJjMjk3MzRjN2M4Mw&google_push=
https://s0.2mdn.net/dot.gif?google_error=5

43 B
490 B

146ms
42ms

Image
image/gif

2a00:1450:4001:80b::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_error=5

Protocol

Server

2a00:1450:4001:80b::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 20:37:14 GMT
x-content-type-options: nosniff
age: 74008
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-xss-protection: 0
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 31 Jul 2023 20:37:14 GMT

Redirect headers

pragma: no-cache
date: Mon, 31 Jul 2023 17:10:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://s0.2mdn.net/dot.gif?google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 239
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 291B 0
130 B 403ms
46ms Image
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I0A-dJeadY2CplSdKojY-0x4lHr7d94PqmBLB180oKXUlgWL8YEwY_8M5vXn4TpPGqvUEkNCo

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 17:10:41 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js Show response
pagead2.googlesyndication.com/bg/ Frame 89F2 37 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js

Requested by

Host: oatuu.org
URL: https://oatuu.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4f9e4b1838819f2fdbc6eea07e712886701f71a49ff22a445a9be3d5c7d806

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 17:14:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86180
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14628
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 29 Jul 2024 17:14:21 GMT

GET
DATA 200
OK truncated
/ Frame 9377 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c3541115844fb4cdc980c1966cd24e21323379968bdf89164d416a65fd4a4df3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 530795392160979996
tpc.googlesyndication.com/daca_images/simgad/ Frame 1FDE 120 KB
120 KB 43ms
41ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/530795392160979996

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3634999250096065&output=html&h=280&adk=202424628&adf=4235140782&pi=t.aa~a.3867267941~i.35~rp.4&w=800&fwrn=4&fwrnh=100&lmt=1690823440&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7917813666&ad_type=text_image&format=800x280&url=https%3A%2F%2Foatuu.org%2F&fwr=0&pra=3&rh=200&rw=800&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690823440279&bpp=3&bdt=1698&idt=3&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1d50d67b1c2a0c7a-22d438ca29e30005%3AT%3D1690823439%3ART%3D1690823439%3AS%3DALNI_MaDJbualFQCt2O0Mx4YjSKDf92Xpw&gpic=UID%3D00000d34b4b593f5%3AT%3D1690823439%3ART%3D1690823439%3AS%3DALNI_Mb03PC-y9t69B01HCvfyuxM8sBKXw&prev_fmts=0x0&nras=2&correlator=8570523530761&frm=20&pv=1&ga_vid=815090737.1690823439&ga_sid=1690823439&ga_hid=1719278672&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=220&ady=4429&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076088%2C31076483%2C44788442%2C44796632%2C44798156&oid=2&pvsid=1029501597027859&tmod=47417270&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=6dl1E7Xtvk&p=https%3A//oatuu.org&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7c2f10c04a8c2165c222854b30d46301a1e0b6b22b3ac971fb29554ba0cabff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 19:12:43 GMT
x-content-type-options: nosniff
age: 251878
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122910
x-xss-protection: 0
last-modified: Wed, 18 Jan 2023 23:54:59 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 27 Jul 2024 19:12:43 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/ Frame 1FDE 23 KB
9 KB 42ms
40ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93028274da1d373cd41165f6a442568ddd482370e8093e45d14a4ad0f6981f19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 15:09:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7249
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9132
x-xss-protection: 0
server: cafe
etag: 17712579318771444318
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Aug 2023 15:09:52 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame 1FDE 3 KB
1 KB 124ms
123ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 11:50:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19239
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Aug 2023 11:50:02 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame 1FDE 20 KB
8 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ecb4fb492aee0a820dfc4a395fb80e2ac2e864bbf38aa1ae28d6d70fb9e6da3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 03:48:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48131
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8293
x-xss-protection: 0
server: cafe
etag: 11502554701003060455
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Aug 2023 03:48:30 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 1FDE 0
0 48ms
46ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS7LG2SSu5dcvGXenSoauvBp6xmjgwW0wdMJWdBkbpbFMFPgNjJl5fZR6hcbqNIBiveLtm-EYsglD0oscnB3GOti7JBRg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3634999250096065&output=html&h=280&adk=202424628&adf=4235140782&pi=t.aa~a.3867267941~i.35~rp.4&w=800&fwrn=4&fwrnh=100&lmt=1690823440&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7917813666&ad_type=text_image&format=800x280&url=https%3A%2F%2Foatuu.org%2F&fwr=0&pra=3&rh=200&rw=800&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690823440279&bpp=3&bdt=1698&idt=3&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1d50d67b1c2a0c7a-22d438ca29e30005%3AT%3D1690823439%3ART%3D1690823439%3AS%3DALNI_MaDJbualFQCt2O0Mx4YjSKDf92Xpw&gpic=UID%3D00000d34b4b593f5%3AT%3D1690823439%3ART%3D1690823439%3AS%3DALNI_Mb03PC-y9t69B01HCvfyuxM8sBKXw&prev_fmts=0x0&nras=2&correlator=8570523530761&frm=20&pv=1&ga_vid=815090737.1690823439&ga_sid=1690823439&ga_hid=1719278672&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=220&ady=4429&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076088%2C31076483%2C44788442%2C44796632%2C44798156&oid=2&pvsid=1029501597027859&tmod=47417270&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=6dl1E7Xtvk&p=https%3A//oatuu.org&dtd=9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1FDE 179 KB
56 KB 59ms
57ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 17:10:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57355
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690371356542162"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 31 Jul 2023 17:10:41 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame 1FDE 33 KB
13 KB 140ms
139ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4938ae629cfe26eaeb48f79a64d380e0f2f29a63b0cf0c98ef4dd19039ed3d81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 03:31:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49180
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13567
x-xss-protection: 0
server: cafe
etag: 2495518695802652152
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Aug 2023 03:31:01 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E234 0
0 168ms
168ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230726&jk=1029501597027859&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

GET
H3 200 XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js Show response
pagead2.googlesyndication.com/bg/ Frame C31A 37 KB
14 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4f9e4b1838819f2fdbc6eea07e712886701f71a49ff22a445a9be3d5c7d806

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 17:14:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86180
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14628
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 29 Jul 2024 17:14:21 GMT

GET
H3 200 XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js Show response
pagead2.googlesyndication.com/bg/ Frame EC8C 37 KB
14 KB 46ms
43ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4f9e4b1838819f2fdbc6eea07e712886701f71a49ff22a445a9be3d5c7d806

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 17:14:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86180
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14628
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 29 Jul 2024 17:14:21 GMT

GET
H3 200 logo_white.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12778012691870549939/ Frame EC8C 7 KB
3 KB 60ms
57ms Image
image/svg+xml 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12778012691870549939/logo_white.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a2ff37cdb0fa1f0bf2f3d3832455e1730f1253e9d7352cc5697e16af03023a3

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 28 Jul 2023 19:46:58 GMT
age: 249823
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2884
x-xss-protection: 0
last-modified: Tue, 26 Jul 2022 13:09:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 27 Jul 2024 19:46:58 GMT

GET
H3 200 text_01.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12778012691870549939/ Frame EC8C 6 KB
2 KB 70ms
67ms Image
image/svg+xml 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12778012691870549939/text_01.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b46798c8f3e473da6f45fd3b51bebe0f3cac46182bb49caa9000086afd33d88

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 29 Jul 2023 06:55:31 GMT
age: 209710
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2003
x-xss-protection: 0
last-modified: Tue, 26 Jul 2022 13:09:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 28 Jul 2024 06:55:31 GMT

GET
H3 200 mood_01.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12778012691870549939/ Frame EC8C 14 KB
14 KB 83ms
80ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12778012691870549939/mood_01.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4ba5eb6cc7a3d9398ae5b340d76ef7eb6142043681101511e588b55db0b434c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Tue, 25 Jul 2023 11:55:37 GMT
x-content-type-options: nosniff
age: 537304
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14282
x-xss-protection: 0
last-modified: Tue, 26 Jul 2022 13:09:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 24 Jul 2024 11:55:37 GMT

GET
H3 200 text_02.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12778012691870549939/ Frame EC8C 8 KB
2 KB 102ms
99ms Image
image/svg+xml 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12778012691870549939/text_02.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddb53616b4275551ae84ddd5fd19a2ddb36108d2a308b5c83c344cb6926ed800

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 30 Jul 2023 00:47:32 GMT
age: 145389
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2465
x-xss-protection: 0
last-modified: Tue, 26 Jul 2022 13:09:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 29 Jul 2024 00:47:32 GMT

GET
H3 200 mood_02.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12778012691870549939/ Frame EC8C 19 KB
19 KB 71ms
68ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12778012691870549939/mood_02.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4d75a13863753d7b0e866540e731e6bad11a7c55b1715ee88fdfd50209f96d5

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 29 Jul 2023 07:50:55 GMT
x-content-type-options: nosniff
age: 206386
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19096
x-xss-protection: 0
last-modified: Tue, 26 Jul 2022 13:09:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 28 Jul 2024 07:50:55 GMT

GET
H3 200 text_03.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12778012691870549939/ Frame EC8C 7 KB
3 KB 101ms
98ms Image
image/svg+xml 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12778012691870549939/text_03.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b861ecdccefc2537f81bea156260e8fc41ed849f8c937dde26fc0cf1c5ef5b25

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 27 Jul 2023 04:32:06 GMT
age: 391115
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2533
x-xss-protection: 0
last-modified: Tue, 26 Jul 2022 13:09:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 26 Jul 2024 04:32:06 GMT

GET
H3 200 mood_03.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12778012691870549939/ Frame EC8C 16 KB
16 KB 109ms
106ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12778012691870549939/mood_03.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6190e10eab07f81bb062f01927d03bb513044aac255fcc4008927297dd6863b8

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 29 Jul 2023 02:50:46 GMT
x-content-type-options: nosniff
age: 224395
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16638
x-xss-protection: 0
last-modified: Tue, 26 Jul 2022 13:09:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 28 Jul 2024 02:50:46 GMT

GET
H3 200 logo_black.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12778012691870549939/ Frame EC8C 13 KB
4 KB 102ms
100ms Image
image/svg+xml 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12778012691870549939/logo_black.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7aa97ad2d957155872d77a60dd07a499b4b261bc34e2c3f931c18cc692c708e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 29 Jul 2023 05:07:08 GMT
age: 216213
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4318
x-xss-protection: 0
last-modified: Tue, 26 Jul 2022 13:09:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 28 Jul 2024 05:07:08 GMT

GET
H3 200 cta_02.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12778012691870549939/ Frame EC8C 6 KB
2 KB 108ms
105ms Image
image/svg+xml 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12778012691870549939/cta_02.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67e271d0640f6aa7fa8d212a40ea4a6cc5d3fef387aa05050b9f9f5d79875d28

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 29 Jul 2023 00:01:34 GMT
age: 234547
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1982
x-xss-protection: 0
last-modified: Tue, 26 Jul 2022 13:09:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 28 Jul 2024 00:01:34 GMT

GET
H3 200 cta_01.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12778012691870549939/ Frame EC8C 6 KB
2 KB 104ms
101ms Image
image/svg+xml 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12778012691870549939/cta_01.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91fa317751bcfa4704a7250e3aa2ee31d471a35d9c52c40ca216b918cb7f6ad3

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 27 Jul 2023 21:33:31 GMT
age: 329830
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1958
x-xss-protection: 0
last-modified: Tue, 26 Jul 2022 13:09:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 26 Jul 2024 21:33:31 GMT

GET
H3 200 hg_form.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12778012691870549939/ Frame EC8C 503 B
411 B 118ms
115ms Image
image/svg+xml 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12778012691870549939/hg_form.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d19f5c23a70a3dbf2e6b06a6f18b44869ad7b93f03812702b2d1826535ff272d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 27 Jul 2023 21:21:16 GMT
age: 330565
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 375
x-xss-protection: 0
last-modified: Tue, 26 Jul 2022 13:09:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 26 Jul 2024 21:21:16 GMT

GET
H3 200 hg_color.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12778012691870549939/ Frame EC8C 23 KB
23 KB 115ms
112ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12778012691870549939/hg_color.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a680b27abf1fc18387999557e3fc739025bc86fe763fb9d7707d97e88c696a7c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 29 Jul 2023 06:27:37 GMT
x-content-type-options: nosniff
age: 211384
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23099
x-xss-protection: 0
last-modified: Tue, 26 Jul 2022 13:09:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 28 Jul 2024 06:27:37 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9377 0
19 B 101ms
100ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CDKYID-vHZLqkHZTLgAOVkpf4Boa0t5xx2a2b2v0P9pX06ckBEAEg2o61hwFgleKQgqAHoAGl4IzcA8gBCakC-EeJzJ1_sj6oAwHIA0iqBMkBT9BEb5AKyBqJ5MlWu9SFBlPnejtc5xl4D90SCZ5nOBWa1l98kxd8gnOVlUxS_K5fwzb3joqNAzMTMVZrpzUckEjqKPwdyjIWclAoMAVLdmFdcVvwyojN2RYJuQmj0rkohyRXa2qA67Xb4yxcH-onBvSjOCVD7kHtjeF__mBKPOXpXG_eglPi9CY6cJabDFt94E5lwhx8jyE-HOtMhM5j6k1myzanKr8USyjv0hpx4T8VoA71pPLKCZmwTh5V79EhRJKTy6zZMzxIwAT6sdjYjQSSBQQIBBgBkgUECAUYBKAGLoAHs5GrKKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEI3JBNIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqACgHICwHYEwrQFQGAFwGyFxwKGggAEhRwdWItMzYzNDk5OTI1MDA5NjA2NRgA&sigh=47nyXJU5fsk&uach_m=[UACH]&cid=CAQSGwBpAlJWtfRY-Lhl6wG-B23quX5VonUQqYQRJRgB&template_id=419&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 31 Jul 2023 17:10:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9FE8 143 B
166 B 40ms
36ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3634999250096065&output=html&h=280&adk=202424628&adf=4235140782&pi=t.aa~a.3867267941~i.35~rp.4&w=800&fwrn=4&fwrnh=100&lmt=1690823440&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7917813666&ad_type=text_image&format=800x280&url=https%3A%2F%2Foatuu.org%2F&fwr=0&pra=3&rh=200&rw=800&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690823440279&bpp=3&bdt=1698&idt=3&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1d50d67b1c2a0c7a-22d438ca29e30005%3AT%3D1690823439%3ART%3D1690823439%3AS%3DALNI_MaDJbualFQCt2O0Mx4YjSKDf92Xpw&gpic=UID%3D00000d34b4b593f5%3AT%3D1690823439%3ART%3D1690823439%3AS%3DALNI_Mb03PC-y9t69B01HCvfyuxM8sBKXw&prev_fmts=0x0&nras=2&correlator=8570523530761&frm=20&pv=1&ga_vid=815090737.1690823439&ga_sid=1690823439&ga_hid=1719278672&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=220&ady=4429&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076088%2C31076483%2C44788442%2C44796632%2C44798156&oid=2&pvsid=1029501597027859&tmod=47417270&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=6dl1E7Xtvk&p=https%3A//oatuu.org&dtd=9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 146
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 31 Jul 2023 17:08:15 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 849D 3 KB
4 KB 330ms
30ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 17:10:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3136
x-guploader-uploadid: ADPycdvK0i-nNNMv3fNeMFP8ktxrB0s9Rxn1yHxNJcTu0YzGgL1oQ0J5-KUL8U_oIDMeEhRvKXfkGwmOw_rmBs79tac
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1623242114099744
content-type: image/png
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=31536000, immutable
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VcDfKI%2Bsv8sMiOj2LVD7TIzfTaM0FAVCw%2FY9ua0aHHqV1fYDB50AtTzhQkKGWonf7DjRYKIhnxgr8gBDzvxYvWuryvBbRrd42h%2Bq7L8ZHuz%2FgwL9TGWhgiOkd2I%2Btfr9KTq5yLGMeBCu3yrul4Udq%2FYR"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 7ef774cd8a9ebb5c-FRA
expires: Mon, 31 Jul 2023 16:22:58 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame CBAF 1 KB
643 B 69ms
57ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 5861
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 31 Jul 2023 15:33:00 GMT
etag: 48472445140208031
expires: Tue, 01 Aug 2023 15:33:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 frame.html Show response
ad4m.at/ Frame F389 2 KB
1 KB 26ms
24ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 187727
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7ef774cbca6e377b-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Mon, 31 Jul 2023 17:10:41 GMT
expires: Sun, 09 Jul 2023 00:24:59 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sT7AN%2BGZ%2BGnLs00BDjIfeJRk71cAteAtiyemKhUsDjH0tJuDlFUeASnjZwJWFMolOgSnqy719iPJpFmYfdU92UheIJr3F1apgxhiqc8PAOGX1NcO39dvJ1N8fojxbjfuMkF7ppc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 7347 1 KB
643 B 48ms
38ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3634999250096065&output=html&h=600&adk=2072332743&adf=4062780367&pi=t.aa~a.3186878767~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1690823440&rafmt=1&to=qs&pwprc=7917813666&format=300x600&url=https%3A%2F%2Foatuu.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690823440342&bpp=1&bdt=1761&idt=1&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1d50d67b1c2a0c7a-22d438ca29e30005%3AT%3D1690823439%3ART%3D1690823439%3AS%3DALNI_MaDJbualFQCt2O0Mx4YjSKDf92Xpw&gpic=UID%3D00000d34b4b593f5%3AT%3D1690823439%3ART%3D1690823439%3AS%3DALNI_Mb03PC-y9t69B01HCvfyuxM8sBKXw&prev_fmts=0x0%2C800x280%2C300x600&nras=4&correlator=8570523530761&frm=20&pv=1&ga_vid=815090737.1690823439&ga_sid=1690823439&ga_hid=1719278672&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=2417&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076088%2C31076483%2C44788442%2C44796632%2C44798156&oid=2&pvsid=1029501597027859&tmod=47417270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=QQ74Fvac0e&p=https%3A//oatuu.org&dtd=22

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 5861
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 31 Jul 2023 15:33:00 GMT
etag: 48472445140208031
expires: Tue, 01 Aug 2023 15:33:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame D2A6 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 117aab39ff04c222975adaa70525efa823758bd0b249be562aacf3fc7019c127

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 1FDE 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f3a40b7c9361e1962a9c6379c67be683632b17a580cfef4c1423f31424f6f7b6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame CBAF
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEF9rjJ2XNV86JCkrwRcxTdM&google_cver=1&google_push=AaAOQGEfuNrhKXUIk7KhJgoORau3Enb74-bEitRiwKZCxCdJ_iihmsNaolT9vBl3FjMeb_IkUo8ez9uLJdLOW1SzudFM5pIfNXN17s69
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzU0MDgyODQ1NzExMTE2MjA5MQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEF9rjJ2XNV86JCkrwRcxTdM&google_cver=1

43 B
398 B

49ms
14ms

Image
image/gif

46.228.164.11

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEF9rjJ2XNV86JCkrwRcxTdM&google_cver=1
Protocol: H2
Server: 46.228.164.11 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 31 Jul 2023 17:10:41 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Mon, 31 Jul 2023 17:10:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEF9rjJ2XNV86JCkrwRcxTdM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame CBAF
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEN4ydNxQhkd7WxpyvOM9Y7w&google_cver=1&google_push=AaAOQGHnfVpi7pnB0oJdQcvEtZB-4S5lZJt_UqMPqMdrCrZr9ERM7e2Emt...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AaAOQGHnfVpi7pnB0oJdQcvEtZB-4S5lZJt_UqMPqMdrCrZr9ERM7e2EmtFeY125D3zHRYtjfbqyPwAs_O1hPMzFqXD8cfGcRXx0ujM&google_hm=bKwy-D3qh...

170 B
232 B

51ms
50ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AaAOQGHnfVpi7pnB0oJdQcvEtZB-4S5lZJt_UqMPqMdrCrZr9ERM7e2EmtFeY125D3zHRYtjfbqyPwAs_O1hPMzFqXD8cfGcRXx0ujM&google_hm=bKwy-D3qh_5NU4n1EvzkTw

Requested by

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jul 2023 17:10:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AaAOQGHnfVpi7pnB0oJdQcvEtZB-4S5lZJt_UqMPqMdrCrZr9ERM7e2EmtFeY125D3zHRYtjfbqyPwAs_O1hPMzFqXD8cfGcRXx0ujM&google_hm=bKwy-D3qh_5NU4n1EvzkTw
pragma: no-cache
date: Mon, 31 Jul 2023 17:10:41 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CBAF
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESELiw5QCAdn4-LoNS7Q6SXyk&google_cver=1&google_push=AaAOQGHuus3ULyjWSKtP1hFj-Gjm8aZ6sy5BZLFJUM7vTlD6KPokQ7SvRyWOsVjmwWzG3-zMXvfpsK2Nw5FKY8...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI2MjAzMTM4MjQyODcxMTA1Mw%3D%3D&google_push=AaAOQGHuus3ULyjWSKtP1hFj-Gjm8aZ6sy5BZLFJUM7vTlD6KPokQ7SvRyWOsVjmwWzG3-zMXvfpsK2Nw5FKY8JKdt...

170 B
188 B

59ms
58ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI2MjAzMTM4MjQyODcxMTA1Mw%3D%3D&google_push=AaAOQGHuus3ULyjWSKtP1hFj-Gjm8aZ6sy5BZLFJUM7vTlD6KPokQ7SvRyWOsVjmwWzG3-zMXvfpsK2Nw5FKY8JKdta_MihLmlpQLZcp

Requested by

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jul 2023 17:10:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI2MjAzMTM4MjQyODcxMTA1Mw%3D%3D&google_push=AaAOQGHuus3ULyjWSKtP1hFj-Gjm8aZ6sy5BZLFJUM7vTlD6KPokQ7SvRyWOsVjmwWzG3-zMXvfpsK2Nw5FKY8JKdta_MihLmlpQLZcp
Date: Mon, 31 Jul 2023 17:10:41 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 sync
x.bidswitch.net/ Frame CBAF 43 B
146 B 34ms
8ms Image
image/gif 18.185.50.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEPIeJuyQabG0CbBmmSTk6C8&google_cver=1&google_push=AaAOQGGJTTjIv4f4wEOOHAlUQTwAZRZVIpI1lyHoBGJ0C8tdHYy0KnSw0smlEAxD_xdopaxN5lbRONArapQGB7DfaAL6WYTWSiDIsmEK
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3634999250096065&output=html&h=280&adk=202424628&adf=4235140782&pi=t.aa~a.3867267941~i.35~rp.4&w=800&fwrn=4&fwrnh=100&lmt=1690823440&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7917813666&ad_type=text_image&format=800x280&url=https%3A%2F%2Foatuu.org%2F&fwr=0&pra=3&rh=200&rw=800&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690823440279&bpp=3&bdt=1698&idt=3&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1d50d67b1c2a0c7a-22d438ca29e30005%3AT%3D1690823439%3ART%3D1690823439%3AS%3DALNI_MaDJbualFQCt2O0Mx4YjSKDf92Xpw&gpic=UID%3D00000d34b4b593f5%3AT%3D1690823439%3ART%3D1690823439%3AS%3DALNI_Mb03PC-y9t69B01HCvfyuxM8sBKXw&prev_fmts=0x0&nras=2&correlator=8570523530761&frm=20&pv=1&ga_vid=815090737.1690823439&ga_sid=1690823439&ga_hid=1719278672&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=220&ady=4429&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076088%2C31076483%2C44788442%2C44796632%2C44798156&oid=2&pvsid=1029501597027859&tmod=47417270&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=6dl1E7Xtvk&p=https%3A//oatuu.org&dtd=9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.50.28 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-50-28.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 17:10:41 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CBAF
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEN0T8TsX3LXdjIWZYjwjIc0&google_cver=1&google_push=AaAOQGHdR-_juTK2JygyQl_GDgsgPJibYXtEPqPozjmyu96w8J21ho673rkI9FRrNjF5GQNhjbdfdFHf8pTfmc80Y7TO4EW...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGHdR-_juTK2JygyQl_GDgsgPJibYXtEPqPozjmyu96w8J21ho673rkI9FRrNjF5GQNhjbdfdFHf8pTfmc80Y7TO4EWadkfD0RUC&google_hm=eS1DV1RGNFl4RTJwSE...

170 B
188 B

66ms
48ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGHdR-_juTK2JygyQl_GDgsgPJibYXtEPqPozjmyu96w8J21ho673rkI9FRrNjF5GQNhjbdfdFHf8pTfmc80Y7TO4EWadkfD0RUC&google_hm=eS1DV1RGNFl4RTJwSEYuUVBBMWNmaF84QjNlU0pFOU16Tn5B

Requested by

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jul 2023 17:10:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 31 Jul 2023 17:10:41 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGHdR-_juTK2JygyQl_GDgsgPJibYXtEPqPozjmyu96w8J21ho673rkI9FRrNjF5GQNhjbdfdFHf8pTfmc80Y7TO4EWadkfD0RUC&google_hm=eS1DV1RGNFl4RTJwSEYuUVBBMWNmaF84QjNlU0pFOU16Tn5B
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame CBAF 43 B
362 B 17ms
15ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAaAOQGHERoOAQUergQsjMflnceBctgWJOIqviaXI_Y6112ojGUpwA5Zhso9sNnSjZL5KApbc5Jw86TYSMyIdTFo46s0KrQOePih4hDYx&google_gid=CAESELhxhDD211YFmeV4k4yRfXw&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jul 2023 17:10:41 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 246123
expires: Mon, 31 Jul 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CBAF
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMRrquUMVs2Te9Us8yIDy6U&google_cver=1&google_push=AaAOQGHqhpcYLZqYE2YyqqFTiV2F5VcaMF068uF1zDuUOFnTT2FNkKjv23J6PsADrpIMSUt8j_dubQFw...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMRrquUMVs2Te9Us8yIDy6U&google_cver=1&google_push=AaAOQGHqhpcYLZqYE2YyqqFTiV2F5VcaMF068uF1zDuUOFnTT2FNkKjv23J6PsADrpIMSUt8j_d...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTEwMDU3NDcyMjA2MzcxMTcxNA&google_push=AaAOQGHqhpcYLZqYE2YyqqFTiV2F5VcaMF068uF1zDuUOFnTT2FNkKjv23J6PsADrpIMSUt8j_dubQ...

170 B
188 B

51ms
50ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTEwMDU3NDcyMjA2MzcxMTcxNA&google_push=AaAOQGHqhpcYLZqYE2YyqqFTiV2F5VcaMF068uF1zDuUOFnTT2FNkKjv23J6PsADrpIMSUt8j_dubQFw2CmtLq75WvGAmionEeldv0XL

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jul 2023 17:10:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 31 Jul 2023 17:10:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=OTEwMDU3NDcyMjA2MzcxMTcxNA&google_push=AaAOQGHqhpcYLZqYE2YyqqFTiV2F5VcaMF068uF1zDuUOFnTT2FNkKjv23J6PsADrpIMSUt8j_dubQFw2CmtLq75WvGAmionEeldv0XL
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame CBAF 0
40 B 52ms
50ms Image
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KUDuw_OUmJmATCNKEaqslW7ROBiZbbHZ1GBeefIbYpZyX7yWIGqXDA3VOh0qHJvEQryvjg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 17:10:41 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D2A6 0
19 B 90ms
89ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Coe-QEOvHZM2qGpClxdwP_tuT-Aa6iLSPXJzX7u6pCMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zNjM0OTk5MjUwMDk2MDY1yAEJqAMByAMCqgS4AU_QJ3FTOv4f66hBrAb-sFOVYsaVq8lwWkL2GO3gi61jZSX4V78F96kyfaOLQMPE2nxTRaZnqdH1PqosMPmFKP8Em8p-xtWuO4R9b0CNlmoBHwrN7039cjCDFpIpxGgafPs1uW6doRIz8cH8L_OL-cR4MS_kXDPzuggm4ZYEkcEUoyWrnihn0uM_DqxfqZ94-10BdbcwzVoSFRS9PvOuDcTL5hpMQ0KZMBy2KozqqAf86ebWqUzKbSqABvmqpemAx5HlIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0zNjM0OTk5MjUwMDk2MDY1GAA&sigh=qFBJ1dgzzRk&uach_m=[UACH]&cid=CAQSOwBpAlJWz-m8DHr9bQGOEygCaW7XV8KI5F9nLrvLQdqjQHWnPP_BM6sjhFjZSRWdVVIKXUgqwvZ4xMpzGAE&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3634999250096065&output=html&h=600&adk=2072332743&adf=4062780367&pi=t.aa~a.3186878767~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1690823440&rafmt=1&to=qs&pwprc=7917813666&format=300x600&url=https%3A%2F%2Foatuu.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690823440342&bpp=1&bdt=1761&idt=1&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1d50d67b1c2a0c7a-22d438ca29e30005%3AT%3D1690823439%3ART%3D1690823439%3AS%3DALNI_MaDJbualFQCt2O0Mx4YjSKDf92Xpw&gpic=UID%3D00000d34b4b593f5%3AT%3D1690823439%3ART%3D1690823439%3AS%3DALNI_Mb03PC-y9t69B01HCvfyuxM8sBKXw&prev_fmts=0x0%2C800x280%2C300x600&nras=4&correlator=8570523530761&frm=20&pv=1&ga_vid=815090737.1690823439&ga_sid=1690823439&ga_hid=1719278672&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=2417&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076088%2C31076483%2C44788442%2C44796632%2C44798156&oid=2&pvsid=1029501597027859&tmod=47417270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=QQ74Fvac0e&p=https%3A//oatuu.org&dtd=22

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3634999250096065&output=html&h=600&adk=2072332743&adf=4062780367&pi=t.aa~a.3186878767~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1690823440&rafmt=1&to=qs&pwprc=7917813666&format=300x600&url=https%3A%2F%2Foatuu.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690823440342&bpp=1&bdt=1761&idt=1&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1d50d67b1c2a0c7a-22d438ca29e30005%3AT%3D1690823439%3ART%3D1690823439%3AS%3DALNI_MaDJbualFQCt2O0Mx4YjSKDf92Xpw&gpic=UID%3D00000d34b4b593f5%3AT%3D1690823439%3ART%3D1690823439%3AS%3DALNI_Mb03PC-y9t69B01HCvfyuxM8sBKXw&prev_fmts=0x0%2C800x280%2C300x600&nras=4&correlator=8570523530761&frm=20&pv=1&ga_vid=815090737.1690823439&ga_sid=1690823439&ga_hid=1719278672&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=2417&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076088%2C31076483%2C44788442%2C44796632%2C44798156&oid=2&pvsid=1029501597027859&tmod=47417270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=QQ74Fvac0e&p=https%3A//oatuu.org&dtd=22
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 31 Jul 2023 17:10:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200 a.gif
i.w55c.net/ Frame D2A6 42 B
582 B 290ms
8ms Image
image/gif 3.124.112.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.w55c.net/a.gif?t=0&rtbhost=conf01-europe-west1.rtb.roku.com&rts=1&btid=MEI1RjI3QzFEMTFDMTc1MTlCMjgxNjNGNkFEMjJGRDd8R0ZFNGo2aGJkd3wxNjkwODIzNDQwNTU0fDF8WG1FS1o4a2t0eHxYUlBNSXRvc2p5fC0xMjYwMjk4MzY1X0VYfDU0OTc0fHx8fC4wUHxVU0Q&ei=GOOGLE_CONTENTNETWORK&wp_exchange=ZMfrEAAGlU0FkVKQAATt_g3crWJ8vZJUGDcIWw&ac=WFMwUE56aXZTMTpYU1pHTkNKTWpzfDB8MHxFVVI7&psid=NTkzOTA4MTEyNTc&js=0&ob=0&ccw=SUFCMSMwLjMwMjQzNjU2fElBQjE5IzAuMTQ0MjIzMzV8SUFCMS02IzAuMTQ0MjIzMzV8SUFCMTktMjIjMC4xNDQyMjMzNXxJQUI3IzAuMTA0NTI3OTJ8SUFCNSMwLjA3ODQwNjA5fElBQjUtOCMwLjA2Mzc5Njk1fElBQjgtMTcjMC4wMjk0NjE5M3xJQUI4IzAuMDI5NDYxOTN8SUFCNi02IzAuMDI2MTMxOTh8SUFCNi0yIzAuMDI2MTMxOTh8SUFCMTQtNiMwLjAyNjEzMTk4fElBQjYjMC4wMjYxMzE5OHxJQUIxNCMwLjAyNjEzMTk4&ci=Xmwo1n97Q8&fiu=WG1FS1o4a2t0eA&fid=XmEKZ8kktx&sd=oatuu.org&s=https%3A%2F%2Foatuu.org&ts=1690823440563&dvdp=i.w55c.net/dv.jpg&ai=0DaDXCcU00&c=DE&r=G-HE&rnd=9140384218133024&epid=R0NvYXR1dS5vcmc&ct=b126c92c760c4964ba6058483a07fa14&os=Mm8wMDAy&dc=NzI4NWEyMmNjZmE2NGM1Y2JmMzBmYzExNmQzNGFhNGU&dm=MU1vb0JBMjUzMQ&l=ZW58fA&ri=2rxtlU&cip=1&alg=TGcwMDA4&v=2&euid=Q0FFU0VOU3lZbTFWemZKLXhTQ3RwYXJCOXFj&mt=2cmt0001&mi=d2Vi&dt=2dt0005&tz=RXVyb3BlL0Jlcmxpbg&sg=sZu1fzlh45_-RMljr7gdsQ&buid=Xdb4DXiaK1Q&dv=MUxWSXJn&hmt=1&hmdp=s.h.w55c.net/2/948461/analytics.gif&hmtiu=9484611643830741015000&uidu=CAESENSyYm1VzfJ-xSCtparB9qc&spidu=GOOGLE_CONTENTNETWORK&pidu=oatuu.org&hmpvu=674305c2-9ac1-49f0-9522-7f29e26e02d2&hmtsu=3&odtu=2&mtfu=1&crdmu=300x600&cridu=XRPMItosjy&naoh=i.w55c.net/na.gif&ndgh=i.w55c.net/ng.gif&cbvp=2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3634999250096065&output=html&h=600&adk=2072332743&adf=4062780367&pi=t.aa~a.3186878767~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1690823440&rafmt=1&to=qs&pwprc=7917813666&format=300x600&url=https%3A%2F%2Foatuu.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690823440342&bpp=1&bdt=1761&idt=1&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1d50d67b1c2a0c7a-22d438ca29e30005%3AT%3D1690823439%3ART%3D1690823439%3AS%3DALNI_MaDJbualFQCt2O0Mx4YjSKDf92Xpw&gpic=UID%3D00000d34b4b593f5%3AT%3D1690823439%3ART%3D1690823439%3AS%3DALNI_Mb03PC-y9t69B01HCvfyuxM8sBKXw&prev_fmts=0x0%2C800x280%2C300x600&nras=4&correlator=8570523530761&frm=20&pv=1&ga_vid=815090737.1690823439&ga_sid=1690823439&ga_hid=1719278672&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=2417&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076088%2C31076483%2C44788442%2C44796632%2C44798156&oid=2&pvsid=1029501597027859&tmod=47417270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=QQ74Fvac0e&p=https%3A//oatuu.org&dtd=22

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.124.112.76 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-124-112-76.eu-central-1.compute.amazonaws.com

Software

PixelTracking/v2.0.30-785-gcf3d607#rel-ec2-master i-0e54b8051b0b15664@eu-central-1a@dxedge-app-eu-central-1-prod-asg /

Resource Hash

47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 31 Jul 2023 17:10:41 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PixelTracking/v2.0.30-785-gcf3d607#rel-ec2-master i-0e54b8051b0b15664@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Content-Type: image/gif
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 42
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3E86 0
19 B 84ms
83ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CNfUkEOvHZPeqGoibygX-obrIB5DhgYRctqjCivACwI23ARABIABgoQKCARdjYS1wdWItMzYzNDk5OTI1MDA5NjA2NcgBCakC-EeJzJ1_sj6oAwHIAwKqBLkBT9AdcnMcCfsES1GODxto3FuqYfCdSwLJEm4woOndg86GSi7eZ71PN-9USsUWyqpXgcibL9kw_G67KpEncrYkJ36rUAnf5xQxchy0VXDv2_e9dcUkLjqOkBrjJZ2_8ua2Hq4mCpTLCSlcJ6sPDdwBSBJVQK-KuD2kKWUQ4Jw7T_9U1fqsOOUr3uoMU5TLPzRuQO-8rkyT7r32tSSL59vKGFEdbQZIqtlxDu9e5Tpul9uMGP8-V-7LB0iABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTM2MzQ5OTkyNTAwOTYwNjUYAA&sigh=U1n-MV6h8yg&uach_m=[UACH]&cid=CAQSOwBpAlJWLlADvGHwVPZ9jFfMmLc8flcz7H-4v8EAiCB9DkOXVzxubAOeJqOr_sTeOx1OEL4i81FhUfPaGAE&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3634999250096065&output=html&h=600&adk=2072332743&adf=76851998&pi=t.aa~a.3734439331~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1690823440&rafmt=1&to=qs&pwprc=7917813666&format=300x600&url=https%3A%2F%2Foatuu.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690823440342&bpp=1&bdt=1760&idt=-M&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1d50d67b1c2a0c7a-22d438ca29e30005%3AT%3D1690823439%3ART%3D1690823439%3AS%3DALNI_MaDJbualFQCt2O0Mx4YjSKDf92Xpw&gpic=UID%3D00000d34b4b593f5%3AT%3D1690823439%3ART%3D1690823439%3AS%3DALNI_Mb03PC-y9t69B01HCvfyuxM8sBKXw&prev_fmts=0x0%2C800x280&nras=3&correlator=8570523530761&frm=20&pv=1&ga_vid=815090737.1690823439&ga_sid=1690823439&ga_hid=1719278672&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1402&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076088%2C31076483%2C44788442%2C44796632%2C44798156&oid=2&pvsid=1029501597027859&tmod=47417270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=q3yg7VZiXm&p=https%3A//oatuu.org&dtd=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 31 Jul 2023 17:10:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 3E86 0
103 B 65ms
23ms Image
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1hkpxs42cbgd7m0re1jq43sf6fsrfqr2k9dpvbnxxtds77gf88g67s4qjyj0bqfyzmn2k9z9j9rpbgrwvgjvjep1abc4tn505xtwwwx4x73hsnaz8bc6j1zjjed2efsyg00mss96gxv9mgt5e6tjmh28acbnb92ctjgcdetm2qv20rnm3a5q96dardt2dcsbq0t9p6pt9s70171zqvgs1ahekcffcz1t0ye05pw355fqs14psmxy9rh7hjm6mq2205mw15fgtd0skzjwxq1qfazem2w9srdxyhn2jagkpe3rzvj4ncesz9hfsa7vpeqrjc44emhhchv3a7fd6dxb3bys1pw9cgdat313ryz977nrtqq0zpey6qc4sye3n9byc1mt28s3a6ybs0r&b=ZMfrEAAGlXcKso2IAA6Q_lU1b3VcdxjApPYtJw&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3634999250096065&output=html&h=600&adk=2072332743&adf=76851998&pi=t.aa~a.3734439331~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1690823440&rafmt=1&to=qs&pwprc=7917813666&format=300x600&url=https%3A%2F%2Foatuu.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690823440342&bpp=1&bdt=1760&idt=-M&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1d50d67b1c2a0c7a-22d438ca29e30005%3AT%3D1690823439%3ART%3D1690823439%3AS%3DALNI_MaDJbualFQCt2O0Mx4YjSKDf92Xpw&gpic=UID%3D00000d34b4b593f5%3AT%3D1690823439%3ART%3D1690823439%3AS%3DALNI_Mb03PC-y9t69B01HCvfyuxM8sBKXw&prev_fmts=0x0%2C800x280&nras=3&correlator=8570523530761&frm=20&pv=1&ga_vid=815090737.1690823439&ga_sid=1690823439&ga_hid=1719278672&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=1402&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076088%2C31076483%2C44788442%2C44796632%2C44798156&oid=2&pvsid=1029501597027859&tmod=47417270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=q3yg7VZiXm&p=https%3A//oatuu.org&dtd=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 31 Jul 2023 17:10:41 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9FE8
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

54ms
54ms

Document
text/html

2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 31 Jul 2023 17:10:41 GMT
expires: Mon, 31 Jul 2023 17:10:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 31 Jul 2023 17:10:41 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1FDE 0
19 B 93ms
90ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CkOtwEOvHZOWYGruixdwPtZeF2An2yOz8cbzd6MOsERQQASDajrWHAWCV4pCCoAegAeyz8sAByAECqAMByAPJBKoEwgFP0OKSuUgvZW8XdcHNhFShTJFnVbpeePIZOhkxR4fj6RHEkljUcdDGLfdbveBv6VcMIQhIbKusPvAykRMcykEsPWeBDKLvG7Qd-HopdWw2n7QACPUwVi9gnri6NlvGH_c24wSj4eins3vkFEiYoa60a1hfEuAX06zqbsJUMetgoh--OgCH7r_9BEdHOgpacZQ98ENU4hjTnC-BRNR-e7iXEf3JW1MuRMS5uHyP_4ighTrKcLO0L5ghGnWUZB_OT8xQccAE_5XolaIEkgUECAQYAZIFBAgFGASgBgKAB_zLjb8CqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQgtAB0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAaIMCCoGCgTDsLEC2BMM0BUBmBYBgBcBshccChoIABIUcHViLTM2MzQ5OTkyNTAwOTYwNjUYAA&sigh=rRiSp3TfCnw&uach_m=[UACH]&cid=CAQSOwBpAlJWUs_9USMUACIvcXZxqfeWhPogYzlXGESDM9aiBFXY_pAStc3FhABiYkaBxYh2lNSbARkpxtt9GAE&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3634999250096065&output=html&h=280&adk=202424628&adf=4235140782&pi=t.aa~a.3867267941~i.35~rp.4&w=800&fwrn=4&fwrnh=100&lmt=1690823440&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7917813666&ad_type=text_image&format=800x280&url=https%3A%2F%2Foatuu.org%2F&fwr=0&pra=3&rh=200&rw=800&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690823440279&bpp=3&bdt=1698&idt=3&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1d50d67b1c2a0c7a-22d438ca29e30005%3AT%3D1690823439%3ART%3D1690823439%3AS%3DALNI_MaDJbualFQCt2O0Mx4YjSKDf92Xpw&gpic=UID%3D00000d34b4b593f5%3AT%3D1690823439%3ART%3D1690823439%3AS%3DALNI_Mb03PC-y9t69B01HCvfyuxM8sBKXw&prev_fmts=0x0&nras=2&correlator=8570523530761&frm=20&pv=1&ga_vid=815090737.1690823439&ga_sid=1690823439&ga_hid=1719278672&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=220&ady=4429&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076088%2C31076483%2C44788442%2C44796632%2C44798156&oid=2&pvsid=1029501597027859&tmod=47417270&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=6dl1E7Xtvk&p=https%3A//oatuu.org&dtd=9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 31 Jul 2023 17:10:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 7347 70 B
265 B 105ms
32ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESECJWkIBvJspLKFit8GYNWc4&google_cver=1&google_push=AaAOQGHV-Rk79MuhA8spKlo2KhI_FzoNbwC_tDc8hOcSo20xHYS-0QDmKqxrHvr_Dneoa7q-RPmBtaakQIat1Hj-hbC4puq_xhhu5SQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3634999250096065&output=html&h=600&adk=2072332743&adf=4062780367&pi=t.aa~a.3186878767~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1690823440&rafmt=1&to=qs&pwprc=7917813666&format=300x600&url=https%3A%2F%2Foatuu.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690823440342&bpp=1&bdt=1761&idt=1&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1d50d67b1c2a0c7a-22d438ca29e30005%3AT%3D1690823439%3ART%3D1690823439%3AS%3DALNI_MaDJbualFQCt2O0Mx4YjSKDf92Xpw&gpic=UID%3D00000d34b4b593f5%3AT%3D1690823439%3ART%3D1690823439%3AS%3DALNI_Mb03PC-y9t69B01HCvfyuxM8sBKXw&prev_fmts=0x0%2C800x280%2C300x600&nras=4&correlator=8570523530761&frm=20&pv=1&ga_vid=815090737.1690823439&ga_sid=1690823439&ga_hid=1719278672&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=2417&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076088%2C31076483%2C44788442%2C44796632%2C44798156&oid=2&pvsid=1029501597027859&tmod=47417270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=QQ74Fvac0e&p=https%3A//oatuu.org&dtd=22
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 31 Jul 2023 17:10:41 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 7347 0
173 B 94ms
24ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESECP6Qybg6cgTn7_haKR0ArA&google_cver=1&google_push=AaAOQGHICZMGDhFRk03WmuAROkQry4YkiH9wMAbseBGvuFYpTWJlvERf377cOlv0bhCLt4MW4vSYDd71MeWelmZIzAK6UhPeKcFURHQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3634999250096065&output=html&h=600&adk=2072332743&adf=4062780367&pi=t.aa~a.3186878767~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1690823440&rafmt=1&to=qs&pwprc=7917813666&format=300x600&url=https%3A%2F%2Foatuu.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690823440342&bpp=1&bdt=1761&idt=1&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1d50d67b1c2a0c7a-22d438ca29e30005%3AT%3D1690823439%3ART%3D1690823439%3AS%3DALNI_MaDJbualFQCt2O0Mx4YjSKDf92Xpw&gpic=UID%3D00000d34b4b593f5%3AT%3D1690823439%3ART%3D1690823439%3AS%3DALNI_Mb03PC-y9t69B01HCvfyuxM8sBKXw&prev_fmts=0x0%2C800x280%2C300x600&nras=4&correlator=8570523530761&frm=20&pv=1&ga_vid=815090737.1690823439&ga_sid=1690823439&ga_hid=1719278672&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=2417&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076088%2C31076483%2C44788442%2C44796632%2C44798156&oid=2&pvsid=1029501597027859&tmod=47417270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=QQ74Fvac0e&p=https%3A//oatuu.org&dtd=22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 17:10:41 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7347
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEHS3HhFn2o3KLzwcSxs2sB0&google_cver=1&google_push=AaAOQGF1kCLqzLfJqi0Cf6hfuOzJ9GWnTrJ4krOyOKtBVxAH2vCDqBB-Etv06fZrLIHlQgZV3X2mgaI7-mGHYG...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI2MjAzMTM4MjQyODcxMTA1Mw%3D%3D&google_push=AaAOQGF1kCLqzLfJqi0Cf6hfuOzJ9GWnTrJ4krOyOKtBVxAH2vCDqBB-Etv06fZrLIHlQgZV3X2mgaI7-mGHYGq-dd...

170 B
188 B

62ms
55ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI2MjAzMTM4MjQyODcxMTA1Mw%3D%3D&google_push=AaAOQGF1kCLqzLfJqi0Cf6hfuOzJ9GWnTrJ4krOyOKtBVxAH2vCDqBB-Etv06fZrLIHlQgZV3X2mgaI7-mGHYGq-ddqunIj1TX3_Zbc

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3634999250096065&output=html&h=600&adk=2072332743&adf=4062780367&pi=t.aa~a.3186878767~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1690823440&rafmt=1&to=qs&pwprc=7917813666&format=300x600&url=https%3A%2F%2Foatuu.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690823440342&bpp=1&bdt=1761&idt=1&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1d50d67b1c2a0c7a-22d438ca29e30005%3AT%3D1690823439%3ART%3D1690823439%3AS%3DALNI_MaDJbualFQCt2O0Mx4YjSKDf92Xpw&gpic=UID%3D00000d34b4b593f5%3AT%3D1690823439%3ART%3D1690823439%3AS%3DALNI_Mb03PC-y9t69B01HCvfyuxM8sBKXw&prev_fmts=0x0%2C800x280%2C300x600&nras=4&correlator=8570523530761&frm=20&pv=1&ga_vid=815090737.1690823439&ga_sid=1690823439&ga_hid=1719278672&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=2417&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076088%2C31076483%2C44788442%2C44796632%2C44798156&oid=2&pvsid=1029501597027859&tmod=47417270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=QQ74Fvac0e&p=https%3A//oatuu.org&dtd=22

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jul 2023 17:10:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI2MjAzMTM4MjQyODcxMTA1Mw%3D%3D&google_push=AaAOQGF1kCLqzLfJqi0Cf6hfuOzJ9GWnTrJ4krOyOKtBVxAH2vCDqBB-Etv06fZrLIHlQgZV3X2mgaI7-mGHYGq-ddqunIj1TX3_Zbc
Date: Mon, 31 Jul 2023 17:10:41 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 sync
x.bidswitch.net/ Frame 7347 43 B
145 B 15ms
8ms Image
image/gif 18.185.50.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESECiKcfTQgCMZpeeEq2ugAN8&google_cver=1&google_push=AaAOQGHwemE5JDVJB4SW1R0JKYwJGBZ2gpuZADF1fVyrsSb2WV5PCXYGvM4hCnNzw362LmMIjxq34JebqPqoazwhIR0gBULrmsH8vvE
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3634999250096065&output=html&h=600&adk=2072332743&adf=4062780367&pi=t.aa~a.3186878767~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1690823440&rafmt=1&to=qs&pwprc=7917813666&format=300x600&url=https%3A%2F%2Foatuu.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690823440342&bpp=1&bdt=1761&idt=1&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1d50d67b1c2a0c7a-22d438ca29e30005%3AT%3D1690823439%3ART%3D1690823439%3AS%3DALNI_MaDJbualFQCt2O0Mx4YjSKDf92Xpw&gpic=UID%3D00000d34b4b593f5%3AT%3D1690823439%3ART%3D1690823439%3AS%3DALNI_Mb03PC-y9t69B01HCvfyuxM8sBKXw&prev_fmts=0x0%2C800x280%2C300x600&nras=4&correlator=8570523530761&frm=20&pv=1&ga_vid=815090737.1690823439&ga_sid=1690823439&ga_hid=1719278672&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=2417&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076088%2C31076483%2C44788442%2C44796632%2C44798156&oid=2&pvsid=1029501597027859&tmod=47417270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=QQ74Fvac0e&p=https%3A//oatuu.org&dtd=22
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.50.28 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-50-28.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 17:10:41 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7347
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFVPp6J3jVGG79J1cHAZjYo&google_cver=1&google_push=AaAOQGFj8i3XOrJSY09GxsWLqfTdUfVaoCPqWWf7AlZDSVuMf15hhZDyqDfToQhBKWBZ19oNEYpOLLum-ugpzHneMFbzrQ-...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGFj8i3XOrJSY09GxsWLqfTdUfVaoCPqWWf7AlZDSVuMf15hhZDyqDfToQhBKWBZ19oNEYpOLLum-ugpzHneMFbzrQ-FT9uyIow&google_hm=eS16bWIxQmdaRTJwR2N...

170 B
188 B

59ms
57ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGFj8i3XOrJSY09GxsWLqfTdUfVaoCPqWWf7AlZDSVuMf15hhZDyqDfToQhBKWBZ19oNEYpOLLum-ugpzHneMFbzrQ-FT9uyIow&google_hm=eS16bWIxQmdaRTJwR2NFNXR2UFpKak84dlZTUXk0d05IMH5B

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3634999250096065&output=html&h=600&adk=2072332743&adf=4062780367&pi=t.aa~a.3186878767~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1690823440&rafmt=1&to=qs&pwprc=7917813666&format=300x600&url=https%3A%2F%2Foatuu.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690823440342&bpp=1&bdt=1761&idt=1&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1d50d67b1c2a0c7a-22d438ca29e30005%3AT%3D1690823439%3ART%3D1690823439%3AS%3DALNI_MaDJbualFQCt2O0Mx4YjSKDf92Xpw&gpic=UID%3D00000d34b4b593f5%3AT%3D1690823439%3ART%3D1690823439%3AS%3DALNI_Mb03PC-y9t69B01HCvfyuxM8sBKXw&prev_fmts=0x0%2C800x280%2C300x600&nras=4&correlator=8570523530761&frm=20&pv=1&ga_vid=815090737.1690823439&ga_sid=1690823439&ga_hid=1719278672&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=2417&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076088%2C31076483%2C44788442%2C44796632%2C44798156&oid=2&pvsid=1029501597027859&tmod=47417270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=QQ74Fvac0e&p=https%3A//oatuu.org&dtd=22

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jul 2023 17:10:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 31 Jul 2023 17:10:41 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AaAOQGFj8i3XOrJSY09GxsWLqfTdUfVaoCPqWWf7AlZDSVuMf15hhZDyqDfToQhBKWBZ19oNEYpOLLum-ugpzHneMFbzrQ-FT9uyIow&google_hm=eS16bWIxQmdaRTJwR2NFNXR2UFpKak84dlZTUXk0d05IMH5B
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 7347 43 B
362 B 25ms
19ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAaAOQGGJB6Nc0SVhBApsraxirIlUq7fCxZbzKceYAwkRvudKzMpeg2W3oUhlIx8iQfmfG8UPIjwJGSVooHKxUuV785vCVl3dsljJby0&google_gid=CAESEA7uuMygIlpYP89Pljk_4wA&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3634999250096065&output=html&h=600&adk=2072332743&adf=4062780367&pi=t.aa~a.3186878767~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1690823440&rafmt=1&to=qs&pwprc=7917813666&format=300x600&url=https%3A%2F%2Foatuu.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690823440342&bpp=1&bdt=1761&idt=1&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1d50d67b1c2a0c7a-22d438ca29e30005%3AT%3D1690823439%3ART%3D1690823439%3AS%3DALNI_MaDJbualFQCt2O0Mx4YjSKDf92Xpw&gpic=UID%3D00000d34b4b593f5%3AT%3D1690823439%3ART%3D1690823439%3AS%3DALNI_Mb03PC-y9t69B01HCvfyuxM8sBKXw&prev_fmts=0x0%2C800x280%2C300x600&nras=4&correlator=8570523530761&frm=20&pv=1&ga_vid=815090737.1690823439&ga_sid=1690823439&ga_hid=1719278672&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=2417&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076088%2C31076483%2C44788442%2C44796632%2C44798156&oid=2&pvsid=1029501597027859&tmod=47417270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=QQ74Fvac0e&p=https%3A//oatuu.org&dtd=22

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jul 2023 17:10:41 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 167675
expires: Mon, 31 Jul 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7347
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEMGLPbIb84Hq_JZWo39XckY&google_cver=1&google_push=AaAOQGGNdZzkkwHoJE4hwMGExJMXMnyeCZCIoct6ZmD93x22wptGN43CYt3QFABEQHgdDKD0cdoL8rt91WbF...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGGNdZzkkwHoJE4hwMGExJMXMnyeCZCIoct6ZmD93x22wptGN43CYt3QFABEQHgdDKD0cdoL8rt91WbFLMUpKwp85yLlBmsJhw

170 B
188 B

52ms
50ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGGNdZzkkwHoJE4hwMGExJMXMnyeCZCIoct6ZmD93x22wptGN43CYt3QFABEQHgdDKD0cdoL8rt91WbFLMUpKwp85yLlBmsJhw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3634999250096065&output=html&h=600&adk=2072332743&adf=4062780367&pi=t.aa~a.3186878767~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1690823440&rafmt=1&to=qs&pwprc=7917813666&format=300x600&url=https%3A%2F%2Foatuu.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690823440342&bpp=1&bdt=1761&idt=1&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1d50d67b1c2a0c7a-22d438ca29e30005%3AT%3D1690823439%3ART%3D1690823439%3AS%3DALNI_MaDJbualFQCt2O0Mx4YjSKDf92Xpw&gpic=UID%3D00000d34b4b593f5%3AT%3D1690823439%3ART%3D1690823439%3AS%3DALNI_Mb03PC-y9t69B01HCvfyuxM8sBKXw&prev_fmts=0x0%2C800x280%2C300x600&nras=4&correlator=8570523530761&frm=20&pv=1&ga_vid=815090737.1690823439&ga_sid=1690823439&ga_hid=1719278672&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=2417&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076088%2C31076483%2C44788442%2C44796632%2C44798156&oid=2&pvsid=1029501597027859&tmod=47417270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=QQ74Fvac0e&p=https%3A//oatuu.org&dtd=22

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jul 2023 17:10:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGGNdZzkkwHoJE4hwMGExJMXMnyeCZCIoct6ZmD93x22wptGN43CYt3QFABEQHgdDKD0cdoL8rt91WbFLMUpKwp85yLlBmsJhw
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 7347 0
12 B 53ms
50ms Image
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kmmdmk81mYWnFJRSPzMPKLubi2WVNpTfvMeYx8_KflzdTF3w5yImkbH2OTLUzF2iYP0QlP

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3634999250096065&output=html&h=600&adk=2072332743&adf=4062780367&pi=t.aa~a.3186878767~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1690823440&rafmt=1&to=qs&pwprc=7917813666&format=300x600&url=https%3A%2F%2Foatuu.org%2F&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690823440342&bpp=1&bdt=1761&idt=1&shv=r20230726&mjsv=m202307200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1d50d67b1c2a0c7a-22d438ca29e30005%3AT%3D1690823439%3ART%3D1690823439%3AS%3DALNI_MaDJbualFQCt2O0Mx4YjSKDf92Xpw&gpic=UID%3D00000d34b4b593f5%3AT%3D1690823439%3ART%3D1690823439%3AS%3DALNI_Mb03PC-y9t69B01HCvfyuxM8sBKXw&prev_fmts=0x0%2C800x280%2C300x600&nras=4&correlator=8570523530761&frm=20&pv=1&ga_vid=815090737.1690823439&ga_sid=1690823439&ga_hid=1719278672&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=2417&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759837%2C44759876%2C31076088%2C31076483%2C44788442%2C44796632%2C44798156&oid=2&pvsid=1029501597027859&tmod=47417270&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=QQ74Fvac0e&p=https%3A//oatuu.org&dtd=22

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 17:10:41 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 358ms
40ms Preflight
text/plain 2606:4700:20::681a:bd1

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7ef774d13bb818c9-FRA
content-length: 24
content-type: text/plain
date: Mon, 31 Jul 2023 17:10:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WBYLcp1BNxfLjUgpTh847oN4boYnTWDHnMDrjFbYaJNs8L1daQ36s%2FOFb5r1WMBjezNWjpiNiexpsko6zjWUzYnt4z%2Bj0LB4JWsNxCtAHhrmZF%2BN1FBBOL2Jb51Fvxrn7bHqX70%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-x91n

POST
H3 200 rs Show response
ad4m.at/ Frame 849D 1 KB
2 KB 38ms
37ms XHR
text/plain 2606:4700:20::681a:bd1

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: eb5b3eefb25a6b43dfbb04cd14a33a9a17e0ae37ad53073385ddc3fb0d864d31

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 31 Jul 2023 17:10:42 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tPlHmFF6yA%2FNTpkeixVKKWE78ng5aRbj1TEeAWPPCJ4c0u3YNU3gPTLcvAzDidI%2Brl3ctsGK1a9bjH0pwVtncDePQBtuh%2BxMCoZdaZoRocX%2FyJGtdOwszpQDNrg0KOeEw%2Fyz6XA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 7ef774d17c4f18c9-FRA
x-backend-server: aa-reachservice-group-europe-west1-x91n
alt-svc: h3=":443"; ma=86400

GET
H3 200 XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js Show response
pagead2.googlesyndication.com/bg/ Frame 1918 37 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/XE-eSxg4gZ8v28buoH5xKIZwH3Gkn_IqRFqb49XH2AY.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4f9e4b1838819f2fdbc6eea07e712886701f71a49ff22a445a9be3d5c7d806

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sun, 30 Jul 2023 17:14:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86180
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14628
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 29 Jul 2024 17:14:21 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C31A 0
12 B 40ms
38ms Image
text/plain 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?1QAOvA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 17:10:41 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EBAF 42 B
64 B 146ms
146ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuZpi8Rhm9HBipSNbz3eHomuWzoYc6oRlhIABr18dujlhdRXkHEk749HtVRM_cU4WyqfNaoMt8uMF1VIAVWWv0sPUQSeEzD6x61KsNwCgaw_1CJUw8dxp53tMoRvR3dZWpCvItk-cMCxdo2&sai=AMfl-YToJih4moWAPwTv1zuKeGkzV9SI4Z9VQ5s1rBaZMtLVmdsCtrixYPZYRyz0SZ7XvhMT7FSU0Jp-OqK8&sig=Cg0ArKJSzPV84RB9aW1HEAE&cid=CAQSGwBpAlJWtfRY-Lhl6wG-B23quX5VonUQqYQRJRgB&id=lidar2&mcvt=1002&p=0,0,124,1005&mtos=331,965,1002,1002,1002&tos=331,634,37,0,0&v=20230726&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1690823440421&rpt=685&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jul 2023 17:10:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rar Show response
as.ad4m.at/ad/ Frame B71A 10 KB
4 KB 38ms
38ms Document
text/html 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=197862%2C14019%2C19769&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ%2C8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5%2CZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=160&d=600&e=&g=293cd94b600d34d2205de1c34cd031c7%2F13338568988728896521&i=71725%2C21596%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1690823442138&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g1kgac58shx4767wx680dbc68ke69yawdc34qfhg8stqtk2adj2bqzwcnrv7m6wgp07yn21xp1wxqcbs8fe1jf5hdqw83ph2k5y2j6ct6zd6wqz87ymtsqjg539cpvn8j813tvwx8hp5h1e20qmne6yr6wzhy3tgkbkr1et9dnsha21c73jwmz1jmf95n6v5edp1g9ymv730hzy8g0heqr80htg2xcn8jqktcvhe9dgax17kmzbqqg04ycdy3e1qamv0t7fabepch49483r5fyd%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCImntEOvHZPeqGoibygX-obrIB5DhgYRctqjCivACwI23ARABIABgoQKCARdjYS1wdWItMzYzNDk5OTI1MDA5NjA2NcgBCakC-EeJzJ1_sj6oAwHIAwKqBLwBT9AdcnMcCfsES1GODxto3FuqYfCdSwLJEm4woOndg86GSi7eZ71PN-9USsUWyqpXgcibL9kw_G67KpEncrYkJ36rUAnf5xQxchy0VXDv2_e9dcUkLjqOkBrjJZ2_8ua2Hq4mCpTLCSlcJ6sPDdwBSBJVQK-KuD2kKWUQ4Jw7T_9U1fqsOOUr3uoMU5TLPzRuQO-87E6yfGoPMmRDYJNcwhiPnz9coHR7IPeDZfgnBSMYBtMmgjJUR4D-xVWABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3HWP8rXTGZ7HPfkcIClpkYKBPV6Q%2526client%253Dca-pub-3634999250096065%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c05f45ecf9a93baaf96e3f3cddf2b8637c572ed4a08daf089b832199fe41104

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-src ;img-src data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1h7ge563djadg64gx04p8s0hnmvdnwwyn96eahdqk2s7ef2gn9fm77bczvrtvqwjvm2daezj40ayzbqxxa33jyjasrrpjz0xzzntx7jr652m038sejkc9tzf55hv8gcabc90yng3vb7rszfaw3jcby0fermbr8jqvp12ckp6sm5xd76cq10z7ce798zvyawvqw9ej57f9j2z5w1sw0f21h7vtwc4jrjjffxshhz21spv2jvarf054m5q2svgp5qdqb30vv19b5b2x6n4pna73w2d97vq8rzrttrhqqjkjxpsd48zvg811ytdxqp14n9fkpg13tn69bjyde4y1p8tq4xr8w1pbyfmwd77c9mvh0gxppj887vs6bvpcaqefn7ra0f84cmfs9gp3kvdbfrm40jmytqwn6xwzk1kdb92ahr5spee6s3k7zbt38stn24g744mzgfs1w&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCImntEOvHZPeqGoibygX-obrIB5DhgYRctqjCivACwI23ARABIABgoQKCARdjYS1wdWItMzYzNDk5OTI1MDA5NjA2NcgBCakC-EeJzJ1_sj6oAwHIAwKqBLwBT9AdcnMcCfsES1GODxto3FuqYfCdSwLJEm4woOndg86GSi7eZ71PN-9USsUWyqpXgcibL9kw_G67KpEncrYkJ36rUAnf5xQxchy0VXDv2_e9dcUkLjqOkBrjJZ2_8ua2Hq4mCpTLCSlcJ6sPDdwBSBJVQK-KuD2kKWUQ4Jw7T_9U1fqsOOUr3uoMU5TLPzRuQO-87E6yfGoPMmRDYJNcwhiPnz9coHR7IPeDZfgnBSMYBtMmgjJUR4D-xVWABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3HWP8rXTGZ7HPfkcIClpkYKBPV6Q%26client%3Dca-pub-3634999250096065%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7ef774d1be1d377b-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 31 Jul 2023 17:10:42 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9377 42 B
64 B 147ms
145ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssbJ62-b6oHjEHI2WJIM2D20hUtj01jK1NwSsDtTqjaD87u6DfS7kV2RAKpHOEXnyMbcV3DocPnRMyT4lFB2uVJjoGaoSLzeb9KCaVEIP39Tlvw4zKMY1Q6aOiklfFzczI1w6bN4INBPueo&sai=AMfl-YSWFn_TYe5K0-GvPdgv3JJEQN__dJiKSX2Bo5T8iO1MI0qnNryJPSKv8rXsyl96ZXcEClIqVJ3TpTI0&sig=Cg0ArKJSzPJDzaQMrqroEAE&cid=CAQSGwBpAlJWtfRY-Lhl6wG-B23quX5VonUQqYQRJRgB&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230726&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1690823440555&rpt=369&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jul 2023 17:10:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 144ms
144ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230726&jk=1029501597027859&bg=!sLOls-fNAAZGOVy5Zjk7ADkAdvg8WqD06NN096kz0kfX8hOiz0_ZhetjQZWtf0lbteydsZfivwk7BkfCVraH3rIjc0Xw1dJ-Ca0CAAACZVIAAAAUaAEHCgAeqF_x3w3kFLEJlC4R4Of2-oXQzp8nAcUsk0xQDwPXmQKmI3-Igmq6iUPxJqY3mZgyo0d-bqQYn8Hf2n1Uw1lQx7-CCt58q5O-zo4H7G3ZdcIEZmP9D79Uqk-UDAOQ8SBNwuBaTAQQMfsjT-ciEhK6ep6oEsc0wYW6RE0I21qll934H6PdO47wlZmUxui8DI1ijWSePlu5tinms8uFZCY3Vbadvni2_VuQHY4g2l68yvFqC5gL3X_Hc7SBky9_kpcfsLiBgw5i_KaIwF08we53hIlOjXQYdYcYWqga7ylIimiTjmHtQu9FkKBNSIl7X4xqvhLHUvpGKMRuJIQiMB4HQat8DRyzMnPcfU_S4BTlgzry5KlfPZraQUmvW5dQrI07Xzwt7wgf7_kCV1UvORGaMevvZoQeCG5emKIG4ql9_zdlzSdOMf6ae1lksWyiPkApfCuALMF93omjTpGl7kFLWZZHm9h5__YD3M5YjnmxwT3v22Rb7fD_tLLRe9yNGNjK559EZ058z5OSqsfE6mDObN7-A1uth69DmMflRUv8wvZpekxgjfMX9wPPstfAJrNZLX_JK_higYcvrtIadS5zAAcx91R3bwXQqYtGIb43Y2xphI78ZSSNrER1bd_LO52yJyW9UPS64DJzM3iSW7bjakQIEMSGfkAYNVJ3oejAAaQ51MmUwf5ahYjjXDzgvgMHpAwfapM3BwZlRv8WAd_Hr2iMoVYhzlE8tgvEp1sNpAMmEvoRjIeur6qS1_STzN-21JS2tqs3NdrnIRAXGstinFJ-bG59XKsqNjMP5o3UV7NwERd1HVO0SmN_vyYWwD6oGT6ZvIEquqkOZTh7Wa37qyg9725gfWqxPevZVTRhmoHtje_Z17PdEMDdugEQKuRtGpyvuacKNTO11KrjLz91WPgd-sB-xJFepe5xkINDrOAF1tMkhWam
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://oatuu.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame B71A 114 KB
14 KB 22ms
22ms Stylesheet
text/css 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C14019%2C19769&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ%2C8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5%2CZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=160&d=600&e=&g=293cd94b600d34d2205de1c34cd031c7%2F13338568988728896521&i=71725%2C21596%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1690823442138&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g1kgac58shx4767wx680dbc68ke69yawdc34qfhg8stqtk2adj2bqzwcnrv7m6wgp07yn21xp1wxqcbs8fe1jf5hdqw83ph2k5y2j6ct6zd6wqz87ymtsqjg539cpvn8j813tvwx8hp5h1e20qmne6yr6wzhy3tgkbkr1et9dnsha21c73jwmz1jmf95n6v5edp1g9ymv730hzy8g0heqr80htg2xcn8jqktcvhe9dgax17kmzbqqg04ycdy3e1qamv0t7fabepch49483r5fyd%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCImntEOvHZPeqGoibygX-obrIB5DhgYRctqjCivACwI23ARABIABgoQKCARdjYS1wdWItMzYzNDk5OTI1MDA5NjA2NcgBCakC-EeJzJ1_sj6oAwHIAwKqBLwBT9AdcnMcCfsES1GODxto3FuqYfCdSwLJEm4woOndg86GSi7eZ71PN-9USsUWyqpXgcibL9kw_G67KpEncrYkJ36rUAnf5xQxchy0VXDv2_e9dcUkLjqOkBrjJZ2_8ua2Hq4mCpTLCSlcJ6sPDdwBSBJVQK-KuD2kKWUQ4Jw7T_9U1fqsOOUr3uoMU5TLPzRuQO-87E6yfGoPMmRDYJNcwhiPnz9coHR7IPeDZfgnBSMYBtMmgjJUR4D-xVWABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3HWP8rXTGZ7HPfkcIClpkYKBPV6Q%2526client%253Dca-pub-3634999250096065%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=197862%2C14019%2C19769&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ%2C8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5%2CZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=160&d=600&e=&g=293cd94b600d34d2205de1c34cd031c7%2F13338568988728896521&i=71725%2C21596%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1690823442138&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g1kgac58shx4767wx680dbc68ke69yawdc34qfhg8stqtk2adj2bqzwcnrv7m6wgp07yn21xp1wxqcbs8fe1jf5hdqw83ph2k5y2j6ct6zd6wqz87ymtsqjg539cpvn8j813tvwx8hp5h1e20qmne6yr6wzhy3tgkbkr1et9dnsha21c73jwmz1jmf95n6v5edp1g9ymv730hzy8g0heqr80htg2xcn8jqktcvhe9dgax17kmzbqqg04ycdy3e1qamv0t7fabepch49483r5fyd%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCImntEOvHZPeqGoibygX-obrIB5DhgYRctqjCivACwI23ARABIABgoQKCARdjYS1wdWItMzYzNDk5OTI1MDA5NjA2NcgBCakC-EeJzJ1_sj6oAwHIAwKqBLwBT9AdcnMcCfsES1GODxto3FuqYfCdSwLJEm4woOndg86GSi7eZ71PN-9USsUWyqpXgcibL9kw_G67KpEncrYkJ36rUAnf5xQxchy0VXDv2_e9dcUkLjqOkBrjJZ2_8ua2Hq4mCpTLCSlcJ6sPDdwBSBJVQK-KuD2kKWUQ4Jw7T_9U1fqsOOUr3uoMU5TLPzRuQO-87E6yfGoPMmRDYJNcwhiPnz9coHR7IPeDZfgnBSMYBtMmgjJUR4D-xVWABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3HWP8rXTGZ7HPfkcIClpkYKBPV6Q%2526client%253Dca-pub-3634999250096065%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 17:10:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1687950287
age: 453454
cf-polished: origSize=117335
x-guploader-uploadid: ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Jun 2023 11:05:15 GMT
server: cloudflare
etag: W/"5d49535c2a84a9762127b3d9e77d7e02"
vary: Accept-Encoding
x-goog-generation: 1687950315098833
content-type: text/css
x-goog-hash: crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tUxw6fvI0%2B8Qp2wxgXVBNDLSJUBYg2hjUHpYPH0BZMPRKsMJr7%2Bjhs1fM%2ByaDku7evLJ%2BiBM1ZJ1jveVpDA0e7reqSOlT7Ms%2FHzMpyBiE8wyFBP%2FysAMLJREXgPv3BRVEz%2Bc5ZfN7sI%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 117335
cf-ray: 7ef774d62efe377b-FRA
expires: Mon, 31 Jul 2023 18:10:42 GMT

GET
H2 200 AC50ED06D6B01579BBF8202CAC1E2BC99A8C4EFC03AE0DB29DFC1BDB2F82E09188D30122E09EB7D91DC8B3182DA9DB4A5BED06E4BC2B9D6F0CA2AC61EC267111
assets.ad4m.at/logo/ Frame B71A 32 KB
33 KB 50ms
26ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/AC50ED06D6B01579BBF8202CAC1E2BC99A8C4EFC03AE0DB29DFC1BDB2F82E09188D30122E09EB7D91DC8B3182DA9DB4A5BED06E4BC2B9D6F0CA2AC61EC267111
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C14019%2C19769&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ%2C8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5%2CZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=160&d=600&e=&g=293cd94b600d34d2205de1c34cd031c7%2F13338568988728896521&i=71725%2C21596%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1690823442138&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g1kgac58shx4767wx680dbc68ke69yawdc34qfhg8stqtk2adj2bqzwcnrv7m6wgp07yn21xp1wxqcbs8fe1jf5hdqw83ph2k5y2j6ct6zd6wqz87ymtsqjg539cpvn8j813tvwx8hp5h1e20qmne6yr6wzhy3tgkbkr1et9dnsha21c73jwmz1jmf95n6v5edp1g9ymv730hzy8g0heqr80htg2xcn8jqktcvhe9dgax17kmzbqqg04ycdy3e1qamv0t7fabepch49483r5fyd%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCImntEOvHZPeqGoibygX-obrIB5DhgYRctqjCivACwI23ARABIABgoQKCARdjYS1wdWItMzYzNDk5OTI1MDA5NjA2NcgBCakC-EeJzJ1_sj6oAwHIAwKqBLwBT9AdcnMcCfsES1GODxto3FuqYfCdSwLJEm4woOndg86GSi7eZ71PN-9USsUWyqpXgcibL9kw_G67KpEncrYkJ36rUAnf5xQxchy0VXDv2_e9dcUkLjqOkBrjJZ2_8ua2Hq4mCpTLCSlcJ6sPDdwBSBJVQK-KuD2kKWUQ4Jw7T_9U1fqsOOUr3uoMU5TLPzRuQO-87E6yfGoPMmRDYJNcwhiPnz9coHR7IPeDZfgnBSMYBtMmgjJUR4D-xVWABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3HWP8rXTGZ7HPfkcIClpkYKBPV6Q%2526client%253Dca-pub-3634999250096065%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ac477d8785a4c9ef373969dd3f047e310bfb60d77bc518593795177bd131227

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 17:10:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 137953
cf-polished: origFmt=png, origSize=60352
alt-svc: h3=":443"; ma=86400
content-length: 32982
cf-bgj: imgq:85,h2pri
last-modified: Fri, 28 Jul 2023 11:40:29 GMT
server: cloudflare
etag: "0c5d451d92738dcd96474c734dc5b7c8"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GOCYvevNzAV8hjBC4Zw6uLTA2lB4yz3EAVXjIpN5QAbKTYUrDGI6fSdimdi%2Bokol8FyGvbwjzCsaK3wvwIycPGxZIsnFWCkJzE1iLInfSJhfeAgHROQ9Jv9aGTMEPqymgT3vELkWQ5HETuG6"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7ef774d65f3f377b-FRA
expires: Tue, 01 Aug 2023 17:10:42 GMT

GET
H2 200 A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
assets.ad4m.at/product_image/ Frame B71A 54 KB
55 KB 30ms
17ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A36DAD0D440985CF6ABFA23492945CE5BC6D94350A66B19418CB771AFE823AD9B48ADE8E2F007546F0A50A710172EEFC2CAC1468E38852CE2028C22592AAFB75
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C14019%2C19769&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ%2C8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5%2CZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=160&d=600&e=&g=293cd94b600d34d2205de1c34cd031c7%2F13338568988728896521&i=71725%2C21596%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1690823442138&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g1kgac58shx4767wx680dbc68ke69yawdc34qfhg8stqtk2adj2bqzwcnrv7m6wgp07yn21xp1wxqcbs8fe1jf5hdqw83ph2k5y2j6ct6zd6wqz87ymtsqjg539cpvn8j813tvwx8hp5h1e20qmne6yr6wzhy3tgkbkr1et9dnsha21c73jwmz1jmf95n6v5edp1g9ymv730hzy8g0heqr80htg2xcn8jqktcvhe9dgax17kmzbqqg04ycdy3e1qamv0t7fabepch49483r5fyd%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCImntEOvHZPeqGoibygX-obrIB5DhgYRctqjCivACwI23ARABIABgoQKCARdjYS1wdWItMzYzNDk5OTI1MDA5NjA2NcgBCakC-EeJzJ1_sj6oAwHIAwKqBLwBT9AdcnMcCfsES1GODxto3FuqYfCdSwLJEm4woOndg86GSi7eZ71PN-9USsUWyqpXgcibL9kw_G67KpEncrYkJ36rUAnf5xQxchy0VXDv2_e9dcUkLjqOkBrjJZ2_8ua2Hq4mCpTLCSlcJ6sPDdwBSBJVQK-KuD2kKWUQ4Jw7T_9U1fqsOOUr3uoMU5TLPzRuQO-87E6yfGoPMmRDYJNcwhiPnz9coHR7IPeDZfgnBSMYBtMmgjJUR4D-xVWABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3HWP8rXTGZ7HPfkcIClpkYKBPV6Q%2526client%253Dca-pub-3634999250096065%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 861e4cd27539274eedfdd65212a140a4c7ccea88e004d23f5234e4db48bc73ae

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 17:10:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2209453
cf-polished: origFmt=png, origSize=105738
alt-svc: h3=":443"; ma=86400
content-length: 55786
cf-bgj: imgq:85,h2pri
last-modified: Mon, 04 Jul 2022 08:55:40 GMT
server: cloudflare
etag: "147be38db57f89c69c9e65b05983ff0e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mRDALt3Zlkpy%2BQCTBi7th%2FKI6m2l1dpi7RcFPJw1qJ7pdIcyEtFT%2BJwavnz9nZ1YAEG%2BUv2X1jOILuca3Dv7uANXf3z0I0TLsSYpVcSFzy7eGRy00r17ORbaddta5n3Nk46OyPIEWP1iJS1i"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7ef774d64f39377b-FRA
expires: Tue, 01 Aug 2023 17:10:42 GMT

GET
H2 200 762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame B71A 44 KB
44 KB 38ms
26ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C14019%2C19769&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ%2C8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5%2CZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=160&d=600&e=&g=293cd94b600d34d2205de1c34cd031c7%2F13338568988728896521&i=71725%2C21596%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1690823442138&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g1kgac58shx4767wx680dbc68ke69yawdc34qfhg8stqtk2adj2bqzwcnrv7m6wgp07yn21xp1wxqcbs8fe1jf5hdqw83ph2k5y2j6ct6zd6wqz87ymtsqjg539cpvn8j813tvwx8hp5h1e20qmne6yr6wzhy3tgkbkr1et9dnsha21c73jwmz1jmf95n6v5edp1g9ymv730hzy8g0heqr80htg2xcn8jqktcvhe9dgax17kmzbqqg04ycdy3e1qamv0t7fabepch49483r5fyd%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCImntEOvHZPeqGoibygX-obrIB5DhgYRctqjCivACwI23ARABIABgoQKCARdjYS1wdWItMzYzNDk5OTI1MDA5NjA2NcgBCakC-EeJzJ1_sj6oAwHIAwKqBLwBT9AdcnMcCfsES1GODxto3FuqYfCdSwLJEm4woOndg86GSi7eZ71PN-9USsUWyqpXgcibL9kw_G67KpEncrYkJ36rUAnf5xQxchy0VXDv2_e9dcUkLjqOkBrjJZ2_8ua2Hq4mCpTLCSlcJ6sPDdwBSBJVQK-KuD2kKWUQ4Jw7T_9U1fqsOOUr3uoMU5TLPzRuQO-87E6yfGoPMmRDYJNcwhiPnz9coHR7IPeDZfgnBSMYBtMmgjJUR4D-xVWABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3HWP8rXTGZ7HPfkcIClpkYKBPV6Q%2526client%253Dca-pub-3634999250096065%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 17:10:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1195027
cf-polished: origFmt=png, origSize=65187
alt-svc: h3=":443"; ma=86400
content-length: 44710
cf-bgj: imgq:85,h2pri
last-modified: Tue, 17 Jan 2023 14:45:52 GMT
server: cloudflare
etag: "99941d3864a6d6ef01023c96e0475815"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nwIPOPxMISfWOnX3oH4KAnfrEHgk8VKeQm%2BN6aj%2BB7neHH3hsG49fuXC3E1Ui3771T3fT4ET4gSig3awndG3Ui2Yeia7dKrSqYX8DBi%2BEgjTDA9Tyk9mvxAC%2BqOBNrmaSb7HX1Zj9c%2F7K6dt"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7ef774d64f3b377b-FRA
expires: Tue, 01 Aug 2023 17:10:42 GMT

GET
H2 200 809A17869665BC2442C85C79071F874D279E10AD5A86AE0D4E9E4675B3B2990B582EB8C5DC232E59854D169A2BAE7D6FD3BFE1D9A66864681803B10449FB6A8A
assets.ad4m.at/ Frame B71A 699 KB
701 KB 33ms
21ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/809A17869665BC2442C85C79071F874D279E10AD5A86AE0D4E9E4675B3B2990B582EB8C5DC232E59854D169A2BAE7D6FD3BFE1D9A66864681803B10449FB6A8A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C14019%2C19769&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ%2C8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5%2CZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=160&d=600&e=&g=293cd94b600d34d2205de1c34cd031c7%2F13338568988728896521&i=71725%2C21596%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1690823442138&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g1kgac58shx4767wx680dbc68ke69yawdc34qfhg8stqtk2adj2bqzwcnrv7m6wgp07yn21xp1wxqcbs8fe1jf5hdqw83ph2k5y2j6ct6zd6wqz87ymtsqjg539cpvn8j813tvwx8hp5h1e20qmne6yr6wzhy3tgkbkr1et9dnsha21c73jwmz1jmf95n6v5edp1g9ymv730hzy8g0heqr80htg2xcn8jqktcvhe9dgax17kmzbqqg04ycdy3e1qamv0t7fabepch49483r5fyd%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCImntEOvHZPeqGoibygX-obrIB5DhgYRctqjCivACwI23ARABIABgoQKCARdjYS1wdWItMzYzNDk5OTI1MDA5NjA2NcgBCakC-EeJzJ1_sj6oAwHIAwKqBLwBT9AdcnMcCfsES1GODxto3FuqYfCdSwLJEm4woOndg86GSi7eZ71PN-9USsUWyqpXgcibL9kw_G67KpEncrYkJ36rUAnf5xQxchy0VXDv2_e9dcUkLjqOkBrjJZ2_8ua2Hq4mCpTLCSlcJ6sPDdwBSBJVQK-KuD2kKWUQ4Jw7T_9U1fqsOOUr3uoMU5TLPzRuQO-87E6yfGoPMmRDYJNcwhiPnz9coHR7IPeDZfgnBSMYBtMmgjJUR4D-xVWABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3HWP8rXTGZ7HPfkcIClpkYKBPV6Q%2526client%253Dca-pub-3634999250096065%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4b8cd0d6d8c57ef39e1bb5cff8557261b3b2f640656680a72e421471032d841

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 17:10:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 418554
cf-polished: origFmt=png, origSize=1123807
alt-svc: h3=":443"; ma=86400
content-length: 716228
cf-bgj: imgq:85,h2pri
last-modified: Wed, 26 Jul 2023 14:19:55 GMT
server: cloudflare
etag: "5f84457cb2289c51e589af098eed3611"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cidNyWno07mNVY8zX9vttpsyVZuQF2Ma1%2BSNbLar%2Bzn30T6icWhtKTijfDoV6ogQLmoAlZokxAkbMJFFTDs3PfI91XCRO9ugKXIXf8kAVEMSFXI2kwuGAH2FskqdTYZV4kpX7BeDsTOfuFEw"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7ef774d64f38377b-FRA
expires: Tue, 01 Aug 2023 17:10:42 GMT

GET cshow.php
www.awin1.com/ Frame B71A 0
0

GET
H2 200 90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
assets.ad4m.at/logo/ Frame B71A 36 KB
36 KB 52ms
40ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/90E11D2E4CFB32857DB7C2E1317DD53401EA4F6F6F9CD68E6E871CA9D0C876402E8B3C561F20D09E5FFCF6D6F6634B28F60F47276020F60158747BE09B58F826
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C14019%2C19769&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ%2C8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5%2CZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=160&d=600&e=&g=293cd94b600d34d2205de1c34cd031c7%2F13338568988728896521&i=71725%2C21596%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1690823442138&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g1kgac58shx4767wx680dbc68ke69yawdc34qfhg8stqtk2adj2bqzwcnrv7m6wgp07yn21xp1wxqcbs8fe1jf5hdqw83ph2k5y2j6ct6zd6wqz87ymtsqjg539cpvn8j813tvwx8hp5h1e20qmne6yr6wzhy3tgkbkr1et9dnsha21c73jwmz1jmf95n6v5edp1g9ymv730hzy8g0heqr80htg2xcn8jqktcvhe9dgax17kmzbqqg04ycdy3e1qamv0t7fabepch49483r5fyd%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCImntEOvHZPeqGoibygX-obrIB5DhgYRctqjCivACwI23ARABIABgoQKCARdjYS1wdWItMzYzNDk5OTI1MDA5NjA2NcgBCakC-EeJzJ1_sj6oAwHIAwKqBLwBT9AdcnMcCfsES1GODxto3FuqYfCdSwLJEm4woOndg86GSi7eZ71PN-9USsUWyqpXgcibL9kw_G67KpEncrYkJ36rUAnf5xQxchy0VXDv2_e9dcUkLjqOkBrjJZ2_8ua2Hq4mCpTLCSlcJ6sPDdwBSBJVQK-KuD2kKWUQ4Jw7T_9U1fqsOOUr3uoMU5TLPzRuQO-87E6yfGoPMmRDYJNcwhiPnz9coHR7IPeDZfgnBSMYBtMmgjJUR4D-xVWABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3HWP8rXTGZ7HPfkcIClpkYKBPV6Q%2526client%253Dca-pub-3634999250096065%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2b9eefee68fa18c6be3c3bbe11d769b5affc01b84ea94c7ec68ae4ffacd858a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 17:10:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1994795
cf-polished: origFmt=png, origSize=62828
alt-svc: h3=":443"; ma=86400
content-length: 36446
cf-bgj: imgq:85,h2pri
last-modified: Tue, 18 Oct 2022 15:02:47 GMT
server: cloudflare
etag: "e12c1a9f1887c09d377658838eaaa06d"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F84jsdhpfwAl6CUqdX%2BpD%2FYXKFM9GSoDhM4agLHwQ2Tc2Lm4TPFWh438nRMryyRu2aORyIF0a4a9QjSweEav3Sqh9VuFMsBRl8YPfeASmov8lUpahKD1sfjox7BEkKlqDIONeFQVlSzswq9E"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7ef774d65f3c377b-FRA
expires: Tue, 01 Aug 2023 17:10:42 GMT

GET
H2 200 287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
assets.ad4m.at/ Frame B71A 28 KB
28 KB 32ms
20ms Image
image/webp 2606:4700:20::ac43:4a81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/287435BEDBEF5210566F91ED2E6D57494D1CBA241E887A111712FB8ADF6747B3B44CBC7EE390AD74BB6985CDD69339A9B2EDEE7334ACD70F503D0812F8C7EBF1
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C14019%2C19769&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ%2C8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5%2CZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=160&d=600&e=&g=293cd94b600d34d2205de1c34cd031c7%2F13338568988728896521&i=71725%2C21596%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1690823442138&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g1kgac58shx4767wx680dbc68ke69yawdc34qfhg8stqtk2adj2bqzwcnrv7m6wgp07yn21xp1wxqcbs8fe1jf5hdqw83ph2k5y2j6ct6zd6wqz87ymtsqjg539cpvn8j813tvwx8hp5h1e20qmne6yr6wzhy3tgkbkr1et9dnsha21c73jwmz1jmf95n6v5edp1g9ymv730hzy8g0heqr80htg2xcn8jqktcvhe9dgax17kmzbqqg04ycdy3e1qamv0t7fabepch49483r5fyd%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCImntEOvHZPeqGoibygX-obrIB5DhgYRctqjCivACwI23ARABIABgoQKCARdjYS1wdWItMzYzNDk5OTI1MDA5NjA2NcgBCakC-EeJzJ1_sj6oAwHIAwKqBLwBT9AdcnMcCfsES1GODxto3FuqYfCdSwLJEm4woOndg86GSi7eZ71PN-9USsUWyqpXgcibL9kw_G67KpEncrYkJ36rUAnf5xQxchy0VXDv2_e9dcUkLjqOkBrjJZ2_8ua2Hq4mCpTLCSlcJ6sPDdwBSBJVQK-KuD2kKWUQ4Jw7T_9U1fqsOOUr3uoMU5TLPzRuQO-87E6yfGoPMmRDYJNcwhiPnz9coHR7IPeDZfgnBSMYBtMmgjJUR4D-xVWABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3HWP8rXTGZ7HPfkcIClpkYKBPV6Q%2526client%253Dca-pub-3634999250096065%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e944aa2add7d89134400d6d51b9b0954ad0e988edd934eccff8907ab90e1c853

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 17:10:42 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 589650
cf-polished: qual=85, origFmt=jpeg, origSize=133780
alt-svc: h3=":443"; ma=86400
content-length: 28740
cf-bgj: imgq:85,h2pri
last-modified: Tue, 18 Feb 2020 10:22:01 GMT
server: cloudflare
etag: "d061ca155f758f490340e147604dc3ee"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mCe5m3zpeemTzw6mL4j17u0lbEXNbCZ4pTI8z%2FITtHfhJ%2B5aUFj91tbl82JsuLlnfKgJ1qyWUJiRgOADjmv5ZsNA0X%2FUBThHDGFkpR%2FSq8jRbdPV59ZCX3wRMCeUDL%2B78Vp6n7peJn1JRA0Y"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7ef774d65f3d377b-FRA
expires: Tue, 01 Aug 2023 17:10:42 GMT

GET cshow.php
www.awin1.com/ Frame B71A 0
0

GET
H2 429 link.html
track.webgains.com/ Frame B71A 0
0 394ms
25ms Script
text/html 18.135.127.129

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jh99at8vwkcshf3h6y1wvt4r364jc732a2eh0j9rtyr9bqfqwqzefxa4gt0rkrn3y87ygh03fdfdn70k2sd9nzv70zdv1p1ppetm45p7w1naj30a5gq4tpy17nbz1vfrk1dq3necw3r14p0rw7cpkh0j55t1h75qeqysyzserhpxgtek90wywrpdyxm4a08ee3ecatq8h6tcpgt3vn2ya02wxxbzb691w5hn956atmdsknqhcqm8taa1tbd93y58qt0r%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g1kgac58shx4767wx680dbc68ke69yawdc34qfhg8stqtk2adj2bqzwcnrv7m6wgp07yn21xp1wxqcbs8fe1jf5hdqw83ph2k5y2j6ct6zd6wqz87ymtsqjg539cpvn8j813tvwx8hp5h1e20qmne6yr6wzhy3tgkbkr1et9dnsha21c73jwmz1jmf95n6v5edp1g9ymv730hzy8g0heqr80htg2xcn8jqktcvhe9dgax17kmzbqqg04ycdy3e1qamv0t7fabepch49483r5fyd%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCImntEOvHZPeqGoibygX-obrIB5DhgYRctqjCivACwI23ARABIABgoQKCARdjYS1wdWItMzYzNDk5OTI1MDA5NjA2NcgBCakC-EeJzJ1_sj6oAwHIAwKqBLwBT9AdcnMcCfsES1GODxto3FuqYfCdSwLJEm4woOndg86GSi7eZ71PN-9USsUWyqpXgcibL9kw_G67KpEncrYkJ36rUAnf5xQxchy0VXDv2_e9dcUkLjqOkBrjJZ2_8ua2Hq4mCpTLCSlcJ6sPDdwBSBJVQK-KuD2kKWUQ4Jw7T_9U1fqsOOUr3uoMU5TLPzRuQO-87E6yfGoPMmRDYJNcwhiPnz9coHR7IPeDZfgnBSMYBtMmgjJUR4D-xVWABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3HWP8rXTGZ7HPfkcIClpkYKBPV6Q%252526client%25253Dca-pub-3634999250096065%252526adurl%25253D&clickref=oneidQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5oneid__suite_Netmix_Reach118_EXTRAPUSH&viewref=oneidRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZoneid__suite_Netmix_Reach118_EXTRAPUSH
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=197862%2C14019%2C19769&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ%2C8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5%2CZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=160&d=600&e=&g=293cd94b600d34d2205de1c34cd031c7%2F13338568988728896521&i=71725%2C21596%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1690823442138&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g1kgac58shx4767wx680dbc68ke69yawdc34qfhg8stqtk2adj2bqzwcnrv7m6wgp07yn21xp1wxqcbs8fe1jf5hdqw83ph2k5y2j6ct6zd6wqz87ymtsqjg539cpvn8j813tvwx8hp5h1e20qmne6yr6wzhy3tgkbkr1et9dnsha21c73jwmz1jmf95n6v5edp1g9ymv730hzy8g0heqr80htg2xcn8jqktcvhe9dgax17kmzbqqg04ycdy3e1qamv0t7fabepch49483r5fyd%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCImntEOvHZPeqGoibygX-obrIB5DhgYRctqjCivACwI23ARABIABgoQKCARdjYS1wdWItMzYzNDk5OTI1MDA5NjA2NcgBCakC-EeJzJ1_sj6oAwHIAwKqBLwBT9AdcnMcCfsES1GODxto3FuqYfCdSwLJEm4woOndg86GSi7eZ71PN-9USsUWyqpXgcibL9kw_G67KpEncrYkJ36rUAnf5xQxchy0VXDv2_e9dcUkLjqOkBrjJZ2_8ua2Hq4mCpTLCSlcJ6sPDdwBSBJVQK-KuD2kKWUQ4Jw7T_9U1fqsOOUr3uoMU5TLPzRuQO-87E6yfGoPMmRDYJNcwhiPnz9coHR7IPeDZfgnBSMYBtMmgjJUR4D-xVWABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3HWP8rXTGZ7HPfkcIClpkYKBPV6Q%2526client%253Dca-pub-3634999250096065%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.135.127.129 -, , ASN (),
Reverse DNS
Software: awselb/2.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 17:10:43 GMT
server: awselb/2.0
content-length: 45
content-type: text/html

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.awin1.com
URL: https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZoneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0

Domain: www.awin1.com
URL: https://www.awin1.com/cshow.php?s=2531885&v=14702&q=365825&r=412871&pv=1&pref3=oneid8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6Aoneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.oatuu.org/	1970-01-20 23:01:59	Name: __gads Value: ID=1d50d67b1c2a0c7a-22d438ca29e30005:T=1690823439:RT=1690823439:S=ALNI_MaDJbualFQCt2O0Mx4YjSKDf92Xpw
.oatuu.org/	1970-01-20 23:01:59	Name: __gpi Value: UID=00000d34b4b593f5:T=1690823439:RT=1690823439:S=ALNI_Mb03PC-y9t69B01HCvfyuxM8sBKXw
oatuu.org/	1969-12-31 23:59:59	Name: _color_system_schema Value: default
.doubleclick.net/	1970-01-20 13:40:27	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 23:01:59	Name: IDE Value: AHWqTUlRaO31ihue6XuLOtD1x64TSHmeIpCu7HAwHUMw0SIrTgIsD8Yh1J_EgIpQqq0
.hspvst.com/	1969-12-31 23:59:59	Name: VI2677 Value: %7B%22time%22%3A1690823439%2C%22utid%22%3A%2257d5f3eca0a2206c7919b586ee3fe82a%22%2C%22t%22%3A%22P%22%2C%22s%22%3A%22%22%7D
.hspvst.com/	1969-12-31 23:59:59	Name: VIP2677 Value: 1
.adsby.bidtheatre.com/	1970-01-20 13:50:28	Name: __kuid Value: 71a8fe8c-a50e-412f-889b-25f525603fe3.460037441
.rfihub.com/	1970-01-20 23:01:59	Name: rud Value: H4sIAAAAAAAA_-MSNjYwNDQ0MTUzMjcxMLIwMrAwNRbiM9Q1q8x0zax0j6wqya0CABjhAAIlAAAA
.rfihub.com/	1970-01-20 23:01:59	Name: eud Value: H4sIAAAAAAAA_-OSMXR2dA12dc8w9ws3SzRO83EN9bQ0zXEJzsosiQziNTSzNLAwMjYxMTQxMX7FiMoHAD2N2jg9AAAA
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAA_-OSMXR2dA12dc8w9ws3SzRO83EN9bQ0zXEJzsosiQQA2T5N4x4AAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjYwNDQ0MTUzMjcxMLIwMrAwNRbiM9Q1q8x0zax0j6wqya0CABjhAAIlAAAA
sync.gonet-ads.com/	1969-12-31 23:59:59	Name: chk Value: 1
.quantserve.com/	1970-01-20 15:49:59	Name: d Value: EH0BCQHMKYEA
.quantserve.com/	1970-01-20 23:10:37	Name: mc Value: 64c7eb11-70acb-b767b-3c5bc
.zemanta.com/	1970-01-20 22:25:59	Name: zuid Value: -3zjMgBaQ62tGRYFmHaG
.linkedin.com/	1970-01-20 22:25:59	Name: bcookie Value: "v=2&16ddd3ef-dc70-4d71-8205-27e1cee5963a"
.linkedin.com/	1970-01-20 17:59:35	Name: li_gc Value: MTswOzE2OTA4MjM0NDE7MjswMjFAIHE9Mn6VJcNBmyTIDyoWyHYUxXi/MGfDFdjI6cesOQ==
.linkedin.com/	1970-01-20 13:41:49	Name: lidc Value: "b=TGST04:s=T:r=T:a=T:p=T:g=2981:u=1:x=1:i=1690823441:t=1690909841:v=2:sig=AQHuzILkhrxYpzB4yrUZI0_Xw-JcuhZw"
.gonet-ads.com/	1970-01-20 22:27:25	Name: pid Value: Njk0YTJjMjk3MzRjN2M4Mw
.adfarm1.adition.com/	1970-01-20 15:49:59	Name: UserID1 Value: 7262031382428711053
.yahoo.com/	1970-01-20 22:26:21	Name: A3 Value: d=AQABBBHrx2QCEE2KQoASdNVaJRI8JjKfVn0FEgEBAQE8yWTRZAAAAAAA_eMAAA&S=AQAAAhiQmxSPcluTFl9cJKuK3fw
.blismedia.com/	1970-01-20 22:26:03	Name: b Value: 64C7EB119B39EF953585C71BBLIS
.w55c.net/	1970-01-20 23:12:04	Name: wfivefivec Value: CLCBZOcF1QqwpP5
.adform.net/	1970-01-20 14:25:01	Name: C Value: 1
.turn.com/	1970-01-20 17:59:35	Name: uid Value: 7540828457111162091
.adform.net/	1970-01-20 15:06:47	Name: uid Value: 9100574722063711714

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://as.ad4m.at/ad/dr?ed=1h7ge563djadg64gx04p8s0hnmvdnwwyn96eahdqk2s7ef2gn9fm77bczvrtvqwjvm2daezj40ayzbqxxa33jyjasrrpjz0xzzntx7jr652m038sejkc9tzf55hv8gcabc90yng3vb7rszfaw3jcby0fermbr8jqvp12ckp6sm5xd76cq10z7ce798zvyawvqw9ej57f9j2z5w1sw0f21h7vtwc4jrjjffxshhz21spv2jvarf054m5q2svgp5qdqb30vv19b5b2x6n4pna73w2d97vq8rzrttrhqqjkjxpsd48zvg811ytdxqp14n9fkpg13tn69bjyde4y1p8tq4xr8w1pbyfmwd77c9mvh0gxppj887vs6bvpcaqefn7ra0f84cmfs9gp3kvdbfrm40jmytqwn6xwzk1kdb92ahr5spee6s3k7zbt38stn24g744mzgfs1w&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCImntEOvHZPeqGoibygX-obrIB5DhgYRctqjCivACwI23ARABIABgoQKCARdjYS1wdWItMzYzNDk5OTI1MDA5NjA2NcgBCakC-EeJzJ1_sj6oAwHIAwKqBLwBT9AdcnMcCfsES1GODxto3FuqYfCdSwLJEm4woOndg86GSi7eZ71PN-9USsUWyqpXgcibL9kw_G67KpEncrYkJ36rUAnf5xQxchy0VXDv2_e9dcUkLjqOkBrjJZ2_8ua2Hq4mCpTLCSlcJ6sPDdwBSBJVQK-KuD2kKWUQ4Jw7T_9U1fqsOOUr3uoMU5TLPzRuQO-87E6yfGoPMmRDYJNcwhiPnz9coHR7IPeDZfgnBSMYBtMmgjJUR4D-xVWABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3HWP8rXTGZ7HPfkcIClpkYKBPV6Q%26client%3Dca-pub-3634999250096065%26adurl%3D Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://ad4m.at/r62eglto.js Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security	error	URL: https://as.ad4m.at/ad/rar?a=197862%2C14019%2C19769&b=Rx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZ%2CRx3HgfQfZx7TkHwH3tQtdWgf9SzTYMAhB3zZ%2C8R3cDf8f2qZfgHJHEtxtkZEhGSwTpQZtbw6A&f=QxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5%2CQxWH4fjfbV7txH5HYt9CZekh6S4TGD4HEzJ5%2CZxqHwfBf6A8UmHDHDtDCJQ2a6SXTQRBuY51p&c=160&d=600&e=&g=293cd94b600d34d2205de1c34cd031c7%2F13338568988728896521&i=71725%2C21596%2C21630&j=21%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1690823442138&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g1kgac58shx4767wx680dbc68ke69yawdc34qfhg8stqtk2adj2bqzwcnrv7m6wgp07yn21xp1wxqcbs8fe1jf5hdqw83ph2k5y2j6ct6zd6wqz87ymtsqjg539cpvn8j813tvwx8hp5h1e20qmne6yr6wzhy3tgkbkr1et9dnsha21c73jwmz1jmf95n6v5edp1g9ymv730hzy8g0heqr80htg2xcn8jqktcvhe9dgax17kmzbqqg04ycdy3e1qamv0t7fabepch49483r5fyd%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCImntEOvHZPeqGoibygX-obrIB5DhgYRctqjCivACwI23ARABIABgoQKCARdjYS1wdWItMzYzNDk5OTI1MDA5NjA2NcgBCakC-EeJzJ1_sj6oAwHIAwKqBLwBT9AdcnMcCfsES1GODxto3FuqYfCdSwLJEm4woOndg86GSi7eZ71PN-9USsUWyqpXgcibL9kw_G67KpEncrYkJ36rUAnf5xQxchy0VXDv2_e9dcUkLjqOkBrjJZ2_8ua2Hq4mCpTLCSlcJ6sPDdwBSBJVQK-KuD2kKWUQ4Jw7T_9U1fqsOOUr3uoMU5TLPzRuQO-87E6yfGoPMmRDYJNcwhiPnz9coHR7IPeDZfgnBSMYBtMmgjJUR4D-xVWABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3HWP8rXTGZ7HPfkcIClpkYKBPV6Q%2526client%253Dca-pub-3634999250096065%2526adurl%253D&y=1&s=&z=0 Message: Ignoring duplicate Content-Security-Policy directive 'worker-src'.
network	error	URL: https://track.webgains.com/link.html?wglinkid=3641431&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jh99at8vwkcshf3h6y1wvt4r364jc732a2eh0j9rtyr9bqfqwqzefxa4gt0rkrn3y87ygh03fdfdn70k2sd9nzv70zdv1p1ppetm45p7w1naj30a5gq4tpy17nbz1vfrk1dq3necw3r14p0rw7cpkh0j55t1h75qeqysyzserhpxgtek90wywrpdyxm4a08ee3ecatq8h6tcpgt3vn2ya02wxxbzb691w5hn956atmdsknqhcqm8taa1tbd93y58qt0r%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g1kgac58shx4767wx680dbc68ke69yawdc34qfhg8stqtk2adj2bqzwcnrv7m6wgp07yn21xp1wxqcbs8fe1jf5hdqw83ph2k5y2j6ct6zd6wqz87ymtsqjg539cpvn8j813tvwx8hp5h1e20qmne6yr6wzhy3tgkbkr1et9dnsha21c73jwmz1jmf95n6v5edp1g9ymv730hzy8g0heqr80htg2xcn8jqktcvhe9dgax17kmzbqqg04ycdy3e1qamv0t7fabepch49483r5fyd%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCImntEOvHZPeqGoibygX-obrIB5DhgYRctqjCivACwI23ARABIABgoQKCARdjYS1wdWItMzYzNDk5OTI1MDA5NjA2NcgBCakC-EeJzJ1_sj6oAwHIAwKqBLwBT9AdcnMcCfsES1GODxto3FuqYfCdSwLJEm4woOndg86GSi7eZ71PN-9USsUWyqpXgcibL9kw_G67KpEncrYkJ36rUAnf5xQxchy0VXDv2_e9dcUkLjqOkBrjJZ2_8ua2Hq4mCpTLCSlcJ6sPDdwBSBJVQK-KuD2kKWUQ4Jw7T_9U1fqsOOUr3uoMU5TLPzRuQO-87E6yfGoPMmRDYJNcwhiPnz9coHR7IPeDZfgnBSMYBtMmgjJUR4D-xVWABvnEndus88zewwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_3HWP8rXTGZ7HPfkcIClpkYKBPV6Q%252526client%25253Dca-pub-3634999250096065%252526adurl%25253D&clickref=oneidQxWH4fjfP93YUxH5HYt9CbqrpT6S4TGD4HEzJ5oneid__suite_Netmix_Reach118_EXTRAPUSH&viewref=oneidRx3HgfQfGPqeUkHwH3tQtw2A7u9SzTYMAhB3zZoneid__suite_Netmix_Reach118_EXTRAPUSH Message: Failed to load resource: the server responded with a status of 429 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.rfihub.com
ad.turn.com
ad4m.at
ads.w55c.net
as.ad4m.at
assets.ad4m.at
b1sync.zemanta.com
c1.adform.net
cm.g.doubleclick.net
cms.quantserve.com
cti.w55c.net
dis.criteo.com
dsp.adfarm1.adition.com
fonts.googleapis.com
googleads.g.doubleclick.net
i.w55c.net
match.adsby.bidtheatre.com
match.adsrvr.org
oatuu.org
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pr-bh.ybp.yahoo.com
prod-rtb.ad4mat.net
px.ads.linkedin.com
r.turn.com
s0.2mdn.net
static-de.ad4mat.net
sync.gonet-ads.com
t.hspvst.com
tpc.googlesyndication.com
tr.blismedia.com
track.webgains.com
www.awin1.com
www.google.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
www.awin1.com
142.250.186.162
15.197.193.217
154.58.197.185
159.69.15.250
172.217.23.98
178.250.1.9
18.135.127.129
18.185.50.28
188.42.105.236
193.0.160.130
2600:1901:0:76b9::
2600:9000:2104:8000:3:4706:a6c0:93a1
2600:9000:2491:f000:1b:f040:3600:93a1
2606:4700:20::681a:71b
2606:4700:20::681a:bd1
2606:4700:20::ac43:4a81
2620:1ec:21::14
2a00:1450:4001:80b::2006
2a00:1450:4001:810::2001
2a00:1450:4001:811::2002
2a00:1450:4001:813::2003
2a00:1450:4001:827::200a
2a00:1450:4001:829::2004
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2002
2a05:d018:d29:3605:772d:4ded:ba46:e399
3.124.112.76
34.96.105.8
37.157.6.243
46.228.164.11
51.89.9.251
64.227.64.62
70.42.32.127
85.114.159.118
91.228.74.208
00ea45d07c8a1aa90a93c81fbc5e13b4b2bbd90fd0060247a6cf3bba348b73f8
032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3
08c6618d143dc10d1fc61ba5ad62a51fab0d514030a0b699d38bfcdafe992f7d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e
117aab39ff04c222975adaa70525efa823758bd0b249be562aacf3fc7019c127
12cb675023716d6fcf98abe5dd732eec1ff8c62d967e396df17537bb3a174165
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
1bd0459d68588e32cbdb48fb00c89ac32c94ad56345bcf4c25cb7cb078b37a88
2b46798c8f3e473da6f45fd3b51bebe0f3cac46182bb49caa9000086afd33d88
2c0dc9de4234e0d540391b0814261d7d71c5f60a679fffa7cdc697bbfb1e079c
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
312114499c9ee55a86d7b541d9335bf9871248362dcc40acbd44663a2daa2bc6
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
371ae72844eb406e215e0b62864935f8539f7b8b1afa9a589cbf5048f25ce4e4
37217cfedb39356d2a0fd317e4a8ee87d225f4364e3afc7473ab5a8e7d97ec64
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3d74aa15684dbebfdd8d4cd6813e443406c3e7de42d2f5bc12a79e60af627b22
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4938ae629cfe26eaeb48f79a64d380e0f2f29a63b0cf0c98ef4dd19039ed3d81
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
4fc31fe542c5c2a52cba77af755a57f4581d7cb69644d595530ba940a5d9b1c7
52db930f81d97113dde679cac624cb5435b56d4ac486e91a0b6692d2cb615a84
541fb110d3896cc361dd08f655c22accc06bed9c580cc3367e3ef09deff5503d
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56a17a336308d9f6d92919a781323e303aff44415f1ebe84adc30d865aaf4fcd
5ac477d8785a4c9ef373969dd3f047e310bfb60d77bc518593795177bd131227
5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de
5c4f9e4b1838819f2fdbc6eea07e712886701f71a49ff22a445a9be3d5c7d806
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5f68209356839610d4b9bbf5a522130858fb1c1172a4f72fa76406f4ecb2f650
6190e10eab07f81bb062f01927d03bb513044aac255fcc4008927297dd6863b8
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
630ac4e1f57654d1b617f454e401526e56b8dbae8f27786b7e152c25208dfd1f
6415839d0c8d17764442e6c48cbf59c6ff9d727b5d098f7df7f215bf14f8e0da
65d62be141d7ac3ea31e29a9e23ad24cd562c93f8aa7c12c916a70e77880123f
671109482151e1dd0e4e1cd6b99f02602cf0fa90e857f134ffee045a82cee848
67e271d0640f6aa7fa8d212a40ea4a6cc5d3fef387aa05050b9f9f5d79875d28
6a2ff37cdb0fa1f0bf2f3d3832455e1730f1253e9d7352cc5697e16af03023a3
71080af6c05c7861fd4e9899d5702c956af710482687ef7ef47e510524d80ac8
7517798bcf7c566d04e64ade89152a78e760cdf91c4ee1ccc78c6fe291b647b2
75f54230555d30c4d0eae3e6d07cec3e278d8b2e89e57c37a7740fa3b66a0565
7c05f45ecf9a93baaf96e3f3cddf2b8637c572ed4a08daf089b832199fe41104
861e4cd27539274eedfdd65212a140a4c7ccea88e004d23f5234e4db48bc73ae
8981d6057e1d3ec281dd1a03e023e1a61465a2e3b31170bc31f40def12e9b547
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ecb4fb492aee0a820dfc4a395fb80e2ac2e864bbf38aa1ae28d6d70fb9e6da3
91fa317751bcfa4704a7250e3aa2ee31d471a35d9c52c40ca216b918cb7f6ad3
93028274da1d373cd41165f6a442568ddd482370e8093e45d14a4ad0f6981f19
94a8263818c4f334dfaa61597db2b0cacaa6b32cf49b5971054c2d01a5ec070d
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
99aca0ded905748ef672c04dcc995cf80b27947c8169f68852b17c4a3445d678
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2b9eefee68fa18c6be3c3bbe11d769b5affc01b84ea94c7ec68ae4ffacd858a
a680b27abf1fc18387999557e3fc739025bc86fe763fb9d7707d97e88c696a7c
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
abdd72ab7cad073d9ea4bae38c13ef78542f612c293b80665c374bfbf41a86f8
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b6c98830eda91aabaa34aa286c07b90ac239a8ab887430430d070f1e87f22b96
b6f01e409bcd286fe55e33734621ab375cd96c7f4d5586688c6e6bee4efd9908
b7c2f10c04a8c2165c222854b30d46301a1e0b6b22b3ac971fb29554ba0cabff
b861ecdccefc2537f81bea156260e8fc41ed849f8c937dde26fc0cf1c5ef5b25
b8a4edd9fb9ea9ec29d808c785e14013fd209692a4d7e4ce896ef67148c6c37d
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3
c3541115844fb4cdc980c1966cd24e21323379968bdf89164d416a65fd4a4df3
c7f57f8671ee2aff1234cee199a90f523f7584a2181162d3241af4b1044ad78b
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d19f5c23a70a3dbf2e6b06a6f18b44869ad7b93f03812702b2d1826535ff272d
d4d75a13863753d7b0e866540e731e6bad11a7c55b1715ee88fdfd50209f96d5
d5334ba3a0c967b6606b090ae1c583eb9e93c53d59f63f8f716897fe3f63c184
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d7aa97ad2d957155872d77a60dd07a499b4b261bc34e2c3f931c18cc692c708e
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
ddb53616b4275551ae84ddd5fd19a2ddb36108d2a308b5c83c344cb6926ed800
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b8cd0d6d8c57ef39e1bb5cff8557261b3b2f640656680a72e421471032d841
e8090651b52c256938df2fb0582f24521fe0476939aab81d01b7f31a7ac75beb
e944aa2add7d89134400d6d51b9b0954ad0e988edd934eccff8907ab90e1c853
eb5b3eefb25a6b43dfbb04cd14a33a9a17e0ae37ad53073385ddc3fb0d864d31
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3a40b7c9361e1962a9c6379c67be683632b17a580cfef4c1423f31424f6f7b6
f4ba5eb6cc7a3d9398ae5b340d76ef7eb6142043681101511e588b55db0b434c
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869
ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

oatuu.org Open in urlscan Pro 159.69.15.250 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

144 Requests

90 %HTTPS

46 %IPv6

30 Domains

38 Subdomains

27 IPs

9 Countries

2535 kBTransfer

5077 kBSize

27 Cookies

1 Outgoing links

Page URL History

Redirected requests

144 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

oatuu.org Open in urlscan Pro
159.69.15.250 Public Scan

Screenshot
Live screenshot

Full Image

144
Requests

90 %
HTTPS

46 %
IPv6

30
Domains

38
Subdomains

27
IPs

9
Countries

2535 kB
Transfer

5077 kB
Size

27
Cookies

144 HTTP transactions
7 data transactions