urlscan.io logo urlscan.io
SecurityTrails logo

x.gd Open in urlscan Pro
104.21.46.170  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://x.gd/uKjYZ
Effective URL: https://x.gd/view/unsafe/uKjYZ
Submission: On November 29 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 4 countries across 14 domains to perform 94 HTTP transactions. The main IP is 104.21.46.170, located in and belongs to CLOUDFLARENET, US. The main domain is x.gd.
TLS certificate: Issued by GTS CA 1P5 on November 17th 2023. Valid for: 3 months.
This is the only time x.gd was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

21    104.21.46.170 (None, )

ASN13335 (CLOUDFLARENET, US)
x.gd
1    2a04:4e42:a00::282 (United States)

ASN54113 (FASTLY, US)
polyfill.io
1    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
20    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
6    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
13    2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    52.49.14.41 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-14-41.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com
2    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
cm.g.doubleclick.net
5    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
4    37.252.171.52 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    74.125.71.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wn-in-f157.1e100.net
bid.g.doubleclick.net
1    2600:9000:26da:7200:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
7    2600:1f13:800:7780:75a0:bfc8:b85e:403 (Boardman, United States)

ASN16509 (AMAZON-02, US)
dt.adsafeprotected.com
6    2a00:1450:4001:806::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    172.217.16.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f6.1e100.net
ad.doubleclick.net
1    2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
33 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
478 KB
21 x.gd
x.gd
437 KB
13 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
cm.g.doubleclick.net — Cisco Umbrella Rank: 245
bid.g.doubleclick.net — Cisco Umbrella Rank: 802
ad.doubleclick.net — Cisco Umbrella Rank: 154
115 KB
10 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 898
static.adsafeprotected.com — Cisco Umbrella Rank: 587
dt.adsafeprotected.com — Cisco Umbrella Rank: 570
176 KB
6 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
227 KB
5 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625
3 KB
4 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 246
3 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
region1.google-analytics.com — Cisco Umbrella Rank: 2462
21 KB
3 gstatic.com
www.gstatic.com
17 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 212
128 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
1 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
90 KB
1 polyfill.io
polyfill.io — Cisco Umbrella Rank: 1329
617 B
94 14
Domain Requested by
21 x.gd 2 redirects x.gd
20 pagead2.googlesyndication.com x.gd
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
fw.adsafeprotected.com
www.googletagservices.com
13 tpc.googlesyndication.com googleads.g.doubleclick.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
7 dt.adsafeprotected.com googleads.g.doubleclick.net
6 s0.2mdn.net x.gd
s0.2mdn.net
googleads.g.doubleclick.net
6 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
4 ib.adnxs.com 3 redirects googleads.g.doubleclick.net
4 cm.g.doubleclick.net 3 redirects googleads.g.doubleclick.net
3 www.gstatic.com googleads.g.doubleclick.net
2 ad.doubleclick.net x.gd
2 www.googletagservices.com googleads.g.doubleclick.net
2 fw.adsafeprotected.com 1 redirects googleads.g.doubleclick.net
2 fonts.googleapis.com googleads.g.doubleclick.net
2 region1.google-analytics.com www.googletagmanager.com
2 www.google-analytics.com x.gd
www.google-analytics.com
1 www.google.com tpc.googlesyndication.com
1 static.adsafeprotected.com googleads.g.doubleclick.net
1 bid.g.doubleclick.net googleads.g.doubleclick.net
1 www.googletagmanager.com x.gd
1 polyfill.io x.gd
94 21

This site contains links to these domains. Also see Links.

Domain
chrome.google.com
Subject Issuer Validity Valid
x.gd
GTS CA 1P5		 2023-11-17 -
2024-02-15		 3 months crt.sh
polyfill.io
Certainly Intermediate R1		 2023-11-12 -
2023-12-12		 a month crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M02		 2023-03-29 -
2024-04-27		 a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M01		 2023-05-09 -
2024-06-06		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh

This page contains 14 frames:

Primary Page: https://x.gd/view/unsafe/uKjYZ
Frame ID: 1963999A738F69850A4FC1583946FD70
Requests: 30 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Frame ID: BFFA6BAC2EBF9D2B760253E1FCD5C4C8
Requests: 1 HTTP requests in this frame

Frame: https://x.gd/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
Frame ID: 7BD276B97203CE01AE401A01FF4B45CD
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2737572314184878&output=html&adk=1812271804&adf=3025194257&lmt=1698861228&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x1080_l%7C500x1080_r&format=0x0&url=https%3A%2F%2Fx.gd%2Fview%2Funsafe%2FuKjYZ&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&aslcwct=300&asacwct=50&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701280919493&bpp=2&bdt=1942&idt=193&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1304346322017&frm=20&pv=2&ga_vid=22935211.1701280920&ga_sid=1701280920&ga_hid=501539597&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809315%2C31078297%2C44807764%2C44808149%2C44808284%2C44809072%2C318512601&oid=2&pvsid=3470962893984195&tmod=1138369243&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=201
Frame ID: B87D3C99C3E5BE143DE20D9B4A87DFFE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 43AF28B7C1D804873E7A367E6AB66F63
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 5D155992DACAB1EF5CF6FAFEFDC7438E
Requests: 28 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjMrI38ATAB&v=APEucNUQ2B7yPLsVKyljFpSNcbFRnjSvbMh405uBv0CFc8KQvFj2GPtmsCW3xQITTSWFFRFyhg37o_8y-IqQ5rUujr5sMivpY2cSyDWci0s0xXGhPRI-lmbbxuNmG4JBgSVZNaCY8aK-qwkIDXWxVmDAKwnA_r1HmMf8QjGxuIwDtesaiFMVVbg
Frame ID: 048714099779A383A7C297C658419115
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E9%96%89%E3%81%98%E3%82%8B
Frame ID: D7A930F96A8B0E3C06AD2ED2639CD531
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js
Frame ID: 6A556E532142DFB9A763CFAA0A6967C7
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 033DD67604AFFC2EAD613170D5DDC8F6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 7878AB774C332A0DEE924BB138185BDB
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10059731364915184130/EMEA-DEU_XA-09_0_728x90_BAN-A_HTML5_TOFU-no-Networking-SDWANSASEeBookv1_0_105/index.html?ev=01_250
Frame ID: C5A1587260A3C7D269A775B5446A1FDB
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 144C648690FF7F5CF61933F8ED9983F3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 480B5120BF86295460701EEFDA89E331
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Warning | URL Shortener X.gd

Page URL History Show full URLs

  1. https://x.gd/uKjYZ HTTP 301
    https://x.gd/view/unsafe/uKjYZ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /_nuxt/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js

Page Statistics

94
Requests

94 %
HTTPS

67 %
IPv6

14
Domains

21
Subdomains

22
IPs

4
Countries

1834 kB
Transfer

4593 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://x.gd/uKjYZ HTTP 301
    https://x.gd/view/unsafe/uKjYZ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://x.gd/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://x.gd/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
Request Chain 51
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHt0842gxqep3h1mOmyj-ks&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHt0842gxqep3h1mOmyj-ks&google_cver=1&C=1
Request Chain 52
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWd8mf7HjmhBkNhuO1fuGgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHt0842gxqep3h1mOmyj-ks&google_cver=1
Request Chain 53
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEHi_Pm9Nl5V4kghcvfs_Ufs&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHi_Pm9Nl5V4kghcvfs_Ufs%26google_cver%3D1
Request Chain 54
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTI3NTc0NjUxNzY4MjU3OTU1OA%3D%3D
Request Chain 60
  • https://fw.adsafeprotected.com/rfw/bgd/1474271/76103299/xbbe/creative/adj?p=APEucNWXGRCsI5qLZ9x1t9Q0wdOybhwwla5aY2SkcSu9uJeH22qP_aU&d=CokBAKAmf-DDwIrvsJ_WBixFBRnSJ3THDo6WqU2AGBONies1e-b8p1oqZ_6f7GMNk_xl8zgInloeOZyt3y4vPMvtaTUAsx8VNnWEoS1yg3zdA8NofVHoeoqIBxs1MF66460B4SOMTXUSTFsEMqgG1j0IJQ80_QuzVIDLwgxSahgBNsssnYihziDnQ38SyRUAoCZ_4GSpQ4m-hvMaAZakG8oF-Rab1wk9E-1kE40-Is9K1HYwmAPfKpQGr0ycj1GBsxqAc-WcU7ualDV_yci5repejFkBeE_fcVb3RckBk_neuugC2e0UCqoTeBsepPRL4tnEZi4Eu8XPnfr42-0oeb_r0VqKXQSLGwjx4_czIOrqyXBgtKf0haSjfkRzZY_8vObvwVe-gxPNNcs1sKngAd-uwzqDdXmGZzv7h7W1g1XaQwaFA_s4EtEOZDSohV6g_z1_XkEaD0H86nmhXdXvslvmy3ZXIeeknMzx1Say9w5F5MSpOQK1dAMmlNPZ_-xKWb6IJq_c5XNB5Dju-yYTMjY-hSPOl_ub0HzYW7iHtQt91cIl_vAKHoM_5ZfQWm16vwXeK8a6SuM3tjvRNsa6ixUxY95kXDn6PJ3ZSN8AFT3pZJtmY4Es8deGAiRgjpNZBohsSPkUnar3jD5X2lLhH6dsm9a7moqi15xSvDHfXnTPMD9w4k7WVbo1Ypyk8rwcuQ676ID-45TeQF51YLcHexQr2y-Yj4lzv0OdjWVcgDUkGQek1NhpoReggDVu5tJF2LJdOMjJVymt6_PQInw2dkO3WPp3ETwJowViKDIGXSJ5yujgIQb2W2-zsHo-oTdGB1A_KcPZ9cERPiRawfOLV0gW9FxwukCEOtLKlf5xZImY-yZC8nyUfZ2nIf9VEuFAaRogYKP6i_Wem515ZVJfNVmw91Gz7OfNaks6IOLZCVu11_zcpUnPidxlI6Paovm94nSUEJlcRduMh3JOVDZx64L-P5pnQBQxZlmwSslZuRT1xhGCCeJPoGIxS6alZWb1niDYdt9cXIy3pcAZyYE_Yp0Kve3rL7PU7AUHWS0kTftHC9ChTdVFqLOvOM9QxT1sWI2SCkBR9pYsjp0kOBle4RaCTiaqIqv5RQb0NDVrbdaB0mCGL8w5aL0arwgJng2jofv9W7YMIEGPR7y2YDM8a4ny2wbEV2XPC9offlNHlMY6vg3jkp7bdWwkd_VusMhZdVJxpbbpBj8e9PDTtFnfD4XRgPSUOYOGqWlebeXRIEwtqHPa1u9YWcfwD_6LTs587fXusTJzCBtq4La3OK3Co32sfCIKXhecYZOxfEoi-SGMJthV7pKGz8UPAoKD8vewZdflh3K-nQH7itl4IMk_lQsJu7Ojq-CR96WGGAQr1_q9dBmoaxLg42qiNY5XO_HPXhGpUhYxuhD3l0p_qALZB-bvkRgQGtoiTHJrZNrzyK_hOm-QT0SIW2KdxLtCOslTVZ1ErvNzF-d32k20xJ6aJUyo9MfuT5nXLDYnmTYy9sY9DkyAhNUD4wq7cG-uXMBYM_b00Nt2upIpeisQwMax4JgFxqTp9JIjtUZ8aD7fQsHNjbsluz18w0DhbMf1NQ7WcwcOPPfMWDxVvowf9o4SujrQITI9mYeI8X9VDg7IDUHb9y4ixwJtgzRV6U0o-6vo5jw7IG_5DUSgWwbW-pYFz83hVsY90GUjTfGSSqytQhIOYvp5e_cjiyXLYH4yboPUb4kfLmAYf5XyJXxk8f4M0no7Ox7rgiptPhu8cu7yS3UHiunwW2wx9SIEzYcJP9TfYpOBmmn5dVRMwOYgg-y6kv7xEG6OAfQ2V5iA3EJ8hiJq-YB-d4SpAbUwfuEa36oF0gwzQ7jYD10_EDGKRaNxSXiwnaN8r_kM6z74aS7e0av7ZlWLCp3eUQcia0qhowMIwaoMOB3a2mF5nbtRlOx9i2iqm-vWnAmWQV5ujiWZ_Eav2QUnsT83VfSeanjXpUQkLJhTtxGY7nNAFbewottqnhWDngXbVV6nj2oe0AabMmiBIM6zeh7_JbtCGsMArmKjH5_fM5p53TOPL9AhJZ_Sb86a1IHekRu_xPohV5uftPGLd-dXkhRBLhFCSMDYSAw2KishnPIuJT8l2RLdJzPR-prg2h9Y8fBTPOu4sNosjgvVYcGjgrhA13ag9u0mdZqAP8Dp161Zf4zr1nJmYO8RoNuGjAyW6tPgXOerfErYjYdflIRukolPoXi5GI921o28mlMUo4Vi5XbPanV3CpWAwhmYOz_1yXxriZh0VPM49G5aQYioooRSIKdAkppas-XpVTmqTIS0ItXaGspmYMNDBWAQGJPYMqf855SvS8Xsrx3EUfXi_wF3nrxM08mcoT5DP3jU0I2MJTWDy8s34IbOORxGB12CtS5HNIuPeVeO7ugfSIBHWaAYF5T3F5dclYQj3D4lkySOv_0T_RbnQGexuPgSzDLAcyGCKG6w_hXKP39ng0ot70hN6EOTncrbRqC--fjDPFGPzkG86m4JeLW5vqqAETIrOSRAIHC9p_27KGMApazfQsp0PBzq3Z6-gi6upjEZ68ybGUxsypN8pZtKK9ZSusKS0J3i_VijPo0OgIu6ArAXXNy9PQiaOjjgvG6Wp4VRXvxwurzhJN9VJd1XaAUSDG9A6g4WnsGeJRUF08N1YupKvXdF7Bhsa3_IBr4mPw6onJy4qXNXGTiJt72yIythR03IVQ9CO121D8D8KEoAn9Na71uipx8Ty5DKJ7Xk-XWb89HLUz30Ym_Cyk8Tcn3lEKMrYYglIiqw29lwgN8le_vjY7ZwTVvMhRcihWyD4xVCrxOWRDZIo3Nr5kx05UQxA62DcOOBp-14OVaF8ipwa3WrpGKnF8zgczdLZqpCV-Y-40E-2bpemMTUaOfapwVh33De-PnE3ktCdwe8eTS3bHVBX5CXmJci7zAnr4JwieIraZly4FcNNA-eLD_h36G5xM5fjohaIilKEt3X0M7-65y7x1AQtKxbIs_8aPm-gpGdf1BBSTwTbKwjrmsIG9wWVHQ7mGk3bHPAt_OD4V8XYH21TCmUEM-0ibRWtjE66fGgr0MzpflTokI-QdqAwpLbiE9gqgH5wEO8G3GtgSECi71H2O3gqsuB8YNIHorwHd7XHSQeQTVO2SgmakPlROi-7FtRd7NjbUw5yMPXcx8NdBgu9VuKI_q4lUUKmaSHPIA0sAr6WvOPIANydXT91wz4tyE5UVD96AyQol6hmke28SLel721VNSHKyacoG_NzEvk-FNhO699fq-vjQj9jahF0VbpbVf3IP3vh3KHzoecshkPCvAnwQsD1kDpCeuVO0bjAFNEvf56Dx--WtUjjuOh6eCwg1Ah_JCEitgdEz36WHV3PBUv-XX_wAk777Gx6HflwM2CzUAGsKGUTcB-E6gDHu-XvPXf-wIlW_GiKzuySb5IJySWWwaM8AFsC8Pe78nXMR-_YZCpxfpIhAMpiMVvTXE9pyDrbs7oKMm5R6t-zzR2_sq9c7EKFKAqVkHNVjYWYnyK5Bpj0XczK8ajhoxImLwgr9RH4RL6adKLRuXeImlYkUqhHMcB-LP8OHmOhuj2lxDPhMA-8URmeBjYvb3zI2yZoOa7QZKYGCzlS8ov0r12CxQqJnFAvXSnBTqy7pDSDP4w1mMThSdoMXUg_htY7a20UcuvPjDY1KHIUL1W8TuavFCu9mf7_JUmol7pPwM7BlQ055yQDnT1UKYP7jp2d4C8FDThaOHg8RiO78g0kUrWUiikuNd8P5pN-9o8CvM_6WO5j6X3xibe-BMWh-GxDedHjyretfYMyLBWRmv_V7bAqx9qD2MDmngHpX_fn6vVfOxEuPsTxJ99_roMXFuIT_i9RnceGlUIBBJPAMgJpo072az4MiHKcN1hBhhCQ1F5DoctLsUNJ6E1ZK2OBHIqi9NWvzXl7bWmBCJ3q3wrThLwZu4Jc6XnJVZcRUc3xqYeOFleiCi-J8OV_hgBYAE&bundleId=&ias_dspID=3&ias_campId=1012200182&ias_pubId=pub-2737572314184878&ias_chanId=1&ias_placementId=20118616986&bidurl=https://x.gd/view/unsafe/uKjYZ&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0i3d6y5PcKCjO_T8dNcWhSf&adsafe_url=https%3A%2F%2Fx.gd&adsafe_type=y&adsafe_url=https%3A%2F%2Fx.gd%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231109%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-1-%26adk%3D1812271801%26client%3Dca-pub-2737572314184878%26fa%3D1%26ifi%3D3%26uci%3Da!3&adsafe_type=d&adsafe_jsinfo=,id:dac34ad0-e5e6-3395-24b1-953ea814f23e,c:vnU0o2,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-66f6d74bff-st985,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:2,mot:0,app:0,maw:0,fm:tX1vmQK+11%7C12%7C13%7C1411%7C15*.1474271-76103299%7C151,idMap:15*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:12,oid:6541c98a-8ee1-11ee-a5fc-4a5f7e44f247,v:19.8.461,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWXGRCsI5qLZ9x1t9Q0wdOybhwwla5aY2SkcSu9uJeH22qP_aU&d=CokBAKAmf-DDwIrvsJ_WBixFBRnSJ3THDo6WqU2AGBONies1e-b8p1oqZ_6f7GMNk_xl8zgInloeOZyt3y4vPMvtaTUAsx8VNnWEoS1yg3zdA8NofVHoeoqIBxs1MF66460B4SOMTXUSTFsEMqgG1j0IJQ80_QuzVIDLwgxSahgBNsssnYihziDnQ38SyRUAoCZ_4GSpQ4m-hvMaAZakG8oF-Rab1wk9E-1kE40-Is9K1HYwmAPfKpQGr0ycj1GBsxqAc-WcU7ualDV_yci5repejFkBeE_fcVb3RckBk_neuugC2e0UCqoTeBsepPRL4tnEZi4Eu8XPnfr42-0oeb_r0VqKXQSLGwjx4_czIOrqyXBgtKf0haSjfkRzZY_8vObvwVe-gxPNNcs1sKngAd-uwzqDdXmGZzv7h7W1g1XaQwaFA_s4EtEOZDSohV6g_z1_XkEaD0H86nmhXdXvslvmy3ZXIeeknMzx1Say9w5F5MSpOQK1dAMmlNPZ_-xKWb6IJq_c5XNB5Dju-yYTMjY-hSPOl_ub0HzYW7iHtQt91cIl_vAKHoM_5ZfQWm16vwXeK8a6SuM3tjvRNsa6ixUxY95kXDn6PJ3ZSN8AFT3pZJtmY4Es8deGAiRgjpNZBohsSPkUnar3jD5X2lLhH6dsm9a7moqi15xSvDHfXnTPMD9w4k7WVbo1Ypyk8rwcuQ676ID-45TeQF51YLcHexQr2y-Yj4lzv0OdjWVcgDUkGQek1NhpoReggDVu5tJF2LJdOMjJVymt6_PQInw2dkO3WPp3ETwJowViKDIGXSJ5yujgIQb2W2-zsHo-oTdGB1A_KcPZ9cERPiRawfOLV0gW9FxwukCEOtLKlf5xZImY-yZC8nyUfZ2nIf9VEuFAaRogYKP6i_Wem515ZVJfNVmw91Gz7OfNaks6IOLZCVu11_zcpUnPidxlI6Paovm94nSUEJlcRduMh3JOVDZx64L-P5pnQBQxZlmwSslZuRT1xhGCCeJPoGIxS6alZWb1niDYdt9cXIy3pcAZyYE_Yp0Kve3rL7PU7AUHWS0kTftHC9ChTdVFqLOvOM9QxT1sWI2SCkBR9pYsjp0kOBle4RaCTiaqIqv5RQb0NDVrbdaB0mCGL8w5aL0arwgJng2jofv9W7YMIEGPR7y2YDM8a4ny2wbEV2XPC9offlNHlMY6vg3jkp7bdWwkd_VusMhZdVJxpbbpBj8e9PDTtFnfD4XRgPSUOYOGqWlebeXRIEwtqHPa1u9YWcfwD_6LTs587fXusTJzCBtq4La3OK3Co32sfCIKXhecYZOxfEoi-SGMJthV7pKGz8UPAoKD8vewZdflh3K-nQH7itl4IMk_lQsJu7Ojq-CR96WGGAQr1_q9dBmoaxLg42qiNY5XO_HPXhGpUhYxuhD3l0p_qALZB-bvkRgQGtoiTHJrZNrzyK_hOm-QT0SIW2KdxLtCOslTVZ1ErvNzF-d32k20xJ6aJUyo9MfuT5nXLDYnmTYy9sY9DkyAhNUD4wq7cG-uXMBYM_b00Nt2upIpeisQwMax4JgFxqTp9JIjtUZ8aD7fQsHNjbsluz18w0DhbMf1NQ7WcwcOPPfMWDxVvowf9o4SujrQITI9mYeI8X9VDg7IDUHb9y4ixwJtgzRV6U0o-6vo5jw7IG_5DUSgWwbW-pYFz83hVsY90GUjTfGSSqytQhIOYvp5e_cjiyXLYH4yboPUb4kfLmAYf5XyJXxk8f4M0no7Ox7rgiptPhu8cu7yS3UHiunwW2wx9SIEzYcJP9TfYpOBmmn5dVRMwOYgg-y6kv7xEG6OAfQ2V5iA3EJ8hiJq-YB-d4SpAbUwfuEa36oF0gwzQ7jYD10_EDGKRaNxSXiwnaN8r_kM6z74aS7e0av7ZlWLCp3eUQcia0qhowMIwaoMOB3a2mF5nbtRlOx9i2iqm-vWnAmWQV5ujiWZ_Eav2QUnsT83VfSeanjXpUQkLJhTtxGY7nNAFbewottqnhWDngXbVV6nj2oe0AabMmiBIM6zeh7_JbtCGsMArmKjH5_fM5p53TOPL9AhJZ_Sb86a1IHekRu_xPohV5uftPGLd-dXkhRBLhFCSMDYSAw2KishnPIuJT8l2RLdJzPR-prg2h9Y8fBTPOu4sNosjgvVYcGjgrhA13ag9u0mdZqAP8Dp161Zf4zr1nJmYO8RoNuGjAyW6tPgXOerfErYjYdflIRukolPoXi5GI921o28mlMUo4Vi5XbPanV3CpWAwhmYOz_1yXxriZh0VPM49G5aQYioooRSIKdAkppas-XpVTmqTIS0ItXaGspmYMNDBWAQGJPYMqf855SvS8Xsrx3EUfXi_wF3nrxM08mcoT5DP3jU0I2MJTWDy8s34IbOORxGB12CtS5HNIuPeVeO7ugfSIBHWaAYF5T3F5dclYQj3D4lkySOv_0T_RbnQGexuPgSzDLAcyGCKG6w_hXKP39ng0ot70hN6EOTncrbRqC--fjDPFGPzkG86m4JeLW5vqqAETIrOSRAIHC9p_27KGMApazfQsp0PBzq3Z6-gi6upjEZ68ybGUxsypN8pZtKK9ZSusKS0J3i_VijPo0OgIu6ArAXXNy9PQiaOjjgvG6Wp4VRXvxwurzhJN9VJd1XaAUSDG9A6g4WnsGeJRUF08N1YupKvXdF7Bhsa3_IBr4mPw6onJy4qXNXGTiJt72yIythR03IVQ9CO121D8D8KEoAn9Na71uipx8Ty5DKJ7Xk-XWb89HLUz30Ym_Cyk8Tcn3lEKMrYYglIiqw29lwgN8le_vjY7ZwTVvMhRcihWyD4xVCrxOWRDZIo3Nr5kx05UQxA62DcOOBp-14OVaF8ipwa3WrpGKnF8zgczdLZqpCV-Y-40E-2bpemMTUaOfapwVh33De-PnE3ktCdwe8eTS3bHVBX5CXmJci7zAnr4JwieIraZly4FcNNA-eLD_h36G5xM5fjohaIilKEt3X0M7-65y7x1AQtKxbIs_8aPm-gpGdf1BBSTwTbKwjrmsIG9wWVHQ7mGk3bHPAt_OD4V8XYH21TCmUEM-0ibRWtjE66fGgr0MzpflTokI-QdqAwpLbiE9gqgH5wEO8G3GtgSECi71H2O3gqsuB8YNIHorwHd7XHSQeQTVO2SgmakPlROi-7FtRd7NjbUw5yMPXcx8NdBgu9VuKI_q4lUUKmaSHPIA0sAr6WvOPIANydXT91wz4tyE5UVD96AyQol6hmke28SLel721VNSHKyacoG_NzEvk-FNhO699fq-vjQj9jahF0VbpbVf3IP3vh3KHzoecshkPCvAnwQsD1kDpCeuVO0bjAFNEvf56Dx--WtUjjuOh6eCwg1Ah_JCEitgdEz36WHV3PBUv-XX_wAk777Gx6HflwM2CzUAGsKGUTcB-E6gDHu-XvPXf-wIlW_GiKzuySb5IJySWWwaM8AFsC8Pe78nXMR-_YZCpxfpIhAMpiMVvTXE9pyDrbs7oKMm5R6t-zzR2_sq9c7EKFKAqVkHNVjYWYnyK5Bpj0XczK8ajhoxImLwgr9RH4RL6adKLRuXeImlYkUqhHMcB-LP8OHmOhuj2lxDPhMA-8URmeBjYvb3zI2yZoOa7QZKYGCzlS8ov0r12CxQqJnFAvXSnBTqy7pDSDP4w1mMThSdoMXUg_htY7a20UcuvPjDY1KHIUL1W8TuavFCu9mf7_JUmol7pPwM7BlQ055yQDnT1UKYP7jp2d4C8FDThaOHg8RiO78g0kUrWUiikuNd8P5pN-9o8CvM_6WO5j6X3xibe-BMWh-GxDedHjyretfYMyLBWRmv_V7bAqx9qD2MDmngHpX_fn6vVfOxEuPsTxJ99_roMXFuIT_i9RnceGlUIBBJPAMgJpo072az4MiHKcN1hBhhCQ1F5DoctLsUNJ6E1ZK2OBHIqi9NWvzXl7bWmBCJ3q3wrThLwZu4Jc6XnJVZcRUc3xqYeOFleiCi-J8OV_hgBYAE&bundleId=&ias_xappb=

94 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request uKjYZ
x.gd/view/unsafe/
Redirect Chain
  • https://x.gd/uKjYZ
  • https://x.gd/view/unsafe/uKjYZ
6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://x.gd/view/unsafe/uKjYZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.46.170 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccce18dae18c1dcf433bb01f9e0ce5721e151b15ae2670bbbcc10eb39b03a9eb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
82dcc244fce84da2-FRA
content-encoding
br
content-type
text/html
date
Wed, 29 Nov 2023 18:01:57 GMT
last-modified
Wed, 01 Nov 2023 17:53:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UBIvk6qLwVPp9zwvv5jxQi7nOtxEcrCcVD4tBMmY%2B2B1YhBhz2NSZIwVqYdgx2RART3L9toPBnQQDwJWwxUMFLJdG3ZPYqsXs8QOFnaOrso45MCJhMvy"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, max-age=0, no-cache
cf-cache-status
DYNAMIC
cf-ray
82dcc2411fc34da2-FRA
content-type
text/html; charset=UTF-8
date
Wed, 29 Nov 2023 18:01:57 GMT
location
/view/unsafe/uKjYZ
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q95IXlAcoa5wqfFpi2JyKd8SNoi%2BYapa2rdWVnPXBr%2BkTPIUxph6oIpwcWNogbLp%2FJo6886UQ6LtSDCar8l4eGLlMK%2FQDyB9XUl4WS%2Bzlj7S%2FYh8Q4ML"}],"group":"cf-nel","max_age":604800}
server
cloudflare
polyfill.min.js
polyfill.io/v3/ 		101 B
617 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?features=URLSearchParams,Object.fromEntries,Object.keys,Object.values
Requested by
Host: x.gd
URL: https://x.gd/view/unsafe/uKjYZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:a00::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://x.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 29 Nov 2023 18:01:57 GMT
age
89574
detected-user-agent
Chrome/119.0.0
server-timing
HIT-CLUSTER, fastly;desc="Edge time";dur=1
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
120
referrer-policy
origin-when-cross-origin
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
normalized-user-agent
chrome/119.0.0
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
accept-ranges
bytes
timing-allow-origin
*
js
www.googletagmanager.com/gtag/ 		268 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-K53RX1V2LY
Requested by
Host: x.gd
URL: https://x.gd/view/unsafe/uKjYZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
75e47c62e574a0498bae1db99704c71c6747ff4bca699b88e02de9d030fef67f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://x.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 18:01:57 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91372
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 29 Nov 2023 18:01:57 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		150 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2737572314184878
Requested by
Host: x.gd
URL: https://x.gd/view/unsafe/uKjYZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5759795dd4000417cb6dcb3b64c51361e15f2086c92fd99cef21511c93466200
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://x.gd/
Origin
https://x.gd
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 18:01:57 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52640
x-xss-protection
0
server
cafe
etag
17973937238158032977
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 29 Nov 2023 18:01:57 GMT
daeb648.js
x.gd/_nuxt/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.gd/_nuxt/daeb648.js
Requested by
Host: x.gd
URL: https://x.gd/view/unsafe/uKjYZ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.46.170 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b9f3f599c8c620303e3ecb3ef4efc57020d6abfde96b1863afee551fcd5d430

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://x.gd/view/unsafe/uKjYZ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 18:01:58 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 01 Nov 2023 17:53:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"654290b5-9dc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p1y%2F%2FELB0ygDqviIBbQRmF60x%2B8ztzKElwXNcZ81LBBIOYynpfIP9iJCx8PsZUKA9pxhlm0BFJyazL0Fi2%2Fny6pZcjFWdA8v49xREKyVFQFf3N6RkXJJ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
82dcc246bd46696f-FRA
alt-svc
h3=":443"; ma=86400
64c8103.js
x.gd/_nuxt/ 		191 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.gd/_nuxt/64c8103.js
Requested by
Host: x.gd
URL: https://x.gd/view/unsafe/uKjYZ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.46.170 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39488b5646fd7a7ba52a4e1a67c4655730f91b93c6681524e4c581090fabb716

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://x.gd/view/unsafe/uKjYZ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 18:01:58 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Wed, 01 Nov 2023 17:53:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"654290b5-2fb77"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cmBvJrg1mTblAlRyHHU8wDdhZ4y0re2xMmooV3%2FC%2BsCCucdACf%2FTMN%2FhwKcbXnY%2BX8FlLAUsKqNnp8y0GM%2BxWr0Wa%2B2RmBhJI21R4gTFr3fQr79%2FzUMo"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
82dcc246bd48696f-FRA
alt-svc
h3=":443"; ma=86400
55d6948.js
x.gd/_nuxt/ 		122 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.gd/_nuxt/55d6948.js
Requested by
Host: x.gd
URL: https://x.gd/view/unsafe/uKjYZ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.46.170 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9d63d94d11e65be863b3a754ace1b9f2fa71e5e874d7b0ad2ca3e9a831cf3fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://x.gd/view/unsafe/uKjYZ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 18:01:58 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 01 Nov 2023 17:53:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"654290aa-1e87c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uqx4ky5m3baET%2Bs6wU7JclswtT1UwN%2F5e240XwTYLb9Y09w2o1X4fQzFDfZnckQ%2FvWpWJ%2BKhvHSmXWmxgvzrm5rNC6S4AcH1LIbioGictl5SLFpP%2FK9W"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
82dcc246bd49696f-FRA
alt-svc
h3=":443"; ma=86400
849cc5d.js
x.gd/_nuxt/ 		706 KB
264 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.gd/_nuxt/849cc5d.js
Requested by
Host: x.gd
URL: https://x.gd/view/unsafe/uKjYZ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.46.170 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f37fb29719b441eb569ded27a94e405544d3afc1d312167aeb6a3489f4962ae9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://x.gd/view/unsafe/uKjYZ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 18:01:59 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Wed, 01 Nov 2023 17:53:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"654290aa-b0830"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7o8qNEAhpmBp%2FyHBsi2UnGP%2BECXsp9%2B2FNksid5Enfb%2BNxsais6hjNdGsRL2zUHaJxZ%2BSxAhK4czja6G749UO86p0ZBUMHNkfnteURxyB5ezCmsK2mTC"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
82dcc246bd4e696f-FRA
alt-svc
h3=":443"; ma=86400
5015cbf.js
x.gd/_nuxt/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.gd/_nuxt/5015cbf.js
Requested by
Host: x.gd
URL: https://x.gd/_nuxt/daeb648.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.46.170 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c90d4af4915ff3986649148829d4e4515d61e91b6a4471c9a2cf5c6849776b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://x.gd/view/unsafe/uKjYZ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 18:01:59 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 01 Nov 2023 17:53:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"654290aa-4291"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u9pga5YHo0wTL2ANfRzLWUQiW0X1k0v1G94GEfM2nijReyiNHnXWqncVqEnuMlsDVN00anirNn7O06UgFZQQenmsQlk3gvprKIGKHDOoomqG6Qsg8OOc"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
82dcc252aae6696f-FRA
alt-svc
h3=":443"; ma=86400
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/ 		397 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2737572314184878&plah=x.gd
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2737572314184878
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6cca8de99dc2e16724daf0ca031553ba846fcde067ad3c87bb4db805ef82af0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://x.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 18:01:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137285
x-xss-protection
0
server
cafe
etag
11408593468266400336
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 29 Nov 2023 18:01:59 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame BFFA 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2737572314184878
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://x.gd/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
6235
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4118
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 29 Nov 2023 16:18:04 GMT
etag
16674218716276178799
expires
Wed, 13 Dec 2023 16:18:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
main.js
x.gd/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/ Frame 7BD2
Redirect Chain
  • https://x.gd/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://x.gd/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.gd/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
Requested by
Host: x.gd
URL: https://x.gd/view/unsafe/uKjYZ
Protocol
H3
Server
104.21.46.170 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01f76a823cd73d314556ab9c13e4c5d5ece4bd0f94d5afbd9508eb3522ebca33
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 18:01:59 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ezdCRaZTbGxIw91Nd0UZ8lp%2Fp1VDVkDRKnQvGISbaSYMQb1G6%2BA5fWjkIjTURIF7Wi8ctVeW49HV49Kdm4f6L6%2B75sGSNGgHdWO3VsLX0%2BNxh86gPlZ8"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
82dcc2530b69696f-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Wed, 29 Nov 2023 18:01:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cmRdKHA0LRYTu%2FT3UMDus6tWFcNx8rfCAY3aRxnD9ZQsXqAK%2Bz2rgQDYTdhLAOGQxdZMERK3fZ2b8%2F4NMVW0Zgupj15xwq%2BJ1anDAirOnJSqEn3x%2FvHx"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/9914b343/main.js
cache-control
max-age=300, public
cf-ray
82dcc252fb41696f-FRA
alt-svc
h3=":443"; ma=86400
82dcc244fce84da2
x.gd/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 7BD2 		0
524 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://x.gd/cdn-cgi/challenge-platform/h/g/jsd/r/82dcc244fce84da2
Requested by
Host: x.gd
URL: https://x.gd/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.46.170 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 29 Nov 2023 18:01:59 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g%2BDTkP0d1FEupuxQYNBRps1uMxSqG1e9mrjmh5ym%2FA60T3cOp6%2FM67%2F%2Fkj26axHG%2BuLZshwVVHqAiacNDF2o8EIss1PifOUBfAbQz2zo6o1H22AA4t6o"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
82dcc2538c01696f-FRA
alt-svc
h3=":443"; ma=86400
ads
googleads.g.doubleclick.net/pagead/ Frame B87D 		230 KB
64 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2737572314184878&output=html&adk=1812271804&adf=3025194257&lmt=1698861228&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x1080_l%7C500x1080_r&format=0x0&url=https%3A%2F%2Fx.gd%2Fview%2Funsafe%2FuKjYZ&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&aslcwct=300&asacwct=50&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701280919493&bpp=2&bdt=1942&idt=193&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1304346322017&frm=20&pv=2&ga_vid=22935211.1701280920&ga_sid=1701280920&ga_hid=501539597&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809315%2C31078297%2C44807764%2C44808149%2C44808284%2C44809072%2C318512601&oid=2&pvsid=3470962893984195&tmod=1138369243&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2737572314184878&plah=x.gd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ca355adae973f7a7a54ec975f265e2e45b531c170cd6c54a516130009c0bbe8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://x.gd/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
64874
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 29 Nov 2023 18:02:00 GMT
expires
Wed, 29 Nov 2023 18:02:00 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: x.gd
URL: https://x.gd/_nuxt/55d6948.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://x.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 29 Nov 2023 17:49:38 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
742
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 29 Nov 2023 19:49:38 GMT
collect
region1.google-analytics.com/g/ 		0
237 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-K53RX1V2LY&gtm=45je3b81v9102618407&_p=1701280919994&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=22935211.1701280920&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEAE&_s=1&sid=1701280919&sct=1&seg=0&dl=https%3A%2F%2Fx.gd%2Fview%2Funsafe%2FuKjYZ&dt=URL%E7%9F%AD%E7%B8%AE%E3%82%B5%E3%83%BC%E3%83%93%E3%82%B9%20X.gd&en=scroll&_fv=1&_ss=1&epn.percent_scrolled=90&tfd=3644
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K53RX1V2LY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://x.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 18:02:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://x.gd
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
logo.svg
x.gd/img/icon/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.gd/img/icon/logo.svg
Requested by
Host: x.gd
URL: https://x.gd/view/unsafe/uKjYZ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.46.170 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
336951503a0ffc84310fb5345be5eaa6f9d8a2bdfad0dae493cf3abce96b425f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://x.gd/view/unsafe/uKjYZ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 18:02:00 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Wed, 01 Nov 2023 17:53:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"654290b7-67c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v53gWlwu%2FmpiNS7zNYRWOTS6%2BCMu6mP4HLg5AWVpMAMsMFQx9WMp9lYmDZ0pVXm7GqzVdfh3ixONF%2BuCQy04ygtHoOkeG%2F8tZZp2S0J8YqEcrL8ni4v7"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
82dcc2563f44696f-FRA
alt-svc
h3=":443"; ma=86400
settings.svg
x.gd/img/icon/ 		587 B
785 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.gd/img/icon/settings.svg
Requested by
Host: x.gd
URL: https://x.gd/view/unsafe/uKjYZ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.46.170 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a9ff32d85258ef227ddc9a6763db635f084caaaaded2d4b28bb98ea0b1253c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://x.gd/view/unsafe/uKjYZ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 18:02:00 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Wed, 01 Nov 2023 17:53:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"654290ac-24b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CaJegauxYp4bOTqy7XNFYGJIyuu7IYtCh1%2FrR2Fsvj%2BC9d97GLbZsAQiL3lc7aG%2BMEol36D6x2ccKRhBCH1PUkY7eR2wgxiYA7bgc8AKAVedJHsor61o"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
82dcc2563f45696f-FRA
alt-svc
h3=":443"; ma=86400
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		150 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2737572314184878
Requested by
Host: x.gd
URL: https://x.gd/_nuxt/64c8103.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d685bd99eb085d690ef8172287b1b7e5aac6a7d7a8712cdd1029319102f46c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://x.gd/
Origin
https://x.gd
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 18:02:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52792
x-xss-protection
0
server
cafe
etag
16199706933183390415
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 29 Nov 2023 18:02:00 GMT
auth
x.gd/api/V1/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://x.gd/api/V1/auth
Requested by
Host: x.gd
URL: https://x.gd/_nuxt/64c8103.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.46.170 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0565ce80b934cf874c4ce5dfcdf4295511e7d5f7507c57fa0d364e353aac983f

Request headers

Accept
application/json, text/plain, */*
Referer
https://x.gd/view/unsafe/uKjYZ
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 18:02:00 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TQYOzl0qY7osoR%2Bw4BanQ5IjtPfwv%2Ff%2BoY7O%2BeLb83DLZgHCRKVietTeWsMeDay5aHiltaQRV2WmqQv5QChWgVfKcHrBXdyo95CF3glaxSQ2OiGL2P6z"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=UTF-8
cache-control
no-store, max-age=0, no-cache, no-cache
xacas
UjaMXSaknQbEdRbsnM0NGPmIKD2QHDmDAD4MKDlVnR2UAQ4gXS4YAQ1IqD0InRlJqCmsnMdNci
cf-ray
82dcc2563f49696f-FRA
alt-svc
h3=":443"; ma=86400
collect
www.google-analytics.com/j/ 		3 B
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=501539597&t=pageview&_s=1&dl=https%3A%2F%2Fx.gd%2Fview%2Funsafe%2FuKjYZ&dp=%2Fview%2Funsafe%2FuKjYZ&ul=en-us&de=UTF-8&dt=Warning%20%7C%20URL%20Shortener%20X.gd&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAEABEAAAACAAI~&jid=416172407&gjid=60135135&cid=22935211.1701280920&tid=UA-154998386-2&_gid=1956499033.1701280920&_r=1&_slc=1&z=107586928
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://x.gd/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 18:02:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://x.gd
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
178999a.js
x.gd/_nuxt/ 		55 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.gd/_nuxt/178999a.js
Requested by
Host: x.gd
URL: https://x.gd/_nuxt/daeb648.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.46.170 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a932604416230684537f03bc523f1b5da6b10b7ee5be83e8b451f0bd8a59acd0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://x.gd/view/unsafe/uKjYZ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 18:02:01 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Wed, 01 Nov 2023 17:53:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"654290b5-daed"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=srOUUQJbibH8byzHwIvuGJabYy1%2F9fYwxpR%2BrU0uk535RK%2FM5vxRQK0uEhMkPGNW6WbHbmL74wakZO%2BeP39nO56hCK54rVIdkMdwIUXLeVRfPxLldrF3"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
82dcc2565f79696f-FRA
alt-svc
h3=":443"; ma=86400
56264b2.js
x.gd/_nuxt/ 		32 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.gd/_nuxt/56264b2.js
Requested by
Host: x.gd
URL: https://x.gd/_nuxt/daeb648.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.46.170 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
899af7118726b26033f0cfcd94aa35343a8855b928a40cadc16c1a0ce5419997

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://x.gd/view/unsafe/uKjYZ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 18:02:00 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 01 Nov 2023 17:53:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"654290aa-802d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W%2FkeNlRitiXKbVp%2ByIKRhBT4tOpBNsnxK33vPaJsrwIHO5txsrSlG3Sg%2BHFsJhjfh%2BMzdjsWUcCxr5souZjEm26vSaEOVppl9J7I3vFIiu5Tuim8Utrq"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
82dcc2565f7b696f-FRA
alt-svc
h3=":443"; ma=86400
57c82bd.js
x.gd/_nuxt/ 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.gd/_nuxt/57c82bd.js
Requested by
Host: x.gd
URL: https://x.gd/_nuxt/daeb648.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.46.170 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c6a5bb37520d3802bf344e433669d6f795ca3f003e7564e4ae82db7714429bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://x.gd/view/unsafe/uKjYZ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 18:02:00 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Wed, 01 Nov 2023 17:53:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"654290aa-6c94"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3yLz2tdLQmQrqru2sMAGxzgRWU5zJtgWYR969uo6NNkpQOZDFTEWAofq%2FfDdGQRE6TGgwYXdj2iK%2BIS9pAH8Ndo0GtHR14rxIoFk%2FGTnzlgbVd%2B19Q6h"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
82dcc2565f7c696f-FRA
alt-svc
h3=":443"; ma=86400
18ff7cd.js
x.gd/_nuxt/ 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.gd/_nuxt/18ff7cd.js
Requested by
Host: x.gd
URL: https://x.gd/_nuxt/daeb648.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.46.170 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b7fc41884f9369db038e9beb5a7c7bf2d754a1032e3c67a9b5e5fbd530cad07

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://x.gd/view/unsafe/uKjYZ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 18:02:00 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Wed, 01 Nov 2023 17:53:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"654290aa-74d4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iqzgWN7JjOA0iSCwwfGjZDzgneb2qEggKEPUgJmikZwxqh0%2FdDa9jVIG007ark4UHOuMl4LOrg42xv3jOAaePTC%2FzbTyOt9znX0nwbrQJGvcOJXf8Njv"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
82dcc2565f7d696f-FRA
alt-svc
h3=":443"; ma=86400
15b80ae.js
x.gd/_nuxt/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.gd/_nuxt/15b80ae.js
Requested by
Host: x.gd
URL: https://x.gd/_nuxt/daeb648.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.46.170 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
943e9b87328e617dc5dde0f272231be8ac51d8f3d54ae169b47b4b87093e03bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://x.gd/view/unsafe/uKjYZ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 18:02:00 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Wed, 01 Nov 2023 17:53:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"654290b5-338c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=au1j9ZkFBiJ5qcTnN3cnTev1B1K9phvaV%2FWhJ0PhVLi4KPkCrn6VP2i%2F%2BI%2FRkgAqjREKCFNWFEOVbUlcSzi0UTczyMI7EpFjydeVcdA1Z5lwYlaBhudZ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
82dcc2565f7f696f-FRA
alt-svc
h3=":443"; ma=86400
4248dea.js
x.gd/_nuxt/ 		27 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.gd/_nuxt/4248dea.js
Requested by
Host: x.gd
URL: https://x.gd/_nuxt/daeb648.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.46.170 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8ed9cfdb3caea0b6f5cfa91df5aa6f1861e760115db0cc1901c90fb69069609

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://x.gd/view/unsafe/uKjYZ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 18:02:00 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Wed, 01 Nov 2023 17:53:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"654290b5-6ce1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LK683%2F6IhmR8wzjzzxj%2BlrhV7d2mGj6CMzU%2FIg8DqG7cBGBqdj5MSqbYXagkzAQLm98xBsi89Y0tVSLkd4IDYuTszXrc7uuhlYuFdJ2J9ozkZyAF%2BmXq"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
82dcc2565f82696f-FRA
alt-svc
h3=":443"; ma=86400
c33eb82.js
x.gd/_nuxt/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://x.gd/_nuxt/c33eb82.js
Requested by
Host: x.gd
URL: https://x.gd/_nuxt/daeb648.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.46.170 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
563a21af7d066a5ed2d05357428e1b96508f9c9e23a39b560ab9fa8fe92f1591

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://x.gd/view/unsafe/uKjYZ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 18:02:00 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Wed, 01 Nov 2023 17:53:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"654290aa-47fa"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TKh9ylvzzW48yKh5XKlMli0wNgFy0bsjjcYIJCgWgtfBqW8gmKQf2E10iY%2BegrzXN0LWBJwFE9UZOn53RBxxxWTaOIFs3%2FeEGQ%2FhZmVEJvX16MTNm2SC"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
82dcc2565f83696f-FRA
alt-svc
h3=":443"; ma=86400
info
x.gd/api/V1/ 		78 B
490 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://x.gd/api/V1/info
Requested by
Host: x.gd
URL: https://x.gd/_nuxt/64c8103.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.46.170 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e48df3857bfd7f796133deda147f01e73bd63b5b73457861c2d968c6c2e1378d

Request headers

Accept
application/json, text/plain, */*
Referer
https://x.gd/view/unsafe/uKjYZ
xacas
{"s":"baa614fa51e89781d664adb8efbd36da","t":1701280920}
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 29 Nov 2023 18:02:00 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NkqMR2CyDf2ndAk4V0KSW3G6QoHmnuBBMgGJ8nK5KnYRdDmWjLq%2BpfNJabojr01RP8iHxx0gmGW9IkN8I8%2FTGM%2BNYRS5jj8vRFB4ZnNQcJCaKXUAiVMO"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=UTF-8
cache-control
no-store, max-age=0, no-cache, no-cache
cf-ray
82dcc259bb46696f-FRA
alt-svc
h3=":443"; ma=86400
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/ 		160 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2737572314184878&plah=x.gd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d3e3d91c1049ef2c6fe0a210bc08b1a8f094c41687ace751adf3e5135220fefa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://x.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 18:02:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55853
x-xss-protection
0
server
cafe
etag
13388769084283554526
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 29 Nov 2023 18:02:01 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame 43AF 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2737572314184878&plah=x.gd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://x.gd/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
76304
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4118
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 20:50:17 GMT
etag
16674218716276178799
expires
Tue, 12 Dec 2023 20:50:17 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame 5D15 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2737572314184878&plah=x.gd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://x.gd/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
76304
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4118
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 20:50:17 GMT
etag
16674218716276178799
expires
Tue, 12 Dec 2023 20:50:17 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame 43AF 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 29 Nov 2023 18:02:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 29 Nov 2023 16:27:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 29 Nov 2023 18:02:01 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 43AF 		205 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 17:28:44 GMT
x-content-type-options
nosniff
age
1997
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 28 Nov 2024 17:28:44 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 43AF 		604 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 16:31:31 GMT
x-content-type-options
nosniff
age
5430
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 28 Nov 2024 16:31:31 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 43AF 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2881d8eadc298102d2462e8d32e40792adce37b6cd89d99045f574eb3ecbb748
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 23:27:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
66900
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6702
x-xss-protection
0
server
cafe
etag
11213825687312121238
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 23:27:01 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 43AF 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 03:59:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
50548
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8781
x-xss-protection
0
server
cafe
etag
9666818975682992898
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Dec 2023 03:59:33 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 0487 		624 B
246 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjMrI38ATAB&v=APEucNUQ2B7yPLsVKyljFpSNcbFRnjSvbMh405uBv0CFc8KQvFj2GPtmsCW3xQITTSWFFRFyhg37o_8y-IqQ5rUujr5sMivpY2cSyDWci0s0xXGhPRI-lmbbxuNmG4JBgSVZNaCY8aK-qwkIDXWxVmDAKwnA_r1HmMf8QjGxuIwDtesaiFMVVbg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 29 Nov 2023 18:02:01 GMT
expires
Wed, 29 Nov 2023 18:02:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 5D15 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 18:02:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 29 Nov 2023 18:02:01 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5D15 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B9gjX77Gvkoc2IfscZ1I07fUyFopJXTgFrOvqtZV3pDc_xcGByHtGJTqTver61zhFbQFrxQ9kPCs4d3IzZzYXop-1SGghvwxbYTKwfNFyyB8ddYEE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 18:02:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5D15 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=14992701802692067172&x=1&ct=76
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 18:02:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adj
fw.adsafeprotected.com/rjss/bgd/1474271/76103299/xbbe/creative/ Frame 5D15 		263 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/bgd/1474271/76103299/xbbe/creative/adj?p=APEucNWXGRCsI5qLZ9x1t9Q0wdOybhwwla5aY2SkcSu9uJeH22qP_aU&d=CokBAKAmf-DDwIrvsJ_WBixFBRnSJ3THDo6WqU2AGBONies1e-b8p1oqZ_6f7GMNk_xl8zgInloeOZyt3y4vPMvtaTUAsx8VNnWEoS1yg3zdA8NofVHoeoqIBxs1MF66460B4SOMTXUSTFsEMqgG1j0IJQ80_QuzVIDLwgxSahgBNsssnYihziDnQ38SyRUAoCZ_4GSpQ4m-hvMaAZakG8oF-Rab1wk9E-1kE40-Is9K1HYwmAPfKpQGr0ycj1GBsxqAc-WcU7ualDV_yci5repejFkBeE_fcVb3RckBk_neuugC2e0UCqoTeBsepPRL4tnEZi4Eu8XPnfr42-0oeb_r0VqKXQSLGwjx4_czIOrqyXBgtKf0haSjfkRzZY_8vObvwVe-gxPNNcs1sKngAd-uwzqDdXmGZzv7h7W1g1XaQwaFA_s4EtEOZDSohV6g_z1_XkEaD0H86nmhXdXvslvmy3ZXIeeknMzx1Say9w5F5MSpOQK1dAMmlNPZ_-xKWb6IJq_c5XNB5Dju-yYTMjY-hSPOl_ub0HzYW7iHtQt91cIl_vAKHoM_5ZfQWm16vwXeK8a6SuM3tjvRNsa6ixUxY95kXDn6PJ3ZSN8AFT3pZJtmY4Es8deGAiRgjpNZBohsSPkUnar3jD5X2lLhH6dsm9a7moqi15xSvDHfXnTPMD9w4k7WVbo1Ypyk8rwcuQ676ID-45TeQF51YLcHexQr2y-Yj4lzv0OdjWVcgDUkGQek1NhpoReggDVu5tJF2LJdOMjJVymt6_PQInw2dkO3WPp3ETwJowViKDIGXSJ5yujgIQb2W2-zsHo-oTdGB1A_KcPZ9cERPiRawfOLV0gW9FxwukCEOtLKlf5xZImY-yZC8nyUfZ2nIf9VEuFAaRogYKP6i_Wem515ZVJfNVmw91Gz7OfNaks6IOLZCVu11_zcpUnPidxlI6Paovm94nSUEJlcRduMh3JOVDZx64L-P5pnQBQxZlmwSslZuRT1xhGCCeJPoGIxS6alZWb1niDYdt9cXIy3pcAZyYE_Yp0Kve3rL7PU7AUHWS0kTftHC9ChTdVFqLOvOM9QxT1sWI2SCkBR9pYsjp0kOBle4RaCTiaqIqv5RQb0NDVrbdaB0mCGL8w5aL0arwgJng2jofv9W7YMIEGPR7y2YDM8a4ny2wbEV2XPC9offlNHlMY6vg3jkp7bdWwkd_VusMhZdVJxpbbpBj8e9PDTtFnfD4XRgPSUOYOGqWlebeXRIEwtqHPa1u9YWcfwD_6LTs587fXusTJzCBtq4La3OK3Co32sfCIKXhecYZOxfEoi-SGMJthV7pKGz8UPAoKD8vewZdflh3K-nQH7itl4IMk_lQsJu7Ojq-CR96WGGAQr1_q9dBmoaxLg42qiNY5XO_HPXhGpUhYxuhD3l0p_qALZB-bvkRgQGtoiTHJrZNrzyK_hOm-QT0SIW2KdxLtCOslTVZ1ErvNzF-d32k20xJ6aJUyo9MfuT5nXLDYnmTYy9sY9DkyAhNUD4wq7cG-uXMBYM_b00Nt2upIpeisQwMax4JgFxqTp9JIjtUZ8aD7fQsHNjbsluz18w0DhbMf1NQ7WcwcOPPfMWDxVvowf9o4SujrQITI9mYeI8X9VDg7IDUHb9y4ixwJtgzRV6U0o-6vo5jw7IG_5DUSgWwbW-pYFz83hVsY90GUjTfGSSqytQhIOYvp5e_cjiyXLYH4yboPUb4kfLmAYf5XyJXxk8f4M0no7Ox7rgiptPhu8cu7yS3UHiunwW2wx9SIEzYcJP9TfYpOBmmn5dVRMwOYgg-y6kv7xEG6OAfQ2V5iA3EJ8hiJq-YB-d4SpAbUwfuEa36oF0gwzQ7jYD10_EDGKRaNxSXiwnaN8r_kM6z74aS7e0av7ZlWLCp3eUQcia0qhowMIwaoMOB3a2mF5nbtRlOx9i2iqm-vWnAmWQV5ujiWZ_Eav2QUnsT83VfSeanjXpUQkLJhTtxGY7nNAFbewottqnhWDngXbVV6nj2oe0AabMmiBIM6zeh7_JbtCGsMArmKjH5_fM5p53TOPL9AhJZ_Sb86a1IHekRu_xPohV5uftPGLd-dXkhRBLhFCSMDYSAw2KishnPIuJT8l2RLdJzPR-prg2h9Y8fBTPOu4sNosjgvVYcGjgrhA13ag9u0mdZqAP8Dp161Zf4zr1nJmYO8RoNuGjAyW6tPgXOerfErYjYdflIRukolPoXi5GI921o28mlMUo4Vi5XbPanV3CpWAwhmYOz_1yXxriZh0VPM49G5aQYioooRSIKdAkppas-XpVTmqTIS0ItXaGspmYMNDBWAQGJPYMqf855SvS8Xsrx3EUfXi_wF3nrxM08mcoT5DP3jU0I2MJTWDy8s34IbOORxGB12CtS5HNIuPeVeO7ugfSIBHWaAYF5T3F5dclYQj3D4lkySOv_0T_RbnQGexuPgSzDLAcyGCKG6w_hXKP39ng0ot70hN6EOTncrbRqC--fjDPFGPzkG86m4JeLW5vqqAETIrOSRAIHC9p_27KGMApazfQsp0PBzq3Z6-gi6upjEZ68ybGUxsypN8pZtKK9ZSusKS0J3i_VijPo0OgIu6ArAXXNy9PQiaOjjgvG6Wp4VRXvxwurzhJN9VJd1XaAUSDG9A6g4WnsGeJRUF08N1YupKvXdF7Bhsa3_IBr4mPw6onJy4qXNXGTiJt72yIythR03IVQ9CO121D8D8KEoAn9Na71uipx8Ty5DKJ7Xk-XWb89HLUz30Ym_Cyk8Tcn3lEKMrYYglIiqw29lwgN8le_vjY7ZwTVvMhRcihWyD4xVCrxOWRDZIo3Nr5kx05UQxA62DcOOBp-14OVaF8ipwa3WrpGKnF8zgczdLZqpCV-Y-40E-2bpemMTUaOfapwVh33De-PnE3ktCdwe8eTS3bHVBX5CXmJci7zAnr4JwieIraZly4FcNNA-eLD_h36G5xM5fjohaIilKEt3X0M7-65y7x1AQtKxbIs_8aPm-gpGdf1BBSTwTbKwjrmsIG9wWVHQ7mGk3bHPAt_OD4V8XYH21TCmUEM-0ibRWtjE66fGgr0MzpflTokI-QdqAwpLbiE9gqgH5wEO8G3GtgSECi71H2O3gqsuB8YNIHorwHd7XHSQeQTVO2SgmakPlROi-7FtRd7NjbUw5yMPXcx8NdBgu9VuKI_q4lUUKmaSHPIA0sAr6WvOPIANydXT91wz4tyE5UVD96AyQol6hmke28SLel721VNSHKyacoG_NzEvk-FNhO699fq-vjQj9jahF0VbpbVf3IP3vh3KHzoecshkPCvAnwQsD1kDpCeuVO0bjAFNEvf56Dx--WtUjjuOh6eCwg1Ah_JCEitgdEz36WHV3PBUv-XX_wAk777Gx6HflwM2CzUAGsKGUTcB-E6gDHu-XvPXf-wIlW_GiKzuySb5IJySWWwaM8AFsC8Pe78nXMR-_YZCpxfpIhAMpiMVvTXE9pyDrbs7oKMm5R6t-zzR2_sq9c7EKFKAqVkHNVjYWYnyK5Bpj0XczK8ajhoxImLwgr9RH4RL6adKLRuXeImlYkUqhHMcB-LP8OHmOhuj2lxDPhMA-8URmeBjYvb3zI2yZoOa7QZKYGCzlS8ov0r12CxQqJnFAvXSnBTqy7pDSDP4w1mMThSdoMXUg_htY7a20UcuvPjDY1KHIUL1W8TuavFCu9mf7_JUmol7pPwM7BlQ055yQDnT1UKYP7jp2d4C8FDThaOHg8RiO78g0kUrWUiikuNd8P5pN-9o8CvM_6WO5j6X3xibe-BMWh-GxDedHjyretfYMyLBWRmv_V7bAqx9qD2MDmngHpX_fn6vVfOxEuPsTxJ99_roMXFuIT_i9RnceGlUIBBJPAMgJpo072az4MiHKcN1hBhhCQ1F5DoctLsUNJ6E1ZK2OBHIqi9NWvzXl7bWmBCJ3q3wrThLwZu4Jc6XnJVZcRUc3xqYeOFleiCi-J8OV_hgBYAE&bundleId=&ias_dspID=3&ias_campId=1012200182&ias_pubId=pub-2737572314184878&ias_chanId=1&ias_placementId=20118616986&bidurl=https://x.gd/view/unsafe/uKjYZ&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0i3d6y5PcKCjO_T8dNcWhSf
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.14.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-14-41.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
64c0ff2f925e91076418a0311a8cd0ecd1e1bae9f3111bad3ae02cb7140486e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 18:02:01 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 5D15 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 12:41:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
19242
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Dec 2023 12:41:19 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 5D15 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 23:16:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
67503
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 23:16:58 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 5D15 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 18:02:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Nov 2023 18:02:01 GMT
css
fonts.googleapis.com/ Frame D7A9 		462 B
336 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E9%96%89%E3%81%98%E3%82%8B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d68792895f86c25ba4927823a2bbc062460c49c85d30003fd4795c26becdc51b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 29 Nov 2023 18:02:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 29 Nov 2023 18:02:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 29 Nov 2023 18:02:01 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame D7A9 		2 KB
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:51:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
7832
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Dec 2023 15:51:29 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame D7A9 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 07:50:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
36673
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9282
x-xss-protection
0
server
cafe
etag
14645652906762492339
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Dec 2023 07:50:48 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame D7A9 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 12:41:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
19242
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Dec 2023 12:41:19 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame D7A9 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 23:16:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
67503
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 23:16:58 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame D7A9 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 18:02:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Nov 2023 18:02:01 GMT
a6de5423b7c632060e8f86136bd5d27a.js
www.gstatic.com/mysidia/ Frame D7A9 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 10:09:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
114766
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15478
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 14:10:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 26 Feb 2024 10:09:15 GMT
rum
dsum-sec.casalemedia.com/ Frame 0487
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHt0842gxqep3h1mOmyj-ks&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHt0842gxqep3h1mOmyj-ks&google_cver=1&C=1
43 B
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHt0842gxqep3h1mOmyj-ks&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjMrI38ATAB&v=APEucNUQ2B7yPLsVKyljFpSNcbFRnjSvbMh405uBv0CFc8KQvFj2GPtmsCW3xQITTSWFFRFyhg37o_8y-IqQ5rUujr5sMivpY2cSyDWci0s0xXGhPRI-lmbbxuNmG4JBgSVZNaCY8aK-qwkIDXWxVmDAKwnA_r1HmMf8QjGxuIwDtesaiFMVVbg
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 18:02:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SxKRADIeyJBt5KJ5eKeb5sansoVcY3vyKbiYiVaO1BosIOJS9Vb%2Bt5fNpZOLnm3J8%2FtcK75ojV1NwprWlv%2BIBZq7FsWeaqTg3SY8USycfIaZmWfyXysfEbmgpJGV7V3KiCast8tzXkeO6w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82dcc25e4dbf1c1e-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 29 Nov 2023 18:02:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S1AmKObn7kqvAwYtZ1yw74zqiTh2xhCI2mNjAbBQjhuYKTANtLF8npUayKfRM5mJzSOWMoEzNIDjEA7NE1dzWk5H7DgVGS06NZDHeLfd0msaTMSsnzZNhMoP2l5QFq3nesx1tWC5%2BHGuqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEHt0842gxqep3h1mOmyj-ks&google_cver=1&C=1
cache-control
no-cache
cf-ray
82dcc25e1d731c1e-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 0487
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWd8mf7HjmhBkNhuO1fuGgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHt0842gxqep3h1mOmyj-ks&google_cver=1
43 B
770 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHt0842gxqep3h1mOmyj-ks&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjMrI38ATAB&v=APEucNUQ2B7yPLsVKyljFpSNcbFRnjSvbMh405uBv0CFc8KQvFj2GPtmsCW3xQITTSWFFRFyhg37o_8y-IqQ5rUujr5sMivpY2cSyDWci0s0xXGhPRI-lmbbxuNmG4JBgSVZNaCY8aK-qwkIDXWxVmDAKwnA_r1HmMf8QjGxuIwDtesaiFMVVbg
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 18:02:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AGNyw0CkOfaQJnPHkz32GaVTtThV7QqHgmu%2F5%2FTgh7leBM7IJ4j37xkSld7%2BfduAIjuTrPnM9zGEYb%2F1Li4ikMt8LBdza4eXkt6U62lAtIlqiFIdwDbs84j8TD%2FXcyQbSFbIJBVkGhhbOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82dcc25edc2471b5-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 29 Nov 2023 18:02:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHt0842gxqep3h1mOmyj-ks&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame 0487
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEHi_Pm9Nl5V4kghcvfs_Ufs&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHi_Pm9Nl5V4kghcvfs_Ufs%26google_cver%3D1
43 B
892 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHi_Pm9Nl5V4kghcvfs_Ufs%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjMrI38ATAB&v=APEucNUQ2B7yPLsVKyljFpSNcbFRnjSvbMh405uBv0CFc8KQvFj2GPtmsCW3xQITTSWFFRFyhg37o_8y-IqQ5rUujr5sMivpY2cSyDWci0s0xXGhPRI-lmbbxuNmG4JBgSVZNaCY8aK-qwkIDXWxVmDAKwnA_r1HmMf8QjGxuIwDtesaiFMVVbg
Protocol
H2
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 18:02:01 GMT
an-x-request-uuid
cfc1eef6-af14-4562-afb8-ecd6e7753d67
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.10.198; 80.255.10.198; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 29 Nov 2023 18:02:01 GMT
an-x-request-uuid
5454a886-8546-4a4a-9567-3b933a08d8af
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHi_Pm9Nl5V4kghcvfs_Ufs%26google_cver%3D1
cache-control
no-store, no-cache, private
x-proxy-origin
80.255.10.198; 80.255.10.198; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0487
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTI3NTc0NjUxNzY4MjU3OTU1OA%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTI3NTc0NjUxNzY4MjU3OTU1OA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQupmXARjMrI38ATAB&v=APEucNUQ2B7yPLsVKyljFpSNcbFRnjSvbMh405uBv0CFc8KQvFj2GPtmsCW3xQITTSWFFRFyhg37o_8y-IqQ5rUujr5sMivpY2cSyDWci0s0xXGhPRI-lmbbxuNmG4JBgSVZNaCY8aK-qwkIDXWxVmDAKwnA_r1HmMf8QjGxuIwDtesaiFMVVbg
Protocol
H2
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 18:02:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 29 Nov 2023 18:02:01 GMT
an-x-request-uuid
09ddf60c-64f5-4110-ada1-e0f6144fb3ff
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTI3NTc0NjUxNzY4MjU3OTU1OA%3D%3D
x-proxy-origin
80.255.10.198; 80.255.10.198; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5D15 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1475734172182&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 18:02:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5D15 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1475734172182&version=m202309260101&ct=76&x=1&cor=14992701802692067000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 18:02:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 5D15 		16 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BieIuoEgUQUIM7ijTtm3ke_eeNbSztsmneglFwajWoS3TKXSPI-XKpir9UbneSQofhwcOZzTGzhb3WyvmewJSTrNQh7-z_IYXgxpbtdxDn0OaRBf-v00Ssx__nWaIsxZgncfIrKI0J4cr68nemtij3BWBLcuY3h87j1QRljxVYeCm1SvI&cry=1&dbm_d=AKAmf-BCg7CeHalvKp9vHJX4eAdMn1AAsJ8glHSbmNRifaTjJZDoKWCbNOS1aQRvzxWqlZ7MznsDPsx-CAKs8CCaQbH7_fBLAbDmGqRtKx7u55MG4LdkBX0zPeXPQ2XBO7Z0zIhtJsSZiT8RC8sA7Ox5vadtFVSpuh-kOFeUDrR2vg3SJ5qC5k6B_3BbjiJExi2VY_nas79AplvZ-pl3hUtOLIzegs3p_AETzwApQSe6lxdnrRnlKTipPMf6J7CdCD6nW5TfKxkDS2V-bJdVljuWgLFKqwXjiNce9zKBlMJVB30oclj3jSSg1paXKibT3Vy1JpyhqB6wv9OKLoVZsY_e5PW1E2hgLHOKnGGd2E7j6lwCnUd0JuHNSbbaARNYD-SpnqYmSNwcy6Hq3PCNCtlPKaIAhScsaMvud97jEDL4PV58HWCyt7u-s48enoJVn0yZrS5hMmilBgYZmyGFxhRbve8Qj67Ve5PJNk-iAss7Aw2LpymFeV9e-yC9CYqoDbfDWa82JZsLK4eM0o8WumzHVQe9h235suPsPa--lptRzuw5TJtkDGhEg80GPPnNeAUUV47C_XNXUrxhceIiwRrkhdTm7onHLWQMHxmzCtBqtbby3zdW-i-xKdterLbDqXcGNIQxS1SJfHZGweKBCX5Zku-ErBK3pKx7x06vf9bxHhWIpSfM8rwpQNyu1FghqDP7dmMBufOsvcW5H0YkbltEmkU24lVQK5JJ9p6H_op4g77dgChrFYLK7cCruib8NREW5cnzCLUrA-bv3y4zJVYc-btLPBKno5ekBfnfO6kCJte8Bby7qDUfb4tA320w4l4lEznGMHgGIUHaOKhqy2ZZcManqbwiuyTcGXd_SDgJG0VXofYLi5dFMVO48rEC8JhyFpGyUAyOC8Oh3qDykwRFm_zqxOe3322KJmTS495mzg7LI2QvFGvX19dypPsZ7fsYsOwchHmukaYfYkLpCwuIEg8ogeLQ43MIppBk3CA5WegGRMIv1ofQYuHZGeFZtr-gGtlukQQFbpoYXTE1pOJpZcminNo3OeBmWby13PJ6xDDpAmvME_RoVQWIhNz5ga1gxLEEfA3TDAaKst3_s-dBwWFR-uyPC2Aq680KA2h4tb1P67ubMbzxo7TKATdWI8r-3ggQbidtUVJMR7HsyHpCzF1eQNcS0DpyYemLqD4nSO-6N5Iqs0HBI6qDsxfqZJ0pdMcGsQHtEyLEMNi8lpnKeJk_G55vAZHXfCviMjOcU9nfqHXOzR3pCR2wXak8DYGXjB_P5INoQ2zeRkfPqXgwaanVTFglhx0uU4jxFstb-9ew24udj9yn8_-NnG5YifnOTh-1IgeJrJvKeAfy_-gosQ2KwgczDr9wy0hiN8RcTRReN4HQ3KH2Je-LNOUandQl7BdF1SE0u1RwwmosrjmrEYAv8xu5NjZYvY-roC_HS5KXrK4AIisZakTnzxhLFFn0zZPpMYHp7IxOCIBGutrD4wEqWJhoaNxOtH8fzM9A_FEBSJ8B7MTTa1X3pBIxYI4ExWT1qm77e9KAYRDKEzvunrsdC3cx5gKkdarGWSmla7wiwWeZ-bKzxlsG9O5KCBa6EQqFUJ1kzIoqrjiK9Ve7P2Wibato2_4JT56C-Jot-90jFm_qn5IF3v_Fl66Ejkb1yMuStT_GHePrwK1RTq8JGIaZz10SHqAs35SXjOPD41Cc_3OshvbSLAt2miT0jH4G3-gkNsFbQl53GtOwvbvjbYX82cu5uLWwl_6xcfPQCrR8BLLfCIY8OATtjy9kJhL_GwgjJeCfA7uQ_SrNwgWsbr5Na1RKTL6iV_U7jcfskdYHxaPZdBvPh6qOmibqAy58vb_EilKF1aWQCdDZkSGVLyyCwaskhkk_X_pan4Bf7Vt-rcV0cABj0cElkzBVBQKDtaQbcS7yWNlRF4sk5vjv5MBNq2W1x4FtxuNKjcdvVXopo353V9skXLyAYDdSzLIdkJ47gEOe-DIPPhx1O2sukXKgajg-ytBSkNDx2PGTjSM8F1eXrbN8HVKpGNh_o-w2pWgwEKuJu4PlEAzvvwlheuH0mRylw6HE-QavH5n6l2wX8HGCYABv91CwK-564Ya7xq9zw5lhieCQg8vFuLSkkN7nRuq1wze3aZLeHKCPDzbxm74gQku2oGaLRePg7THoNBBYwHak3VUpZdL8pBGnkqS4LLB7fMLN_U2N_D97VoaM3ooiFMcWJIIyU4kZOnueXxXn4dtNKTMWvrWnnXkoB1hzOWBNce1us4BySs7UGklmkgjgN8dOD_mm8JmvQclXat59zxeUvwXLeVWMuNXuszxt47E1tAcevchPrEdCpydPTRHC7AhIsbMoF20REhpgfGqcV-jm8H5ssMLKdevx19Ieb00HS_gyf9_VAlKcmMijDU5MDwxWPZXwjVjBDrUT1lEERaWfBdjo-YSHiPvr9Z2Gk3fQaOEhmvnuczG7XedGIRfkCMCUnI2AotHqYSV0WkyWJkVnZ2Pfs_hmGguaOHdRd06ToH30re3xJHRbeUirIal0lI1lkGq_uUXZwevM_0tnC7vNt8LVGqr8pKxS1XTgWi2Vi7GmwBDC8ZaELQVi12aYens-qVWD1mxN_JRjRFd_nFDV9aP1QL4Vi2MUAjd-F7L1JHp-c33JZnrerBMYGoW_KDlr2xKeHNL_ZQeM4c2HOYoAff7ewcmyABpdtqfx4RsgOKRKFXmK7HvIHteCdwyKDiTi51neAKtnZpalryJZqlOb699Yri9BodbUyyBusDl2YPmEHVkjfpN6tFY9TU1SQmL1gBEic-q7UF0xtdFxKnJARB5g1ZgSs03FJvuijqk38G7LlM1YzTi3DnB6UBQz6V2D5LAmN6E0Fc4yYBsTwcblVknaPjk3d1lq7QAyWnYy9zeJJgWawotoz7W4ZloObKGJObsFvw2dPHvpwD0SIed0&cid=CAQSTwDICaaNO9ms-DIhynDdYQYYQkNReQ6HLS7FDSehNWStjgRyKovTVr815e21pgQid6t8K04S8GbuCXOl5yVWXEVHN8amHjhZXogovifDlf4YAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fx.gd%2F&ds=l&xdt=1&iif=1&cor=14992701802692067000&adk=532903677&idt=61&cac=0&dtd=6
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05fa2934bb8c4048d332c09b7fa8a5e1a21e7513f3244edbc857013d41792212
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 18:02:01 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js
pagead2.googlesyndication.com/bg/ Frame 6A55 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js
Requested by
Host: x.gd
URL: https://x.gd/view/unsafe/uKjYZ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea1ece673616b82840316d3236fc1a02a37f6eb1fcf653812c7117a3c11b315a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 23:16:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
499544
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15097
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Nov 2024 23:16:17 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 5D15 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BieIuoEgUQUIM7ijTtm3ke_eeNbSztsmneglFwajWoS3TKXSPI-XKpir9UbneSQofhwcOZzTGzhb3WyvmewJSTrNQh7-z_IYXgxpbtdxDn0OaRBf-v00Ssx__nWaIsxZgncfIrKI0J4cr68nemtij3BWBLcuY3h87j1QRljxVYeCm1SvI&cry=1&dbm_d=AKAmf-BCg7CeHalvKp9vHJX4eAdMn1AAsJ8glHSbmNRifaTjJZDoKWCbNOS1aQRvzxWqlZ7MznsDPsx-CAKs8CCaQbH7_fBLAbDmGqRtKx7u55MG4LdkBX0zPeXPQ2XBO7Z0zIhtJsSZiT8RC8sA7Ox5vadtFVSpuh-kOFeUDrR2vg3SJ5qC5k6B_3BbjiJExi2VY_nas79AplvZ-pl3hUtOLIzegs3p_AETzwApQSe6lxdnrRnlKTipPMf6J7CdCD6nW5TfKxkDS2V-bJdVljuWgLFKqwXjiNce9zKBlMJVB30oclj3jSSg1paXKibT3Vy1JpyhqB6wv9OKLoVZsY_e5PW1E2hgLHOKnGGd2E7j6lwCnUd0JuHNSbbaARNYD-SpnqYmSNwcy6Hq3PCNCtlPKaIAhScsaMvud97jEDL4PV58HWCyt7u-s48enoJVn0yZrS5hMmilBgYZmyGFxhRbve8Qj67Ve5PJNk-iAss7Aw2LpymFeV9e-yC9CYqoDbfDWa82JZsLK4eM0o8WumzHVQe9h235suPsPa--lptRzuw5TJtkDGhEg80GPPnNeAUUV47C_XNXUrxhceIiwRrkhdTm7onHLWQMHxmzCtBqtbby3zdW-i-xKdterLbDqXcGNIQxS1SJfHZGweKBCX5Zku-ErBK3pKx7x06vf9bxHhWIpSfM8rwpQNyu1FghqDP7dmMBufOsvcW5H0YkbltEmkU24lVQK5JJ9p6H_op4g77dgChrFYLK7cCruib8NREW5cnzCLUrA-bv3y4zJVYc-btLPBKno5ekBfnfO6kCJte8Bby7qDUfb4tA320w4l4lEznGMHgGIUHaOKhqy2ZZcManqbwiuyTcGXd_SDgJG0VXofYLi5dFMVO48rEC8JhyFpGyUAyOC8Oh3qDykwRFm_zqxOe3322KJmTS495mzg7LI2QvFGvX19dypPsZ7fsYsOwchHmukaYfYkLpCwuIEg8ogeLQ43MIppBk3CA5WegGRMIv1ofQYuHZGeFZtr-gGtlukQQFbpoYXTE1pOJpZcminNo3OeBmWby13PJ6xDDpAmvME_RoVQWIhNz5ga1gxLEEfA3TDAaKst3_s-dBwWFR-uyPC2Aq680KA2h4tb1P67ubMbzxo7TKATdWI8r-3ggQbidtUVJMR7HsyHpCzF1eQNcS0DpyYemLqD4nSO-6N5Iqs0HBI6qDsxfqZJ0pdMcGsQHtEyLEMNi8lpnKeJk_G55vAZHXfCviMjOcU9nfqHXOzR3pCR2wXak8DYGXjB_P5INoQ2zeRkfPqXgwaanVTFglhx0uU4jxFstb-9ew24udj9yn8_-NnG5YifnOTh-1IgeJrJvKeAfy_-gosQ2KwgczDr9wy0hiN8RcTRReN4HQ3KH2Je-LNOUandQl7BdF1SE0u1RwwmosrjmrEYAv8xu5NjZYvY-roC_HS5KXrK4AIisZakTnzxhLFFn0zZPpMYHp7IxOCIBGutrD4wEqWJhoaNxOtH8fzM9A_FEBSJ8B7MTTa1X3pBIxYI4ExWT1qm77e9KAYRDKEzvunrsdC3cx5gKkdarGWSmla7wiwWeZ-bKzxlsG9O5KCBa6EQqFUJ1kzIoqrjiK9Ve7P2Wibato2_4JT56C-Jot-90jFm_qn5IF3v_Fl66Ejkb1yMuStT_GHePrwK1RTq8JGIaZz10SHqAs35SXjOPD41Cc_3OshvbSLAt2miT0jH4G3-gkNsFbQl53GtOwvbvjbYX82cu5uLWwl_6xcfPQCrR8BLLfCIY8OATtjy9kJhL_GwgjJeCfA7uQ_SrNwgWsbr5Na1RKTL6iV_U7jcfskdYHxaPZdBvPh6qOmibqAy58vb_EilKF1aWQCdDZkSGVLyyCwaskhkk_X_pan4Bf7Vt-rcV0cABj0cElkzBVBQKDtaQbcS7yWNlRF4sk5vjv5MBNq2W1x4FtxuNKjcdvVXopo353V9skXLyAYDdSzLIdkJ47gEOe-DIPPhx1O2sukXKgajg-ytBSkNDx2PGTjSM8F1eXrbN8HVKpGNh_o-w2pWgwEKuJu4PlEAzvvwlheuH0mRylw6HE-QavH5n6l2wX8HGCYABv91CwK-564Ya7xq9zw5lhieCQg8vFuLSkkN7nRuq1wze3aZLeHKCPDzbxm74gQku2oGaLRePg7THoNBBYwHak3VUpZdL8pBGnkqS4LLB7fMLN_U2N_D97VoaM3ooiFMcWJIIyU4kZOnueXxXn4dtNKTMWvrWnnXkoB1hzOWBNce1us4BySs7UGklmkgjgN8dOD_mm8JmvQclXat59zxeUvwXLeVWMuNXuszxt47E1tAcevchPrEdCpydPTRHC7AhIsbMoF20REhpgfGqcV-jm8H5ssMLKdevx19Ieb00HS_gyf9_VAlKcmMijDU5MDwxWPZXwjVjBDrUT1lEERaWfBdjo-YSHiPvr9Z2Gk3fQaOEhmvnuczG7XedGIRfkCMCUnI2AotHqYSV0WkyWJkVnZ2Pfs_hmGguaOHdRd06ToH30re3xJHRbeUirIal0lI1lkGq_uUXZwevM_0tnC7vNt8LVGqr8pKxS1XTgWi2Vi7GmwBDC8ZaELQVi12aYens-qVWD1mxN_JRjRFd_nFDV9aP1QL4Vi2MUAjd-F7L1JHp-c33JZnrerBMYGoW_KDlr2xKeHNL_ZQeM4c2HOYoAff7ewcmyABpdtqfx4RsgOKRKFXmK7HvIHteCdwyKDiTi51neAKtnZpalryJZqlOb699Yri9BodbUyyBusDl2YPmEHVkjfpN6tFY9TU1SQmL1gBEic-q7UF0xtdFxKnJARB5g1ZgSs03FJvuijqk38G7LlM1YzTi3DnB6UBQz6V2D5LAmN6E0Fc4yYBsTwcblVknaPjk3d1lq7QAyWnYy9zeJJgWawotoz7W4ZloObKGJObsFvw2dPHvpwD0SIed0&cid=CAQSTwDICaaNO9ms-DIhynDdYQYYQkNReQ6HLS7FDSehNWStjgRyKovTVr815e21pgQid6t8K04S8GbuCXOl5yVWXEVHN8amHjhZXogovifDlf4YAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fx.gd%2F&ds=l&xdt=1&iif=1&cor=14992701802692067000&adk=532903677&idt=61&cac=0&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 18:05:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
431813
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Nov 2024 18:05:08 GMT
adj
bid.g.doubleclick.net/xbbe/creative/ Frame 5D15
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/bgd/1474271/76103299/xbbe/creative/adj?p=APEucNWXGRCsI5qLZ9x1t9Q0wdOybhwwla5aY2SkcSu9uJeH22qP_aU&d=CokBAKAmf-DDwIrvsJ_WBixFBRnSJ3THDo6WqU2AGBONies1e-b8p1oqZ_6f7GM...
  • https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWXGRCsI5qLZ9x1t9Q0wdOybhwwla5aY2SkcSu9uJeH22qP_aU&d=CokBAKAmf-DDwIrvsJ_WBixFBRnSJ3THDo6WqU2AGBONies1e-b8p1oqZ_6f7GMNk_xl8zgInloeOZyt3y4vPMvta...
73 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWXGRCsI5qLZ9x1t9Q0wdOybhwwla5aY2SkcSu9uJeH22qP_aU&d=CokBAKAmf-DDwIrvsJ_WBixFBRnSJ3THDo6WqU2AGBONies1e-b8p1oqZ_6f7GMNk_xl8zgInloeOZyt3y4vPMvtaTUAsx8VNnWEoS1yg3zdA8NofVHoeoqIBxs1MF66460B4SOMTXUSTFsEMqgG1j0IJQ80_QuzVIDLwgxSahgBNsssnYihziDnQ38SyRUAoCZ_4GSpQ4m-hvMaAZakG8oF-Rab1wk9E-1kE40-Is9K1HYwmAPfKpQGr0ycj1GBsxqAc-WcU7ualDV_yci5repejFkBeE_fcVb3RckBk_neuugC2e0UCqoTeBsepPRL4tnEZi4Eu8XPnfr42-0oeb_r0VqKXQSLGwjx4_czIOrqyXBgtKf0haSjfkRzZY_8vObvwVe-gxPNNcs1sKngAd-uwzqDdXmGZzv7h7W1g1XaQwaFA_s4EtEOZDSohV6g_z1_XkEaD0H86nmhXdXvslvmy3ZXIeeknMzx1Say9w5F5MSpOQK1dAMmlNPZ_-xKWb6IJq_c5XNB5Dju-yYTMjY-hSPOl_ub0HzYW7iHtQt91cIl_vAKHoM_5ZfQWm16vwXeK8a6SuM3tjvRNsa6ixUxY95kXDn6PJ3ZSN8AFT3pZJtmY4Es8deGAiRgjpNZBohsSPkUnar3jD5X2lLhH6dsm9a7moqi15xSvDHfXnTPMD9w4k7WVbo1Ypyk8rwcuQ676ID-45TeQF51YLcHexQr2y-Yj4lzv0OdjWVcgDUkGQek1NhpoReggDVu5tJF2LJdOMjJVymt6_PQInw2dkO3WPp3ETwJowViKDIGXSJ5yujgIQb2W2-zsHo-oTdGB1A_KcPZ9cERPiRawfOLV0gW9FxwukCEOtLKlf5xZImY-yZC8nyUfZ2nIf9VEuFAaRogYKP6i_Wem515ZVJfNVmw91Gz7OfNaks6IOLZCVu11_zcpUnPidxlI6Paovm94nSUEJlcRduMh3JOVDZx64L-P5pnQBQxZlmwSslZuRT1xhGCCeJPoGIxS6alZWb1niDYdt9cXIy3pcAZyYE_Yp0Kve3rL7PU7AUHWS0kTftHC9ChTdVFqLOvOM9QxT1sWI2SCkBR9pYsjp0kOBle4RaCTiaqIqv5RQb0NDVrbdaB0mCGL8w5aL0arwgJng2jofv9W7YMIEGPR7y2YDM8a4ny2wbEV2XPC9offlNHlMY6vg3jkp7bdWwkd_VusMhZdVJxpbbpBj8e9PDTtFnfD4XRgPSUOYOGqWlebeXRIEwtqHPa1u9YWcfwD_6LTs587fXusTJzCBtq4La3OK3Co32sfCIKXhecYZOxfEoi-SGMJthV7pKGz8UPAoKD8vewZdflh3K-nQH7itl4IMk_lQsJu7Ojq-CR96WGGAQr1_q9dBmoaxLg42qiNY5XO_HPXhGpUhYxuhD3l0p_qALZB-bvkRgQGtoiTHJrZNrzyK_hOm-QT0SIW2KdxLtCOslTVZ1ErvNzF-d32k20xJ6aJUyo9MfuT5nXLDYnmTYy9sY9DkyAhNUD4wq7cG-uXMBYM_b00Nt2upIpeisQwMax4JgFxqTp9JIjtUZ8aD7fQsHNjbsluz18w0DhbMf1NQ7WcwcOPPfMWDxVvowf9o4SujrQITI9mYeI8X9VDg7IDUHb9y4ixwJtgzRV6U0o-6vo5jw7IG_5DUSgWwbW-pYFz83hVsY90GUjTfGSSqytQhIOYvp5e_cjiyXLYH4yboPUb4kfLmAYf5XyJXxk8f4M0no7Ox7rgiptPhu8cu7yS3UHiunwW2wx9SIEzYcJP9TfYpOBmmn5dVRMwOYgg-y6kv7xEG6OAfQ2V5iA3EJ8hiJq-YB-d4SpAbUwfuEa36oF0gwzQ7jYD10_EDGKRaNxSXiwnaN8r_kM6z74aS7e0av7ZlWLCp3eUQcia0qhowMIwaoMOB3a2mF5nbtRlOx9i2iqm-vWnAmWQV5ujiWZ_Eav2QUnsT83VfSeanjXpUQkLJhTtxGY7nNAFbewottqnhWDngXbVV6nj2oe0AabMmiBIM6zeh7_JbtCGsMArmKjH5_fM5p53TOPL9AhJZ_Sb86a1IHekRu_xPohV5uftPGLd-dXkhRBLhFCSMDYSAw2KishnPIuJT8l2RLdJzPR-prg2h9Y8fBTPOu4sNosjgvVYcGjgrhA13ag9u0mdZqAP8Dp161Zf4zr1nJmYO8RoNuGjAyW6tPgXOerfErYjYdflIRukolPoXi5GI921o28mlMUo4Vi5XbPanV3CpWAwhmYOz_1yXxriZh0VPM49G5aQYioooRSIKdAkppas-XpVTmqTIS0ItXaGspmYMNDBWAQGJPYMqf855SvS8Xsrx3EUfXi_wF3nrxM08mcoT5DP3jU0I2MJTWDy8s34IbOORxGB12CtS5HNIuPeVeO7ugfSIBHWaAYF5T3F5dclYQj3D4lkySOv_0T_RbnQGexuPgSzDLAcyGCKG6w_hXKP39ng0ot70hN6EOTncrbRqC--fjDPFGPzkG86m4JeLW5vqqAETIrOSRAIHC9p_27KGMApazfQsp0PBzq3Z6-gi6upjEZ68ybGUxsypN8pZtKK9ZSusKS0J3i_VijPo0OgIu6ArAXXNy9PQiaOjjgvG6Wp4VRXvxwurzhJN9VJd1XaAUSDG9A6g4WnsGeJRUF08N1YupKvXdF7Bhsa3_IBr4mPw6onJy4qXNXGTiJt72yIythR03IVQ9CO121D8D8KEoAn9Na71uipx8Ty5DKJ7Xk-XWb89HLUz30Ym_Cyk8Tcn3lEKMrYYglIiqw29lwgN8le_vjY7ZwTVvMhRcihWyD4xVCrxOWRDZIo3Nr5kx05UQxA62DcOOBp-14OVaF8ipwa3WrpGKnF8zgczdLZqpCV-Y-40E-2bpemMTUaOfapwVh33De-PnE3ktCdwe8eTS3bHVBX5CXmJci7zAnr4JwieIraZly4FcNNA-eLD_h36G5xM5fjohaIilKEt3X0M7-65y7x1AQtKxbIs_8aPm-gpGdf1BBSTwTbKwjrmsIG9wWVHQ7mGk3bHPAt_OD4V8XYH21TCmUEM-0ibRWtjE66fGgr0MzpflTokI-QdqAwpLbiE9gqgH5wEO8G3GtgSECi71H2O3gqsuB8YNIHorwHd7XHSQeQTVO2SgmakPlROi-7FtRd7NjbUw5yMPXcx8NdBgu9VuKI_q4lUUKmaSHPIA0sAr6WvOPIANydXT91wz4tyE5UVD96AyQol6hmke28SLel721VNSHKyacoG_NzEvk-FNhO699fq-vjQj9jahF0VbpbVf3IP3vh3KHzoecshkPCvAnwQsD1kDpCeuVO0bjAFNEvf56Dx--WtUjjuOh6eCwg1Ah_JCEitgdEz36WHV3PBUv-XX_wAk777Gx6HflwM2CzUAGsKGUTcB-E6gDHu-XvPXf-wIlW_GiKzuySb5IJySWWwaM8AFsC8Pe78nXMR-_YZCpxfpIhAMpiMVvTXE9pyDrbs7oKMm5R6t-zzR2_sq9c7EKFKAqVkHNVjYWYnyK5Bpj0XczK8ajhoxImLwgr9RH4RL6adKLRuXeImlYkUqhHMcB-LP8OHmOhuj2lxDPhMA-8URmeBjYvb3zI2yZoOa7QZKYGCzlS8ov0r12CxQqJnFAvXSnBTqy7pDSDP4w1mMThSdoMXUg_htY7a20UcuvPjDY1KHIUL1W8TuavFCu9mf7_JUmol7pPwM7BlQ055yQDnT1UKYP7jp2d4C8FDThaOHg8RiO78g0kUrWUiikuNd8P5pN-9o8CvM_6WO5j6X3xibe-BMWh-GxDedHjyretfYMyLBWRmv_V7bAqx9qD2MDmngHpX_fn6vVfOxEuPsTxJ99_roMXFuIT_i9RnceGlUIBBJPAMgJpo072az4MiHKcN1hBhhCQ1F5DoctLsUNJ6E1ZK2OBHIqi9NWvzXl7bWmBCJ3q3wrThLwZu4Jc6XnJVZcRUc3xqYeOFleiCi-J8OV_hgBYAE&bundleId=&ias_xappb=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Server
74.125.71.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wn-in-f157.1e100.net
Software
cafe /
Resource Hash
b66a8d33ecd3c65f9f3823f4a95896be1cb7e6321d9b146f483a16048fd74ec0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 18:02:01 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25848
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 29 Nov 2023 18:02:01 GMT
server
nginx
x-server-name
app08.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWXGRCsI5qLZ9x1t9Q0wdOybhwwla5aY2SkcSu9uJeH22qP_aU&d=CokBAKAmf-DDwIrvsJ_WBixFBRnSJ3THDo6WqU2AGBONies1e-b8p1oqZ_6f7GMNk_xl8zgInloeOZyt3y4vPMvtaTUAsx8VNnWEoS1yg3zdA8NofVHoeoqIBxs1MF66460B4SOMTXUSTFsEMqgG1j0IJQ80_QuzVIDLwgxSahgBNsssnYihziDnQ38SyRUAoCZ_4GSpQ4m-hvMaAZakG8oF-Rab1wk9E-1kE40-Is9K1HYwmAPfKpQGr0ycj1GBsxqAc-WcU7ualDV_yci5repejFkBeE_fcVb3RckBk_neuugC2e0UCqoTeBsepPRL4tnEZi4Eu8XPnfr42-0oeb_r0VqKXQSLGwjx4_czIOrqyXBgtKf0haSjfkRzZY_8vObvwVe-gxPNNcs1sKngAd-uwzqDdXmGZzv7h7W1g1XaQwaFA_s4EtEOZDSohV6g_z1_XkEaD0H86nmhXdXvslvmy3ZXIeeknMzx1Say9w5F5MSpOQK1dAMmlNPZ_-xKWb6IJq_c5XNB5Dju-yYTMjY-hSPOl_ub0HzYW7iHtQt91cIl_vAKHoM_5ZfQWm16vwXeK8a6SuM3tjvRNsa6ixUxY95kXDn6PJ3ZSN8AFT3pZJtmY4Es8deGAiRgjpNZBohsSPkUnar3jD5X2lLhH6dsm9a7moqi15xSvDHfXnTPMD9w4k7WVbo1Ypyk8rwcuQ676ID-45TeQF51YLcHexQr2y-Yj4lzv0OdjWVcgDUkGQek1NhpoReggDVu5tJF2LJdOMjJVymt6_PQInw2dkO3WPp3ETwJowViKDIGXSJ5yujgIQb2W2-zsHo-oTdGB1A_KcPZ9cERPiRawfOLV0gW9FxwukCEOtLKlf5xZImY-yZC8nyUfZ2nIf9VEuFAaRogYKP6i_Wem515ZVJfNVmw91Gz7OfNaks6IOLZCVu11_zcpUnPidxlI6Paovm94nSUEJlcRduMh3JOVDZx64L-P5pnQBQxZlmwSslZuRT1xhGCCeJPoGIxS6alZWb1niDYdt9cXIy3pcAZyYE_Yp0Kve3rL7PU7AUHWS0kTftHC9ChTdVFqLOvOM9QxT1sWI2SCkBR9pYsjp0kOBle4RaCTiaqIqv5RQb0NDVrbdaB0mCGL8w5aL0arwgJng2jofv9W7YMIEGPR7y2YDM8a4ny2wbEV2XPC9offlNHlMY6vg3jkp7bdWwkd_VusMhZdVJxpbbpBj8e9PDTtFnfD4XRgPSUOYOGqWlebeXRIEwtqHPa1u9YWcfwD_6LTs587fXusTJzCBtq4La3OK3Co32sfCIKXhecYZOxfEoi-SGMJthV7pKGz8UPAoKD8vewZdflh3K-nQH7itl4IMk_lQsJu7Ojq-CR96WGGAQr1_q9dBmoaxLg42qiNY5XO_HPXhGpUhYxuhD3l0p_qALZB-bvkRgQGtoiTHJrZNrzyK_hOm-QT0SIW2KdxLtCOslTVZ1ErvNzF-d32k20xJ6aJUyo9MfuT5nXLDYnmTYy9sY9DkyAhNUD4wq7cG-uXMBYM_b00Nt2upIpeisQwMax4JgFxqTp9JIjtUZ8aD7fQsHNjbsluz18w0DhbMf1NQ7WcwcOPPfMWDxVvowf9o4SujrQITI9mYeI8X9VDg7IDUHb9y4ixwJtgzRV6U0o-6vo5jw7IG_5DUSgWwbW-pYFz83hVsY90GUjTfGSSqytQhIOYvp5e_cjiyXLYH4yboPUb4kfLmAYf5XyJXxk8f4M0no7Ox7rgiptPhu8cu7yS3UHiunwW2wx9SIEzYcJP9TfYpOBmmn5dVRMwOYgg-y6kv7xEG6OAfQ2V5iA3EJ8hiJq-YB-d4SpAbUwfuEa36oF0gwzQ7jYD10_EDGKRaNxSXiwnaN8r_kM6z74aS7e0av7ZlWLCp3eUQcia0qhowMIwaoMOB3a2mF5nbtRlOx9i2iqm-vWnAmWQV5ujiWZ_Eav2QUnsT83VfSeanjXpUQkLJhTtxGY7nNAFbewottqnhWDngXbVV6nj2oe0AabMmiBIM6zeh7_JbtCGsMArmKjH5_fM5p53TOPL9AhJZ_Sb86a1IHekRu_xPohV5uftPGLd-dXkhRBLhFCSMDYSAw2KishnPIuJT8l2RLdJzPR-prg2h9Y8fBTPOu4sNosjgvVYcGjgrhA13ag9u0mdZqAP8Dp161Zf4zr1nJmYO8RoNuGjAyW6tPgXOerfErYjYdflIRukolPoXi5GI921o28mlMUo4Vi5XbPanV3CpWAwhmYOz_1yXxriZh0VPM49G5aQYioooRSIKdAkppas-XpVTmqTIS0ItXaGspmYMNDBWAQGJPYMqf855SvS8Xsrx3EUfXi_wF3nrxM08mcoT5DP3jU0I2MJTWDy8s34IbOORxGB12CtS5HNIuPeVeO7ugfSIBHWaAYF5T3F5dclYQj3D4lkySOv_0T_RbnQGexuPgSzDLAcyGCKG6w_hXKP39ng0ot70hN6EOTncrbRqC--fjDPFGPzkG86m4JeLW5vqqAETIrOSRAIHC9p_27KGMApazfQsp0PBzq3Z6-gi6upjEZ68ybGUxsypN8pZtKK9ZSusKS0J3i_VijPo0OgIu6ArAXXNy9PQiaOjjgvG6Wp4VRXvxwurzhJN9VJd1XaAUSDG9A6g4WnsGeJRUF08N1YupKvXdF7Bhsa3_IBr4mPw6onJy4qXNXGTiJt72yIythR03IVQ9CO121D8D8KEoAn9Na71uipx8Ty5DKJ7Xk-XWb89HLUz30Ym_Cyk8Tcn3lEKMrYYglIiqw29lwgN8le_vjY7ZwTVvMhRcihWyD4xVCrxOWRDZIo3Nr5kx05UQxA62DcOOBp-14OVaF8ipwa3WrpGKnF8zgczdLZqpCV-Y-40E-2bpemMTUaOfapwVh33De-PnE3ktCdwe8eTS3bHVBX5CXmJci7zAnr4JwieIraZly4FcNNA-eLD_h36G5xM5fjohaIilKEt3X0M7-65y7x1AQtKxbIs_8aPm-gpGdf1BBSTwTbKwjrmsIG9wWVHQ7mGk3bHPAt_OD4V8XYH21TCmUEM-0ibRWtjE66fGgr0MzpflTokI-QdqAwpLbiE9gqgH5wEO8G3GtgSECi71H2O3gqsuB8YNIHorwHd7XHSQeQTVO2SgmakPlROi-7FtRd7NjbUw5yMPXcx8NdBgu9VuKI_q4lUUKmaSHPIA0sAr6WvOPIANydXT91wz4tyE5UVD96AyQol6hmke28SLel721VNSHKyacoG_NzEvk-FNhO699fq-vjQj9jahF0VbpbVf3IP3vh3KHzoecshkPCvAnwQsD1kDpCeuVO0bjAFNEvf56Dx--WtUjjuOh6eCwg1Ah_JCEitgdEz36WHV3PBUv-XX_wAk777Gx6HflwM2CzUAGsKGUTcB-E6gDHu-XvPXf-wIlW_GiKzuySb5IJySWWwaM8AFsC8Pe78nXMR-_YZCpxfpIhAMpiMVvTXE9pyDrbs7oKMm5R6t-zzR2_sq9c7EKFKAqVkHNVjYWYnyK5Bpj0XczK8ajhoxImLwgr9RH4RL6adKLRuXeImlYkUqhHMcB-LP8OHmOhuj2lxDPhMA-8URmeBjYvb3zI2yZoOa7QZKYGCzlS8ov0r12CxQqJnFAvXSnBTqy7pDSDP4w1mMThSdoMXUg_htY7a20UcuvPjDY1KHIUL1W8TuavFCu9mf7_JUmol7pPwM7BlQ055yQDnT1UKYP7jp2d4C8FDThaOHg8RiO78g0kUrWUiikuNd8P5pN-9o8CvM_6WO5j6X3xibe-BMWh-GxDedHjyretfYMyLBWRmv_V7bAqx9qD2MDmngHpX_fn6vVfOxEuPsTxJ99_roMXFuIT_i9RnceGlUIBBJPAMgJpo072az4MiHKcN1hBhhCQ1F5DoctLsUNJ6E1ZK2OBHIqi9NWvzXl7bWmBCJ3q3wrThLwZu4Jc6XnJVZcRUc3xqYeOFleiCi-J8OV_hgBYAE&bundleId=&ias_xappb=
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 033D 		91 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26da:7200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 20:43:31 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
via
1.1 4a60bbb27ed6c12061c306cd2a16e4fc.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P4
age
10703911
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
93606
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
"1f3488247c90bb5de253d3d0cb3b7458"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
-tP88OotXkhUJufAsH6C8Ayk0RCbospr9M8m3b6yzXL5ukqzXXoFXA==
dt
dt.adsafeprotected.com/ Frame 5D15 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1474271&asId=dac34ad0-e5e6-3395-24b1-953ea814f23e&tv=%7Bc:vnU0oj,pingTime:-3,time:29,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:12%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:29,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:11,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B24~0%5D,as:%5B24~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tX1vmQK+11%7C12%7C13%7C1411%7C15*.1474271-76103299%7C151,idMap:15*,rmeas:1,rend:0,renddet:IMG.us,siq:12%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:75a0:bfc8:b85e:403 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 18:02:01 GMT
server
nginx
x-server-name
dt28.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 5D15 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1474271&asId=dac34ad0-e5e6-3395-24b1-953ea814f23e&tv=%7Bc:vnU0oj,pingTime:-6,time:29,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:29,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:11,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B24~0%5D,as:%5B24~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tX1vmQK+11%7C12%7C13%7C1411%7C15*.1474271-76103299%7C151,idMap:15*,rmeas:1,rend:0,renddet:IMG.us,siq:12%7D&tpiLookup=ao:x.gd*&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:75a0:bfc8:b85e:403 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 18:02:01 GMT
server
nginx
x-server-name
dt29.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 5D15 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1474271&asId=dac34ad0-e5e6-3395-24b1-953ea814f23e&tv=%7Bc:vnU0ol,pingTime:-2,time:31,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:213,beZ:214,mfA:216,cmA:217,inA:217,inZ:219,prA:220,prZ:222,si:225,poA:226,poZ:240,cmZ:240,mfZ:240,loA:243,loZ:244,ltA:245,ltZ:245%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:12%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:31,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:11,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B27~0%5D,as:%5B27~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tX1vmQK+11%7C12%7C13%7C1411%7C15*.1474271-76103299%7C151,idMap:15*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:IMG.us,siq:12,sinceFw:18,readyFired:false%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:75a0:bfc8:b85e:403 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 18:02:01 GMT
server
nginx
x-server-name
dt27.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 7878 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
312201
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 26 Nov 2023 03:18:40 GMT
expires
Mon, 25 Nov 2024 03:18:40 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 7878 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:18:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
9840
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 28 Nov 2024 15:18:01 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7878 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BZ5jGmXxnZZ3iEsL3gAfM3rbwAgAAAAA4AeAEAg&bg=!tbaltvnNAAZxrfrxUa07ADQBe5WfOBKr9SrmNrNswBmLXTzF28IF-G6FLxrJXLjuh5CEqfhGQO63AfLMgQUSmOeFijbqAgAAAC1SAAAAAWgBB5kC6mIzhWB7GIjqgFgtHNXHI7QVHa_a_7b1bmtc9XracdBZENLsuHYXhKEYKmgAXtsNzLQALvbxVR80yRuw_YOB8bzGi5ymzTQILEN5bGcfEUQN5Sqlv3NuwxiWQSW0T3JRTuOfPgnekNNhaiwlSDRFn0RYBLuoBaEw8a5utgkgK5uoPI6pmGqmSrb4Rie80SymWRGb_skajHlDrdOu71Y6pYK46BdFp--KhBfk_Zgpkt1j0LIlmoaZW7ms6YJtWevtMsBf65RkL46tw7jGvlwv6tBtZuBTcMKbFjWqy6tv16_NouO5q-fmr7H-SMVZCcPXntCHz5PxiEFfXL5B1pBOLV30i2zTv5ZGkP_s2yBOJ1Ns1RYhrRjmWYVfvS4lfyiJ1WMVoQ56AtYZoPA2wpQs_A2rPEsojqfFs05vWJVfdaJ3OYs4YU-4lzyeZjqfieSwfQq1FGBqUm5teFTjACIvinXAgOY3mMUG4wuUqACO7sEODaief4WZxkdsWYOj-J9_BVbvgKwE8yYc__kaJPLgd9kGFzkDe5w3rJDcNhMdZ2hlZf160DeZr5ZvUHMrZ4V2clt3vJTbei89ezWaNFWBkk0eyx1oJ2m74GPIFc-GVlRj2kA0BbrrKKqUBZVmzLw9TrAG_ez7JjWs8jQmseqt5ljQG5QusEkinAah1WKMPoKQMwrGXDjhfY1R2qZN3qXRcIqJ8bbjSiph_oBMFGmV7SCPsKlZicHfd06bbbgnh6JONT0vAroa7bMhQTlnPeQ0QanKo6OFereSJr7FUSdDG58IFEN_-rLaam-OPOcObKvHqVljFhkcZWN205Yl3H3fu1zbkfO_EoXZxUX2Z71nBLRo4tB29k4UHXt4v-dmIncR_tICpaTL_KDI-BevDm4khrqAXRLEMqzNjoJrpSQ4yyciS5PwUpDEcU1621vgJ84fDRqx56QyziP53WMI58m7UQD0harKDwiCMlG9iMH9Ua6ndxYVC3NrYZLl
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 18:02:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 5D15 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: x.gd
URL: https://x.gd/view/unsafe/uKjYZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 06:30:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41510
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 30 Nov 2023 06:30:11 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 5D15 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1474271/76103299/xbbe/creative/adj?p=APEucNWXGRCsI5qLZ9x1t9Q0wdOybhwwla5aY2SkcSu9uJeH22qP_aU&d=CokBAKAmf-DDwIrvsJ_WBixFBRnSJ3THDo6WqU2AGBONies1e-b8p1oqZ_6f7GMNk_xl8zgInloeOZyt3y4vPMvtaTUAsx8VNnWEoS1yg3zdA8NofVHoeoqIBxs1MF66460B4SOMTXUSTFsEMqgG1j0IJQ80_QuzVIDLwgxSahgBNsssnYihziDnQ38SyRUAoCZ_4GSpQ4m-hvMaAZakG8oF-Rab1wk9E-1kE40-Is9K1HYwmAPfKpQGr0ycj1GBsxqAc-WcU7ualDV_yci5repejFkBeE_fcVb3RckBk_neuugC2e0UCqoTeBsepPRL4tnEZi4Eu8XPnfr42-0oeb_r0VqKXQSLGwjx4_czIOrqyXBgtKf0haSjfkRzZY_8vObvwVe-gxPNNcs1sKngAd-uwzqDdXmGZzv7h7W1g1XaQwaFA_s4EtEOZDSohV6g_z1_XkEaD0H86nmhXdXvslvmy3ZXIeeknMzx1Say9w5F5MSpOQK1dAMmlNPZ_-xKWb6IJq_c5XNB5Dju-yYTMjY-hSPOl_ub0HzYW7iHtQt91cIl_vAKHoM_5ZfQWm16vwXeK8a6SuM3tjvRNsa6ixUxY95kXDn6PJ3ZSN8AFT3pZJtmY4Es8deGAiRgjpNZBohsSPkUnar3jD5X2lLhH6dsm9a7moqi15xSvDHfXnTPMD9w4k7WVbo1Ypyk8rwcuQ676ID-45TeQF51YLcHexQr2y-Yj4lzv0OdjWVcgDUkGQek1NhpoReggDVu5tJF2LJdOMjJVymt6_PQInw2dkO3WPp3ETwJowViKDIGXSJ5yujgIQb2W2-zsHo-oTdGB1A_KcPZ9cERPiRawfOLV0gW9FxwukCEOtLKlf5xZImY-yZC8nyUfZ2nIf9VEuFAaRogYKP6i_Wem515ZVJfNVmw91Gz7OfNaks6IOLZCVu11_zcpUnPidxlI6Paovm94nSUEJlcRduMh3JOVDZx64L-P5pnQBQxZlmwSslZuRT1xhGCCeJPoGIxS6alZWb1niDYdt9cXIy3pcAZyYE_Yp0Kve3rL7PU7AUHWS0kTftHC9ChTdVFqLOvOM9QxT1sWI2SCkBR9pYsjp0kOBle4RaCTiaqIqv5RQb0NDVrbdaB0mCGL8w5aL0arwgJng2jofv9W7YMIEGPR7y2YDM8a4ny2wbEV2XPC9offlNHlMY6vg3jkp7bdWwkd_VusMhZdVJxpbbpBj8e9PDTtFnfD4XRgPSUOYOGqWlebeXRIEwtqHPa1u9YWcfwD_6LTs587fXusTJzCBtq4La3OK3Co32sfCIKXhecYZOxfEoi-SGMJthV7pKGz8UPAoKD8vewZdflh3K-nQH7itl4IMk_lQsJu7Ojq-CR96WGGAQr1_q9dBmoaxLg42qiNY5XO_HPXhGpUhYxuhD3l0p_qALZB-bvkRgQGtoiTHJrZNrzyK_hOm-QT0SIW2KdxLtCOslTVZ1ErvNzF-d32k20xJ6aJUyo9MfuT5nXLDYnmTYy9sY9DkyAhNUD4wq7cG-uXMBYM_b00Nt2upIpeisQwMax4JgFxqTp9JIjtUZ8aD7fQsHNjbsluz18w0DhbMf1NQ7WcwcOPPfMWDxVvowf9o4SujrQITI9mYeI8X9VDg7IDUHb9y4ixwJtgzRV6U0o-6vo5jw7IG_5DUSgWwbW-pYFz83hVsY90GUjTfGSSqytQhIOYvp5e_cjiyXLYH4yboPUb4kfLmAYf5XyJXxk8f4M0no7Ox7rgiptPhu8cu7yS3UHiunwW2wx9SIEzYcJP9TfYpOBmmn5dVRMwOYgg-y6kv7xEG6OAfQ2V5iA3EJ8hiJq-YB-d4SpAbUwfuEa36oF0gwzQ7jYD10_EDGKRaNxSXiwnaN8r_kM6z74aS7e0av7ZlWLCp3eUQcia0qhowMIwaoMOB3a2mF5nbtRlOx9i2iqm-vWnAmWQV5ujiWZ_Eav2QUnsT83VfSeanjXpUQkLJhTtxGY7nNAFbewottqnhWDngXbVV6nj2oe0AabMmiBIM6zeh7_JbtCGsMArmKjH5_fM5p53TOPL9AhJZ_Sb86a1IHekRu_xPohV5uftPGLd-dXkhRBLhFCSMDYSAw2KishnPIuJT8l2RLdJzPR-prg2h9Y8fBTPOu4sNosjgvVYcGjgrhA13ag9u0mdZqAP8Dp161Zf4zr1nJmYO8RoNuGjAyW6tPgXOerfErYjYdflIRukolPoXi5GI921o28mlMUo4Vi5XbPanV3CpWAwhmYOz_1yXxriZh0VPM49G5aQYioooRSIKdAkppas-XpVTmqTIS0ItXaGspmYMNDBWAQGJPYMqf855SvS8Xsrx3EUfXi_wF3nrxM08mcoT5DP3jU0I2MJTWDy8s34IbOORxGB12CtS5HNIuPeVeO7ugfSIBHWaAYF5T3F5dclYQj3D4lkySOv_0T_RbnQGexuPgSzDLAcyGCKG6w_hXKP39ng0ot70hN6EOTncrbRqC--fjDPFGPzkG86m4JeLW5vqqAETIrOSRAIHC9p_27KGMApazfQsp0PBzq3Z6-gi6upjEZ68ybGUxsypN8pZtKK9ZSusKS0J3i_VijPo0OgIu6ArAXXNy9PQiaOjjgvG6Wp4VRXvxwurzhJN9VJd1XaAUSDG9A6g4WnsGeJRUF08N1YupKvXdF7Bhsa3_IBr4mPw6onJy4qXNXGTiJt72yIythR03IVQ9CO121D8D8KEoAn9Na71uipx8Ty5DKJ7Xk-XWb89HLUz30Ym_Cyk8Tcn3lEKMrYYglIiqw29lwgN8le_vjY7ZwTVvMhRcihWyD4xVCrxOWRDZIo3Nr5kx05UQxA62DcOOBp-14OVaF8ipwa3WrpGKnF8zgczdLZqpCV-Y-40E-2bpemMTUaOfapwVh33De-PnE3ktCdwe8eTS3bHVBX5CXmJci7zAnr4JwieIraZly4FcNNA-eLD_h36G5xM5fjohaIilKEt3X0M7-65y7x1AQtKxbIs_8aPm-gpGdf1BBSTwTbKwjrmsIG9wWVHQ7mGk3bHPAt_OD4V8XYH21TCmUEM-0ibRWtjE66fGgr0MzpflTokI-QdqAwpLbiE9gqgH5wEO8G3GtgSECi71H2O3gqsuB8YNIHorwHd7XHSQeQTVO2SgmakPlROi-7FtRd7NjbUw5yMPXcx8NdBgu9VuKI_q4lUUKmaSHPIA0sAr6WvOPIANydXT91wz4tyE5UVD96AyQol6hmke28SLel721VNSHKyacoG_NzEvk-FNhO699fq-vjQj9jahF0VbpbVf3IP3vh3KHzoecshkPCvAnwQsD1kDpCeuVO0bjAFNEvf56Dx--WtUjjuOh6eCwg1Ah_JCEitgdEz36WHV3PBUv-XX_wAk777Gx6HflwM2CzUAGsKGUTcB-E6gDHu-XvPXf-wIlW_GiKzuySb5IJySWWwaM8AFsC8Pe78nXMR-_YZCpxfpIhAMpiMVvTXE9pyDrbs7oKMm5R6t-zzR2_sq9c7EKFKAqVkHNVjYWYnyK5Bpj0XczK8ajhoxImLwgr9RH4RL6adKLRuXeImlYkUqhHMcB-LP8OHmOhuj2lxDPhMA-8URmeBjYvb3zI2yZoOa7QZKYGCzlS8ov0r12CxQqJnFAvXSnBTqy7pDSDP4w1mMThSdoMXUg_htY7a20UcuvPjDY1KHIUL1W8TuavFCu9mf7_JUmol7pPwM7BlQ055yQDnT1UKYP7jp2d4C8FDThaOHg8RiO78g0kUrWUiikuNd8P5pN-9o8CvM_6WO5j6X3xibe-BMWh-GxDedHjyretfYMyLBWRmv_V7bAqx9qD2MDmngHpX_fn6vVfOxEuPsTxJ99_roMXFuIT_i9RnceGlUIBBJPAMgJpo072az4MiHKcN1hBhhCQ1F5DoctLsUNJ6E1ZK2OBHIqi9NWvzXl7bWmBCJ3q3wrThLwZu4Jc6XnJVZcRUc3xqYeOFleiCi-J8OV_hgBYAE&bundleId=&ias_dspID=3&ias_campId=1012200182&ias_pubId=pub-2737572314184878&ias_chanId=1&ias_placementId=20118616986&bidurl=https://x.gd/view/unsafe/uKjYZ&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0i3d6y5PcKCjO_T8dNcWhSf&adsafe_url=https%3A%2F%2Fx.gd&adsafe_type=y&adsafe_url=https%3A%2F%2Fx.gd%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231109%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-1-%26adk%3D1812271801%26client%3Dca-pub-2737572314184878%26fa%3D1%26ifi%3D3%26uci%3Da!3&adsafe_type=d&adsafe_jsinfo=,id:dac34ad0-e5e6-3395-24b1-953ea814f23e,c:vnU0o2,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-66f6d74bff-st985,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:2,mot:0,app:0,maw:0,fm:tX1vmQK+11%7C12%7C13%7C1411%7C15*.1474271-76103299%7C151,idMap:15*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:12,oid:6541c98a-8ee1-11ee-a5fc-4a5f7e44f247,v:19.8.461,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 02:35:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
55620
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Dec 2023 02:35:01 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 5D15 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1474271/76103299/xbbe/creative/adj?p=APEucNWXGRCsI5qLZ9x1t9Q0wdOybhwwla5aY2SkcSu9uJeH22qP_aU&d=CokBAKAmf-DDwIrvsJ_WBixFBRnSJ3THDo6WqU2AGBONies1e-b8p1oqZ_6f7GMNk_xl8zgInloeOZyt3y4vPMvtaTUAsx8VNnWEoS1yg3zdA8NofVHoeoqIBxs1MF66460B4SOMTXUSTFsEMqgG1j0IJQ80_QuzVIDLwgxSahgBNsssnYihziDnQ38SyRUAoCZ_4GSpQ4m-hvMaAZakG8oF-Rab1wk9E-1kE40-Is9K1HYwmAPfKpQGr0ycj1GBsxqAc-WcU7ualDV_yci5repejFkBeE_fcVb3RckBk_neuugC2e0UCqoTeBsepPRL4tnEZi4Eu8XPnfr42-0oeb_r0VqKXQSLGwjx4_czIOrqyXBgtKf0haSjfkRzZY_8vObvwVe-gxPNNcs1sKngAd-uwzqDdXmGZzv7h7W1g1XaQwaFA_s4EtEOZDSohV6g_z1_XkEaD0H86nmhXdXvslvmy3ZXIeeknMzx1Say9w5F5MSpOQK1dAMmlNPZ_-xKWb6IJq_c5XNB5Dju-yYTMjY-hSPOl_ub0HzYW7iHtQt91cIl_vAKHoM_5ZfQWm16vwXeK8a6SuM3tjvRNsa6ixUxY95kXDn6PJ3ZSN8AFT3pZJtmY4Es8deGAiRgjpNZBohsSPkUnar3jD5X2lLhH6dsm9a7moqi15xSvDHfXnTPMD9w4k7WVbo1Ypyk8rwcuQ676ID-45TeQF51YLcHexQr2y-Yj4lzv0OdjWVcgDUkGQek1NhpoReggDVu5tJF2LJdOMjJVymt6_PQInw2dkO3WPp3ETwJowViKDIGXSJ5yujgIQb2W2-zsHo-oTdGB1A_KcPZ9cERPiRawfOLV0gW9FxwukCEOtLKlf5xZImY-yZC8nyUfZ2nIf9VEuFAaRogYKP6i_Wem515ZVJfNVmw91Gz7OfNaks6IOLZCVu11_zcpUnPidxlI6Paovm94nSUEJlcRduMh3JOVDZx64L-P5pnQBQxZlmwSslZuRT1xhGCCeJPoGIxS6alZWb1niDYdt9cXIy3pcAZyYE_Yp0Kve3rL7PU7AUHWS0kTftHC9ChTdVFqLOvOM9QxT1sWI2SCkBR9pYsjp0kOBle4RaCTiaqIqv5RQb0NDVrbdaB0mCGL8w5aL0arwgJng2jofv9W7YMIEGPR7y2YDM8a4ny2wbEV2XPC9offlNHlMY6vg3jkp7bdWwkd_VusMhZdVJxpbbpBj8e9PDTtFnfD4XRgPSUOYOGqWlebeXRIEwtqHPa1u9YWcfwD_6LTs587fXusTJzCBtq4La3OK3Co32sfCIKXhecYZOxfEoi-SGMJthV7pKGz8UPAoKD8vewZdflh3K-nQH7itl4IMk_lQsJu7Ojq-CR96WGGAQr1_q9dBmoaxLg42qiNY5XO_HPXhGpUhYxuhD3l0p_qALZB-bvkRgQGtoiTHJrZNrzyK_hOm-QT0SIW2KdxLtCOslTVZ1ErvNzF-d32k20xJ6aJUyo9MfuT5nXLDYnmTYy9sY9DkyAhNUD4wq7cG-uXMBYM_b00Nt2upIpeisQwMax4JgFxqTp9JIjtUZ8aD7fQsHNjbsluz18w0DhbMf1NQ7WcwcOPPfMWDxVvowf9o4SujrQITI9mYeI8X9VDg7IDUHb9y4ixwJtgzRV6U0o-6vo5jw7IG_5DUSgWwbW-pYFz83hVsY90GUjTfGSSqytQhIOYvp5e_cjiyXLYH4yboPUb4kfLmAYf5XyJXxk8f4M0no7Ox7rgiptPhu8cu7yS3UHiunwW2wx9SIEzYcJP9TfYpOBmmn5dVRMwOYgg-y6kv7xEG6OAfQ2V5iA3EJ8hiJq-YB-d4SpAbUwfuEa36oF0gwzQ7jYD10_EDGKRaNxSXiwnaN8r_kM6z74aS7e0av7ZlWLCp3eUQcia0qhowMIwaoMOB3a2mF5nbtRlOx9i2iqm-vWnAmWQV5ujiWZ_Eav2QUnsT83VfSeanjXpUQkLJhTtxGY7nNAFbewottqnhWDngXbVV6nj2oe0AabMmiBIM6zeh7_JbtCGsMArmKjH5_fM5p53TOPL9AhJZ_Sb86a1IHekRu_xPohV5uftPGLd-dXkhRBLhFCSMDYSAw2KishnPIuJT8l2RLdJzPR-prg2h9Y8fBTPOu4sNosjgvVYcGjgrhA13ag9u0mdZqAP8Dp161Zf4zr1nJmYO8RoNuGjAyW6tPgXOerfErYjYdflIRukolPoXi5GI921o28mlMUo4Vi5XbPanV3CpWAwhmYOz_1yXxriZh0VPM49G5aQYioooRSIKdAkppas-XpVTmqTIS0ItXaGspmYMNDBWAQGJPYMqf855SvS8Xsrx3EUfXi_wF3nrxM08mcoT5DP3jU0I2MJTWDy8s34IbOORxGB12CtS5HNIuPeVeO7ugfSIBHWaAYF5T3F5dclYQj3D4lkySOv_0T_RbnQGexuPgSzDLAcyGCKG6w_hXKP39ng0ot70hN6EOTncrbRqC--fjDPFGPzkG86m4JeLW5vqqAETIrOSRAIHC9p_27KGMApazfQsp0PBzq3Z6-gi6upjEZ68ybGUxsypN8pZtKK9ZSusKS0J3i_VijPo0OgIu6ArAXXNy9PQiaOjjgvG6Wp4VRXvxwurzhJN9VJd1XaAUSDG9A6g4WnsGeJRUF08N1YupKvXdF7Bhsa3_IBr4mPw6onJy4qXNXGTiJt72yIythR03IVQ9CO121D8D8KEoAn9Na71uipx8Ty5DKJ7Xk-XWb89HLUz30Ym_Cyk8Tcn3lEKMrYYglIiqw29lwgN8le_vjY7ZwTVvMhRcihWyD4xVCrxOWRDZIo3Nr5kx05UQxA62DcOOBp-14OVaF8ipwa3WrpGKnF8zgczdLZqpCV-Y-40E-2bpemMTUaOfapwVh33De-PnE3ktCdwe8eTS3bHVBX5CXmJci7zAnr4JwieIraZly4FcNNA-eLD_h36G5xM5fjohaIilKEt3X0M7-65y7x1AQtKxbIs_8aPm-gpGdf1BBSTwTbKwjrmsIG9wWVHQ7mGk3bHPAt_OD4V8XYH21TCmUEM-0ibRWtjE66fGgr0MzpflTokI-QdqAwpLbiE9gqgH5wEO8G3GtgSECi71H2O3gqsuB8YNIHorwHd7XHSQeQTVO2SgmakPlROi-7FtRd7NjbUw5yMPXcx8NdBgu9VuKI_q4lUUKmaSHPIA0sAr6WvOPIANydXT91wz4tyE5UVD96AyQol6hmke28SLel721VNSHKyacoG_NzEvk-FNhO699fq-vjQj9jahF0VbpbVf3IP3vh3KHzoecshkPCvAnwQsD1kDpCeuVO0bjAFNEvf56Dx--WtUjjuOh6eCwg1Ah_JCEitgdEz36WHV3PBUv-XX_wAk777Gx6HflwM2CzUAGsKGUTcB-E6gDHu-XvPXf-wIlW_GiKzuySb5IJySWWwaM8AFsC8Pe78nXMR-_YZCpxfpIhAMpiMVvTXE9pyDrbs7oKMm5R6t-zzR2_sq9c7EKFKAqVkHNVjYWYnyK5Bpj0XczK8ajhoxImLwgr9RH4RL6adKLRuXeImlYkUqhHMcB-LP8OHmOhuj2lxDPhMA-8URmeBjYvb3zI2yZoOa7QZKYGCzlS8ov0r12CxQqJnFAvXSnBTqy7pDSDP4w1mMThSdoMXUg_htY7a20UcuvPjDY1KHIUL1W8TuavFCu9mf7_JUmol7pPwM7BlQ055yQDnT1UKYP7jp2d4C8FDThaOHg8RiO78g0kUrWUiikuNd8P5pN-9o8CvM_6WO5j6X3xibe-BMWh-GxDedHjyretfYMyLBWRmv_V7bAqx9qD2MDmngHpX_fn6vVfOxEuPsTxJ99_roMXFuIT_i9RnceGlUIBBJPAMgJpo072az4MiHKcN1hBhhCQ1F5DoctLsUNJ6E1ZK2OBHIqi9NWvzXl7bWmBCJ3q3wrThLwZu4Jc6XnJVZcRUc3xqYeOFleiCi-J8OV_hgBYAE&bundleId=&ias_dspID=3&ias_campId=1012200182&ias_pubId=pub-2737572314184878&ias_chanId=1&ias_placementId=20118616986&bidurl=https://x.gd/view/unsafe/uKjYZ&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0i3d6y5PcKCjO_T8dNcWhSf&adsafe_url=https%3A%2F%2Fx.gd&adsafe_type=y&adsafe_url=https%3A%2F%2Fx.gd%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231109%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-1-%26adk%3D1812271801%26client%3Dca-pub-2737572314184878%26fa%3D1%26ifi%3D3%26uci%3Da!3&adsafe_type=d&adsafe_jsinfo=,id:dac34ad0-e5e6-3395-24b1-953ea814f23e,c:vnU0o2,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-66f6d74bff-st985,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:2,mot:0,app:0,maw:0,fm:tX1vmQK+11%7C12%7C13%7C1411%7C15*.1474271-76103299%7C151,idMap:15*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:12,oid:6541c98a-8ee1-11ee-a5fc-4a5f7e44f247,v:19.8.461,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
610d24f5996131b3ab98f18e05441cc246aa8674c3842df0df2b40b57ac9fd0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 04:49:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
47532
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11874
x-xss-protection
0
server
cafe
etag
3876053170955424897
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Dec 2023 04:49:49 GMT
truncated
/ Frame 5D15 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
42b3e02588c2279fd80c22da95e042067bfd58a4c39ef521413679fcf20d19fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
index.html
s0.2mdn.net/sadbundle/10059731364915184130/EMEA-DEU_XA-09_0_728x90_BAN-A_HTML5_TOFU-no-Networking-SDWANSASEeBookv1_0_105/ Frame C5A1 		253 KB
163 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/10059731364915184130/EMEA-DEU_XA-09_0_728x90_BAN-A_HTML5_TOFU-no-Networking-SDWANSASEeBookv1_0_105/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce6ffd9385e6ad26e64ae1ce4c80a459ec27056878301c6b941c10f43b58e742
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
565039
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
166404
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 23 Nov 2023 05:04:42 GMT
expires
Fri, 22 Nov 2024 05:04:42 GMT
last-modified
Fri, 05 May 2023 12:39:01 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
ad.doubleclick.net/pcs/ Frame 5D15 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsv3DF0ZjOs0ipGk8zgd_-WtP2pZb8VZnAxvHr_WCjDqdNvTaWCa4KaFkd6KCFk6ir130Yntru6UyQd3KwpZckmGiEmQDxoMo823RDnQ3l7t5TT7TYn_beD5o8FXKtUu0eM13n-HTb2E-a7HipDYfst8YcYSzG6jFPAvTVUU41uhQOzg50pzMSUqp6QPJxnMJqm7CujzAGaLtCxGeyQ&sai=AMfl-YSVaB7NPb7i2Y8HF8NRiAq2HNfZmjY7bO-yCC_ypndlGSLwtAF4xV7TW3veHZXya1gN5VwcWZzKYi258MCsQ45-h5WSYjRHgOLvmO93MdVekFJBOe-1OfJUX4K_fdizsHof5wnvnfcGGYO3-dKpLgL7gks&sig=Cg0ArKJSzIUj6tnY_UMGEAE&uach_m=%5BUACH%5D&cry=1&crd=aHR0cHM6Ly9jaXNjby5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=51&cbvp=1&cstd=49&cisv=r20231109.58661&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: x.gd
URL: https://x.gd/view/unsafe/uKjYZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 18:02:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
truncated
/ Frame C5A1 		73 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
24366c51064fc57cb419cc93db561f43bf3461affb1d04deb4d552a7e2ba4956

Request headers

Referer
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
truncated
/ Frame C5A1 		71 KB
71 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0dfe1f9ce8410e9cd1eb921153319aa98dd53d12a6e4fb0efca81ab345bda814

Request headers

Referer
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
view
ad.doubleclick.net/pcs/ Frame 5D15 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsv3DF0ZjOs0ipGk8zgd_-WtP2pZb8VZnAxvHr_WCjDqdNvTaWCa4KaFkd6KCFk6ir130Yntru6UyQd3KwpZckmGiEmQDxoMo823RDnQ3l7t5TT7TYn_beD5o8FXKtUu0eM13n-HTb2E-a7HipDYfst8YcYSzG6jFPAvTVUU41uhQOzg50pzMSUqp6QPJxnMJqm7CujzAGaLtCxGeyQ&sai=AMfl-YSVaB7NPb7i2Y8HF8NRiAq2HNfZmjY7bO-yCC_ypndlGSLwtAF4xV7TW3veHZXya1gN5VwcWZzKYi258MCsQ45-h5WSYjRHgOLvmO93MdVekFJBOe-1OfJUX4K_fdizsHof5wnvnfcGGYO3-dKpLgL7gks&sig=Cg0ArKJSzIUj6tnY_UMGEAE&uach_m=%5BUACH%5D&cry=1&crd=aHR0cHM6Ly9jaXNjby5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=107&vt=11&dtpt=56&dett=3&cstd=49&cisv=r20231109.58661&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: x.gd
URL: https://x.gd/view/unsafe/uKjYZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 18:02:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
TI-SD-WAN-SASE-eBook.jpeg
s0.2mdn.net/sadbundle/10059731364915184130/EMEA-DEU_XA-09_0_728x90_BAN-A_HTML5_TOFU-no-Networking-SDWANSASEeBookv1_0_105/ Frame C5A1 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10059731364915184130/EMEA-DEU_XA-09_0_728x90_BAN-A_HTML5_TOFU-no-Networking-SDWANSASEeBookv1_0_105/TI-SD-WAN-SASE-eBook.jpeg?
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5466a707c7ff62c2a9b99f70ea18b2a8a4a3770ba84a8b76fa19985b310599bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10059731364915184130/EMEA-DEU_XA-09_0_728x90_BAN-A_HTML5_TOFU-no-Networking-SDWANSASEeBookv1_0_105/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 05:01:52 GMT
x-content-type-options
nosniff
age
478809
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10391
x-xss-protection
0
last-modified
Fri, 05 May 2023 12:39:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 23 Nov 2024 05:01:52 GMT
LogoLockup_Vert_RGB_Midnight.png
s0.2mdn.net/sadbundle/10059731364915184130/EMEA-DEU_XA-09_0_728x90_BAN-A_HTML5_TOFU-no-Networking-SDWANSASEeBookv1_0_105/ Frame C5A1 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10059731364915184130/EMEA-DEU_XA-09_0_728x90_BAN-A_HTML5_TOFU-no-Networking-SDWANSASEeBookv1_0_105/LogoLockup_Vert_RGB_Midnight.png?
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
26aac5d5d23042d6be1ff609d56d7088d6412199b5d1656adbbd4450a7cbc8ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10059731364915184130/EMEA-DEU_XA-09_0_728x90_BAN-A_HTML5_TOFU-no-Networking-SDWANSASEeBookv1_0_105/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 05:04:42 GMT
x-content-type-options
nosniff
age
565039
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2354
x-xss-protection
0
last-modified
Fri, 05 May 2023 12:39:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 22 Nov 2024 05:04:42 GMT
dt
dt.adsafeprotected.com/ Frame 5D15 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1474271&asId=dac34ad0-e5e6-3395-24b1-953ea814f23e&tv=%7Bc:vnU0tw,pingTime:-10,time:352,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTkuMC42MDQ1LjE5OSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1701280921717%7C%7Cb904bec903cfd144d81ecddd611d30f7%7C%7C9d9fcb00733e98b40e93b73c4ea99695%7C%7Cb503671d4e822ec31545f186fde49d46%7C%7C497713ab5c1af496fd6f24c95b3f6ae4%7C%7Cc2a8fa14343cfcc92743af05c7c25510%7C%7C53f8aa775254a85d294aaca65548b938%7C%7Cc02fb1fea03d86fb1e8c7f15d51c3f19%7C%7C1663701684%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:75a0:bfc8:b85e:403 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 18:02:01 GMT
server
nginx
x-server-name
dt30.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
LogoLockup_Vert_RGB_Midnight.png
s0.2mdn.net/sadbundle/10059731364915184130/EMEA-DEU_XA-09_0_728x90_BAN-A_HTML5_TOFU-no-Networking-SDWANSASEeBookv1_0_105/ Frame C5A1 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10059731364915184130/EMEA-DEU_XA-09_0_728x90_BAN-A_HTML5_TOFU-no-Networking-SDWANSASEeBookv1_0_105/LogoLockup_Vert_RGB_Midnight.png?
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10059731364915184130/EMEA-DEU_XA-09_0_728x90_BAN-A_HTML5_TOFU-no-Networking-SDWANSASEeBookv1_0_105/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
26aac5d5d23042d6be1ff609d56d7088d6412199b5d1656adbbd4450a7cbc8ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10059731364915184130/EMEA-DEU_XA-09_0_728x90_BAN-A_HTML5_TOFU-no-Networking-SDWANSASEeBookv1_0_105/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 05:04:42 GMT
x-content-type-options
nosniff
age
565039
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2354
x-xss-protection
0
last-modified
Fri, 05 May 2023 12:39:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 22 Nov 2024 05:04:42 GMT
TI-SD-WAN-SASE-eBook.jpeg
s0.2mdn.net/sadbundle/10059731364915184130/EMEA-DEU_XA-09_0_728x90_BAN-A_HTML5_TOFU-no-Networking-SDWANSASEeBookv1_0_105/ Frame C5A1 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/10059731364915184130/EMEA-DEU_XA-09_0_728x90_BAN-A_HTML5_TOFU-no-Networking-SDWANSASEeBookv1_0_105/TI-SD-WAN-SASE-eBook.jpeg?
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10059731364915184130/EMEA-DEU_XA-09_0_728x90_BAN-A_HTML5_TOFU-no-Networking-SDWANSASEeBookv1_0_105/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5466a707c7ff62c2a9b99f70ea18b2a8a4a3770ba84a8b76fa19985b310599bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/10059731364915184130/EMEA-DEU_XA-09_0_728x90_BAN-A_HTML5_TOFU-no-Networking-SDWANSASEeBookv1_0_105/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 05:01:52 GMT
x-content-type-options
nosniff
age
478809
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10391
x-xss-protection
0
last-modified
Fri, 05 May 2023 12:39:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 23 Nov 2024 05:01:52 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2737572314184878&plah=x.gd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d229bbd7fa550b09557a654fccbf0b0c75512085a9521ad147592fa2bc005e5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://x.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 18:02:01 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12296
x-xss-protection
0
dt
dt.adsafeprotected.com/ Frame 5D15 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1474271&asId=dac34ad0-e5e6-3395-24b1-953ea814f23e&tv=%7Bc:vnU0wL,time:553,type:e,im:%7Bpci:%7Btdr:517%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:553,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:11,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B548~0%5D,as:%5B548~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:171,fm:tX1vmQK+11%7C12%7C13%7C1411%7C15*.1474271-76103299%7C151,idMap:15*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:12,sis:207%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:75a0:bfc8:b85e:403 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 18:02:01 GMT
server
nginx
x-server-name
dt30.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2737572314184878&plah=x.gd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://x.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 18:02:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 29 Nov 2023 18:02:01 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 144C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://x.gd/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
18393
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 29 Nov 2023 12:55:28 GMT
expires
Thu, 28 Nov 2024 12:55:28 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 480B 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
fbfb0374024b9200648edd21a00a15c01ec1febb2dce0fd4df04e520b5393c4e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-zKGs7tl0I4gjrNCLb325kw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://x.gd/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-zKGs7tl0I4gjrNCLb325kw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 29 Nov 2023 18:02:02 GMT
expires
Wed, 29 Nov 2023 18:02:02 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 144C 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:18:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
9840
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 28 Nov 2024 15:18:01 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 480B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=3470962893984195&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 144C 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?82TPvw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 18:02:02 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231109&jk=3470962893984195&bg=!cnGlcT7NAAZxrfrxUa07ADQBe5WfODvBgwq_eCRUtR4qbrzLumLekekppaZnxjDsOlcnKJ_aNAk7_fLdMfPGVRKgABIvAgAAAEBSAAAAAmgBBwoAOS_tKfj235VdcvlHUYQbCWnC29qJUAqWeHJOpItAr7jdHQV9GaqYUc9uJs8DxqYWgIu0jkZBSKBfnpkCouG0_ebehq2NkGoD4u7OTNV7OgOFfRqxetCiGoR5J4cCJ13simOIKcpQRtYvbRWDJo_tbjgB5RTuWVUORSZ9KWzDWRtA1gEFiUnMOf7dKmA0Z533NdyTci8khb5IkPI7BAtBy3QaeNJjvnskhW7rSiTjXy9pIjMPOGCBiuuvw51IjGL5kJWoflDeXgcwZFn4ROAMnLRwYig2k7KMuVWhnpsHJurKdJxpligMwobCYytYXoYHopllyj_sBVJQxP2prCS160rj_UF3-WV6aiRDssIHnbPNF07cC52oaR8CFGZxSOZzgwANZHL4QX9-DyDm4nkPNLFWIoQd2B_f4_cbPMmEHWlco3kCGysa-DoAjK9o75LxNC8t4xe0MYhWZXkYm35yS5Nyqi4VfIfhjIflEIVXCZe8Mhq-D_0wEOzmpG2eFl-1IKLJf5dy0GIqDW344wn74vSY_o8DD4k0x_m3qA5Qm1BrsGNGYju9oNWx6AVNhtdN1LtBklcjw8TrqfSLwg-sxrZHFAVnTjINm7914iNci22uZ_KxGJHLptg08uFbTNjWV5VDpz2Q2ke1RruHteoY49kN30c9w726VqIxtdvpiRAiWKXV_LWCcWUoPAqKHcb7cnis_gt08PZGAPe8zMwtjuVyrMT32V8ti4K9flILOFsltMgwVn8l7G3uJrDOwOqg_DslX7IxCZbisIw8AF83vL0ylbI4XbEIflJ7CluxGlPu4c-e4UhLv8ymVYgpu19s9jnMp5IQ--EdftG7ksyX5CKwdkmIeQ2iqKUklQ9RYBOX_MzmrTf89Vfi23grsgCuBlJFEaGfzyamGz6yiAAJLLv7FdX4hVPbMpOfmUJv4kxjpomL15yo5mtNPbdeQwDFEFli8rNRI8FN5fS69lQf
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://x.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 5D15 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssTqH-mFXc8YpSHZW8l3JGCy7bUFQ8tJ-2NDLtqrFITwErZr7U-cnYgnrT60BI14uIqK_VnqN2JcG1DFo9YA6VEH6bdogWm-ljPhPx3CU__kGqgw1ESlTilcrABhYYxNdqgv3WhquWUvb-u&sai=AMfl-YQLZkF_OdMnRpP7ojArUrMaIYe9Gjd7lZjsBLFAjDYoSQCZJHHQhHY-kvJ2G-Rqaey1_3e3EbMRSFkd7bZBIxfce4dvf9dkiuV-eR71DJ9w6-yM5DcxD2kvpHeZvkIdPaADdG3v9rpdn_-GO1TTqnAu55KhEmiqhixS&sig=Cg0ArKJSzE1FLdeYJNV7EAE&cid=CAQSTwDICaaNO9ms-DIhynDdYQYYQkNReQ6HLS7FDSehNWStjgRyKovTVr815e21pgQid6t8K04S8GbuCXOl5yVWXEVHN8amHjhZXogovifDlf4YAQ&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=423,918,1000,1000,1000&tos=423,495,82,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701280921153&rpt=434&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 18:02:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5D15 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1475734172182&version=m202309260101&ct=76&x=1&cor=14992701802692067000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 18:02:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 5D15 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1474271&asId=dac34ad0-e5e6-3395-24b1-953ea814f23e&tv=%7Bc:vnU0QW,pingTime:1,time:1804,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:12%7D,%7Bpiv:100,vs:i,r:,t:804%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1000,o:804,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:11,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B799~0%5D,as:%5B799~728.90%5D%7D%7D,%7Bsl:i,t:804,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1000~100%5D,as:%5B1000~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:163,fm:tX1vmQK+11%7C12%7C13%7C1411%7C15*.1474271-76103299%7C151,idMap:15*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:12,sis:207%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:75a0:bfc8:b85e:403 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 18:02:03 GMT
server
nginx
x-server-name
dt03.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 5D15 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1474271&asId=dac34ad0-e5e6-3395-24b1-953ea814f23e&tv=%7Bc:vnU0QX,pingTime:1,time:1805,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:12%7D,%7Bpiv:100,vs:i,r:,t:804%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1001,o:804,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:11,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B799~0%5D,as:%5B799~728.90%5D%7D%7D,%7Bsl:i,t:804,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:163,fm:tX1vmQK+11%7C12%7C13%7C1411%7C15*.1474271-76103299%7C151,idMap:15*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:12,sis:207%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7780:75a0:bfc8:b85e:403 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 18:02:03 GMT
server
nginx
x-server-name
dt15.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
collect
region1.google-analytics.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-K53RX1V2LY&gtm=45je3b81v9102618407&_p=1701280919994&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=22935211.1701280920&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1701280919&sct=1&seg=1&dl=https%3A%2F%2Fx.gd%2Fview%2Funsafe%2FuKjYZ&dt=URL%E7%9F%AD%E7%B8%AE%E3%82%B5%E3%83%BC%E3%83%93%E3%82%B9%20X.gd&en=page_view&_ee=1&_et=2&tfd=8647
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K53RX1V2LY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://x.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 18:02:05 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://x.gd
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| documentPictureInPicture object| adsbygoogle boolean| __abg_called object| __NUXT__ object| google_tag_manager object| google_tag_data object| dataLayer object| webpackJsonp function| _0x283bb5 function| _0x2831cf function| _0x51c973 function| _0x1dd6c8 function| _0x4df6e6 function| _0x1712 function| _0x1a47 function| _0x54d5eb function| installComponents object| __core-js_shared__ object| core object| regeneratorRuntime function| setImmediate function| clearImmediate object| onNuxtReadyCbs function| onNuxtReady object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| onYouTubeIframeAPIReady function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| $nuxt function| ga object| gaplugins boolean| ga-disable-UA-154998386-2 object| gaData object| google_llp object| googletag object| GoogleGcLKhOms object| google_image_requests

15 Cookies

Domain/Path Name / Value
.x.gd/ Name: cf_clearance
Value: WxNpPKym_N_3Vo6cFXQyWUMi8PFhL9UdinEod.umE8s-1701280919-0-1-db317be7.25bb89ab.f52f60b4-0.2.1701280919
.x.gd/ Name: _ga_K53RX1V2LY
Value: GS1.1.1701280919.1.1.1701280920.0.0.0
x.gd/ Name: si
Value: 0quw0smm
.x.gd/ Name: _ga
Value: GA1.2.22935211.1701280920
.x.gd/ Name: _gid
Value: GA1.2.1956499033.1701280920
.x.gd/ Name: _gat
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUmL_u4mUV3sNarYNK2eBECvzz35vQtJDKF2a833Uz5mVkGcvRTOkEnjE43C
.x.gd/ Name: __gads
Value: ID=c652a4fe80992ebb:T=1701280919:RT=1701280919:S=ALNI_MalsN-ULNTSFQdz4gqRLA6hp0XQtg
.x.gd/ Name: __gpi
Value: UID=00000ce1a85d2ecf:T=1701280919:RT=1701280919:S=ALNI_MZw289bP7qlCiFJuOr14rs8wzC4vQ
.adnxs.com/ Name: uuid2
Value: 1275746517682579558
.casalemedia.com/ Name: CMPS
Value: 2208
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GVPj-d!9!]tbPl1M>e)ZlrFUfJ+tGXxo3EuhpLZ0k9xUv?MM:[Q]<IM?K)_/#WYJ)$aB3If)y3KL9D3I?+knypq!
.doubleclick.net/ Name: APC
Value: AfxxVi6vXfIGlWnf2LxPYEnrGJELoWGAabZzXvRO9Qp7FQUfWhgtjw
.casalemedia.com/ Name: CMID
Value: ZWd8mf7HjmhBkNhuO1fuGgAA
.casalemedia.com/ Name: CMPRO
Value: 2182

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
bid.g.doubleclick.net
cm.g.doubleclick.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
ib.adnxs.com
pagead2.googlesyndication.com
polyfill.io
region1.google-analytics.com
s0.2mdn.net
static.adsafeprotected.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.gd
104.18.36.155
104.21.46.170
142.250.186.66
172.217.16.134
2001:4860:4802:32::36
2600:1f13:800:7780:75a0:bfc8:b85e:403
2600:9000:26da:7200:8:48e:53c0:93a1
2a00:1450:4001:800::2004
2a00:1450:4001:806::2006
2a00:1450:4001:809::2002
2a00:1450:4001:80b::200a
2a00:1450:4001:810::2008
2a00:1450:4001:81c::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:830::2002
2a00:1450:4001:830::2003
2a04:4e42:a00::282
37.252.171.52
52.49.14.41
74.125.71.157
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
01f76a823cd73d314556ab9c13e4c5d5ece4bd0f94d5afbd9508eb3522ebca33
0565ce80b934cf874c4ce5dfcdf4295511e7d5f7507c57fa0d364e353aac983f
05fa2934bb8c4048d332c09b7fa8a5e1a21e7513f3244edbc857013d41792212
0a9ff32d85258ef227ddc9a6763db635f084caaaaded2d4b28bb98ea0b1253c9
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b9f3f599c8c620303e3ecb3ef4efc57020d6abfde96b1863afee551fcd5d430
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
0dfe1f9ce8410e9cd1eb921153319aa98dd53d12a6e4fb0efca81ab345bda814
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
24366c51064fc57cb419cc93db561f43bf3461affb1d04deb4d552a7e2ba4956
25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af
26aac5d5d23042d6be1ff609d56d7088d6412199b5d1656adbbd4450a7cbc8ee
2881d8eadc298102d2462e8d32e40792adce37b6cd89d99045f574eb3ecbb748
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
336951503a0ffc84310fb5345be5eaa6f9d8a2bdfad0dae493cf3abce96b425f
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
39488b5646fd7a7ba52a4e1a67c4655730f91b93c6681524e4c581090fabb716
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
42b3e02588c2279fd80c22da95e042067bfd58a4c39ef521413679fcf20d19fe
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c6a5bb37520d3802bf344e433669d6f795ca3f003e7564e4ae82db7714429bd
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
5466a707c7ff62c2a9b99f70ea18b2a8a4a3770ba84a8b76fa19985b310599bb
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
563a21af7d066a5ed2d05357428e1b96508f9c9e23a39b560ab9fa8fe92f1591
5759795dd4000417cb6dcb3b64c51361e15f2086c92fd99cef21511c93466200
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
610d24f5996131b3ab98f18e05441cc246aa8674c3842df0df2b40b57ac9fd0c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
64c0ff2f925e91076418a0311a8cd0ecd1e1bae9f3111bad3ae02cb7140486e8
6cca8de99dc2e16724daf0ca031553ba846fcde067ad3c87bb4db805ef82af0a
75e47c62e574a0498bae1db99704c71c6747ff4bca699b88e02de9d030fef67f
7b7fc41884f9369db038e9beb5a7c7bf2d754a1032e3c67a9b5e5fbd530cad07
899af7118726b26033f0cfcd94aa35343a8855b928a40cadc16c1a0ce5419997
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
943e9b87328e617dc5dde0f272231be8ac51d8f3d54ae169b47b4b87093e03bb
9c90d4af4915ff3986649148829d4e4515d61e91b6a4471c9a2cf5c6849776b4
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a932604416230684537f03bc523f1b5da6b10b7ee5be83e8b451f0bd8a59acd0
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b66a8d33ecd3c65f9f3823f4a95896be1cb7e6321d9b146f483a16048fd74ec0
ca355adae973f7a7a54ec975f265e2e45b531c170cd6c54a516130009c0bbe8d
ccce18dae18c1dcf433bb01f9e0ce5721e151b15ae2670bbbcc10eb39b03a9eb
ce6ffd9385e6ad26e64ae1ce4c80a459ec27056878301c6b941c10f43b58e742
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
d229bbd7fa550b09557a654fccbf0b0c75512085a9521ad147592fa2bc005e5e
d3e3d91c1049ef2c6fe0a210bc08b1a8f094c41687ace751adf3e5135220fefa
d685bd99eb085d690ef8172287b1b7e5aac6a7d7a8712cdd1029319102f46c96
d68792895f86c25ba4927823a2bbc062460c49c85d30003fd4795c26becdc51b
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e48df3857bfd7f796133deda147f01e73bd63b5b73457861c2d968c6c2e1378d
e8ed9cfdb3caea0b6f5cfa91df5aa6f1861e760115db0cc1901c90fb69069609
ea1ece673616b82840316d3236fc1a02a37f6eb1fcf653812c7117a3c11b315a
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f37fb29719b441eb569ded27a94e405544d3afc1d312167aeb6a3489f4962ae9
f9d63d94d11e65be863b3a754ace1b9f2fa71e5e874d7b0ad2ca3e9a831cf3fa
fbfb0374024b9200648edd21a00a15c01ec1febb2dce0fd4df04e520b5393c4e