cettest.org Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bankguide.net/comerica-bank-login/
Effective URL:
https://cettest.org/comerica-bank-login/
Submission: On December 05 via api (December 5th 2023, 3:07:27 pm UTC) from US — Scanned from DE

Summary HTTP 149 Redirects Links 31 Behaviour Indicators

Summary

This website contacted 31 IPs in 6 countries across 24 domains to perform 149 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is cettest.org.
TLS certificate: Issued by E1 on November 14th 2023. Valid for: 3 months.

This is the only time cettest.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3035::ac43:a412	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3035::6815:3987	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:802::2008	15169 (GOOGLE) (GOOGLE)
1 1	2a04:4e42:600... 2a04:4e42:600::347	54113 (FASTLY) (FASTLY)
10	139.45.240.92 139.45.240.92	57304 (RUBY-AS) (RUBY-AS)
19	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	192.0.77.48 192.0.77.48	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3 18	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
29	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
3 4	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
3 5	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	37.252.171.52 37.252.171.52	29990 (ASN-APPNEX) (ASN-APPNEX)
2 3	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
6	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
1	142.250.185.230 142.250.185.230	15169 (GOOGLE) (GOOGLE)
4	138.201.84.244 138.201.84.244	24940 (HETZNER-AS) (HETZNER-AS)
1 4	138.201.63.149 138.201.63.149	24940 (HETZNER-AS) (HETZNER-AS)
3	91.121.248.44 91.121.248.44	16276 (OVH) (OVH)
1	2a0b:4d07:101::1 2a0b:4d07:101::1	44239 (PROINITY ...) (PROINITY PROINITY)
1 2	2a01:4f8:d0a:... 2a01:4f8:d0a:2321::2	24940 (HETZNER-AS) (HETZNER-AS)
1	167.233.14.134 167.233.14.134	24940 (HETZNER-AS) (HETZNER-AS)
1	3.11.198.160 3.11.198.160	() ()
1 2	142.250.186.70 142.250.186.70	15169 (GOOGLE) (GOOGLE)
1	18.66.147.120 18.66.147.120	() ()
1	52.84.45.58 52.84.45.58	() ()
2	35.176.121.206 35.176.121.206	() ()
149	31

1 2606:4700:3035::ac43:a412 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

bankguide.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::6815:3987 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

bankguide.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

cettest.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::347 (United States) 1 redirects

ASN54113 (FASTLY, US)

cdn.statically.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 139.45.240.92 (Russian Federation)

ASN57304 (RUBY-AS, RU)

notix.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org

s.w.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.18.98 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.36.155 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.171.52 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.84.244 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.244.84.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.63.149 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.149.63.201.138.clients.your-server.de

hal90009.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 91.121.248.44 (France)

ASN16276 (OVH, FR)
PTR: ip44.ip-91-121-248.eu

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a01:4f8:d0a:2321::2 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)

cdn.retailads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.233.14.134 (Hallbergmoos, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: lb-2.futalis.de

futalis.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.11.198.160 (None, )

ASN- ()

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.70 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net

5994599.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.120 (None, )

ASN- ()

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.84.45.58 (None, )

ASN- ()

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.176.121.206 (None, )

ASN- ()

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
48	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	903 KB
25	doubleclick.net 7 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 ad.doubleclick.net — Cisco Umbrella Rank: 139 5994599.fls.doubleclick.net — Cisco Umbrella Rank: 98422	200 KB
18	cettest.org cettest.org	131 KB
10	notix.io notix.io — Cisco Umbrella Rank: 17476	45 KB
8	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 37721 hal90009.redintelligence.net — Cisco Umbrella Rank: 205785	59 KB
8	gstatic.com www.gstatic.com fonts.gstatic.com	93 KB
6	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 138
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	3 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	319 KB
4	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com	1 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	4 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	307 KB
3	webgains.io analytics.webgains.io api.webgains.io	19 KB
3	medialead.de pv.medialead.de — Cisco Umbrella Rank: 47317	1013 B
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 229	2 KB
3	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2189 www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	retailads.net 1 redirects cdn.retailads.net — Cisco Umbrella Rank: 164531	6 KB
2	bankguide.net 2 redirects bankguide.net	1 KB
1	webgains.team cdn.track.production.webgains.team	447 B
1	webgains.com track.webgains.com	2 KB
1	futalis.de futalis.de — Cisco Umbrella Rank: 305788	401 B
1	office-partner.de adv.office-partner.de — Cisco Umbrella Rank: 128498	923 B
1	w.org s.w.org — Cisco Umbrella Rank: 3043	679 B
1	statically.io 1 redirects cdn.statically.io — Cisco Umbrella Rank: 9096	305 B
149	24

	Domain	Requested by
29	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
19	pagead2.googlesyndication.com	cettest.org pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
18	googleads.g.doubleclick.net	3 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
18	cettest.org	cettest.org
10	notix.io	cettest.org notix.io
6	www.googleadservices.com	googleads.g.doubleclick.net cettest.org
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	www.googletagservices.com	googleads.g.doubleclick.net
4	hal90009.redintelligence.net	1 redirects googleads.g.doubleclick.net hal90009.redintelligence.net
4	hal9000.redintelligence.net	googleads.g.doubleclick.net hal90009.redintelligence.net
4	fonts.gstatic.com	fonts.googleapis.com
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	www.gstatic.com	googleads.g.doubleclick.net
4	fonts.googleapis.com	googleads.g.doubleclick.net hal90009.redintelligence.net
4	www.googletagmanager.com	cettest.org www.googletagmanager.com adv.office-partner.de
3	pv.medialead.de	hal90009.redintelligence.net
3	www.google.com	2 redirects tpc.googlesyndication.com
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
2	api.webgains.io	analytics.webgains.io
2	5994599.fls.doubleclick.net	1 redirects googleads.g.doubleclick.net
2	cdn.retailads.net	1 redirects futalis.de
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	bankguide.net	2 redirects
1	adservice.google.com	5994599.fls.doubleclick.net
1	cdn.track.production.webgains.team	googleads.g.doubleclick.net
1	analytics.webgains.io	track.webgains.com
1	track.webgains.com	googleads.g.doubleclick.net
1	futalis.de	hal90009.redintelligence.net
1	adv.office-partner.de	hal90009.redintelligence.net
1	ad.doubleclick.net	googleads.g.doubleclick.net
1	region1.google-analytics.com	www.googletagmanager.com
1	s.w.org	cettest.org
1	cdn.statically.io	1 redirects
149	33

This site contains links to these domains. Also see Links.

Domain
hindi.cettest.org
webbanking.comerica.com
m.comerica.com
www.comerica.com
play.google.com
apps.apple.com
comerica.netxinvestor.com
www.myaccountaccess.com
cwc.comerica.com
comerica.com
cbc.comerica.com
comericaauth.innovestsystems.com
www.card-data.com
cctdonorfund.donorfirstx.com
www.facebook.com
x.com
telegram.me
api.whatsapp.com
akismet.com

Subject Issuer	Validity	Valid
cettest.org E1	`2023-11-14` - `2024-02-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
notix.io R3	`2023-09-15` - `2023-12-14`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.w.org Sectigo ECC Domain Validation Secure Server CA	`2022-12-06` - `2024-01-06`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
redintelligence.net R3	`2023-10-10` - `2024-01-08`	3 months	crt.sh
pv.medialead.de R3	`2023-12-04` - `2024-03-03`	3 months	crt.sh
adv.office-partner.de R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
*.futalis.de R3	`2023-10-13` - `2024-01-11`	3 months	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
cdn.retailads.net Encryption Everywhere DV TLS CA - G2	`2023-05-18` - `2024-05-17`	a year	crt.sh
*.webgains.io Amazon RSA 2048 M01	`2023-07-24` - `2024-08-22`	a year	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M03	`2023-08-30` - `2024-09-27`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 27 frames:

Primary Page: https://cettest.org/comerica-bank-login/
Frame ID: 07688798B8BB16FA17A8252B06CE2926
Requests: 36 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20190131/zrt_lookup_fy2021.html
Frame ID: 3C8CD134B5102725C038E5F7E12202E2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7514551766154384&output=html&adk=1812271804&adf=3025194257&lmt=1701436764&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x1080_l%7C140x1080_r&format=0x0&url=https%3A%2F%2Fcettest.org%2Fcomerica-bank-login%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701788842532&bpp=7&bdt=442&idt=370&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5316508558607&frm=20&pv=2&ga_vid=2029513641.1701788842&ga_sid=1701788843&ga_hid=1531119087&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079929%2C44807753%2C44807764%2C44808148%2C44808285%2C44809071%2C95320229&oid=2&pvsid=1389099523732639&tmod=648729593&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=390
Frame ID: CC996A36C242435AF7487AC43A5DB94A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7514551766154384&output=html&h=280&slotname=2254100345&adk=3504406088&adf=995376434&pi=t.ma~as.2254100345&w=1200&fwrn=4&fwrnh=100&lmt=1701436764&rafmt=1&format=1200x280&url=https%3A%2F%2Fcettest.org%2Fcomerica-bank-login%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701788842539&bpp=2&bdt=449&idt=387&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5316508558607&frm=20&pv=1&ga_vid=2029513641.1701788842&ga_sid=1701788843&ga_hid=1531119087&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=164&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079929%2C44807753%2C44807764%2C44808148%2C44808285%2C44809071%2C95320229&oid=2&pvsid=1389099523732639&tmod=648729593&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=391
Frame ID: FCCA0301EF86B784739EE8440DAB137B
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7514551766154384&output=html&h=280&slotname=2254100345&adk=2067144678&adf=4055265243&pi=t.ma~as.2254100345&w=816&fwrn=4&fwrnh=100&lmt=1701436764&rafmt=1&format=816x280&url=https%3A%2F%2Fcettest.org%2Fcomerica-bank-login%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701788842541&bpp=1&bdt=451&idt=396&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=5316508558607&frm=20&pv=1&ga_vid=2029513641.1701788842&ga_sid=1701788843&ga_hid=1531119087&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=190&ady=820&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079929%2C44807753%2C44807764%2C44808148%2C44808285%2C44809071%2C95320229&oid=2&pvsid=1389099523732639&tmod=648729593&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=400
Frame ID: 032E030CE03144D248A7B7FD235B5B8F
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7514551766154384&output=html&h=280&slotname=2254100345&adk=1753697443&adf=1266304483&pi=t.ma~as.2254100345&w=549&fwrn=4&fwrnh=100&lmt=1701436764&rafmt=1&format=549x280&url=https%3A%2F%2Fcettest.org%2Fcomerica-bank-login%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701788842542&bpp=1&bdt=452&idt=436&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C816x280&nras=1&correlator=5316508558607&frm=20&pv=1&ga_vid=2029513641.1701788842&ga_sid=1701788843&ga_hid=1531119087&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=326&ady=1203&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079929%2C44807753%2C44807764%2C44808148%2C44808285%2C44809071%2C95320229&oid=2&pvsid=1389099523732639&tmod=648729593&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=440
Frame ID: 976612A656C2F36D86178E6FDD582882
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7514551766154384&output=html&h=280&slotname=2254100345&adk=2067144678&adf=2898655329&pi=t.ma~as.2254100345&w=816&fwrn=4&fwrnh=100&lmt=1701436764&rafmt=1&format=816x280&url=https%3A%2F%2Fcettest.org%2Fcomerica-bank-login%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701788842543&bpp=1&bdt=454&idt=444&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C816x280%2C549x280&nras=1&correlator=5316508558607&frm=20&pv=1&ga_vid=2029513641.1701788842&ga_sid=1701788843&ga_hid=1531119087&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=190&ady=2974&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079929%2C44807753%2C44807764%2C44808148%2C44808285%2C44809071%2C95320229&oid=2&pvsid=1389099523732639&tmod=648729593&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=448
Frame ID: 68980BE5EE99621886B61E762983507E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 0933DCD439341EFEC3359597C8049723
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNW8qKpTBmWqUIyLsQ9jg7dcMlXclr4-TuSuxbCVW2XdfCypwQuy3oJGl50YRBI-tRvf55G78WQfAwkiKL-tWPvN9nm3XAaIIGlzslkP8NEUZ9IHrTW0i7bEHUFdxx2kD-Lyw_IOfN8dOeVfCVIM5dayMUmlVPD2aoSvkji60u414j1HLe0
Frame ID: 967BA95D3FF22EE2D34167B8117AFAD6
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: B5CF03BAB1F7B2A7AC69931D1D98011E
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7514551766154384&output=html&h=280&adk=430837545&adf=2755680023&pi=t.aa~a.3039439558~i.31~rp.4&w=816&fwrn=4&fwrnh=100&lmt=1701436764&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1635201990&ad_type=text_image&format=816x280&url=https%3A%2F%2Fcettest.org%2Fcomerica-bank-login%2F&ea=0&fwr=0&pra=3&rh=200&rw=816&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701788844214&bpp=1&bdt=2124&idt=1&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32a4c756c012f505%3AT%3D1701788843%3ART%3D1701788843%3AS%3DALNI_MZFl5nP-tDkgeL3VM-MdQubyMqmcQ&gpic=UID%3D00000d0b24463e92%3AT%3D1701788843%3ART%3D1701788843%3AS%3DALNI_MYiydFmTAFivVFjN1M95V2XqqX1gA&prev_fmts=0x0%2C1200x280%2C816x280%2C549x280%2C816x280&nras=2&correlator=5316508558607&frm=20&pv=1&ga_vid=2029513641.1701788842&ga_sid=1701788843&ga_hid=1531119087&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=190&ady=3559&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079929%2C44807753%2C44807764%2C44808148%2C44808285%2C44809071%2C95320229&oid=2&pvsid=1389099523732639&tmod=648729593&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=3&fsb=1&dtd=21
Frame ID: 41C7F72019FB806DE3CACD19D3428E14
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: B96F61D4884C6FAF695D415086D4C309
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 6F0A4D168F854370B33302588E29918E
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js
Frame ID: FC4E4E5BC7DE82B2104DB918A06D4A83
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 73FE8AF63477C94C50B7023AF8D9EBE3
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js
Frame ID: 9CE067F14DBAAFAA26F4B8F3856EE4C2
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 14C7A437CB4023C3003E574FF20B5372
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js
Frame ID: 38EDFF91FE4F66EBA26708B3030B9FFA
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: CCFB4A318DAA5E799CAF9DE1A49EA7CF
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js
Frame ID: F3C764398FB0F3A4AFF0BA4C260BBF8A
Requests: 1 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=74828600138097904444994012529009&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: BF1EBE98FAADAE4D1B9AD4C10F8A25D6
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 55AEE41A4BE5426C0AE04D2587BE2CCD
Requests: 3 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3365337772
Frame ID: 99A4167A313B2E4AF886994E062BC6BB
Requests: 2 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CIywlb3J-IIDFccPogMdjE4HcQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6296575581204.36
Frame ID: A03A518D6CFDB78DBE399CB4DD201716
Requests: 2 HTTP requests in this frame

Frame: https://hal90009.redintelligence.net/request_content.php?s=74828600138097904444994012529009&a=7e10b066
Frame ID: 7E364FBB8631962EAF43407F59CD650B
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1C2774B6830DCD31FEF1C5AA70719729
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 34D650B6F5BED8542BFACA159615705E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Comerica Web Banking Login 2023 [❤️Easy Account Access]

Page URL History Show full URLs

http://bankguide.net/comerica-bank-login/ HTTP 301
https://bankguide.net/comerica-bank-login/ HTTP 301
https://cettest.org/comerica-bank-login/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

149
Requests

93 %
HTTPS

52 %
IPv6

24
Domains

33
Subdomains

31
IPs

6
Countries

2107 kB
Transfer

5340 kB
Size

20
Cookies

31 Outgoing links

These are links going to different origins than the main page.

URL: https://hindi.cettest.org/
Title: Hindi

Search URL Search Domain Scan URL

URL: https://webbanking.comerica.com/
Title: Visit here to log in and access your online banking account

Search URL Search Domain Scan URL

URL: https://m.comerica.com/
Title: Visit this page to access mobile banking through a web browser

Search URL Search Domain Scan URL

URL: https://webbanking.comerica.com/Comerica/Enrollment/Enroll.aspx
Title: Visit this page to enroll for the online banking services

Search URL Search Domain Scan URL

URL: https://webbanking.comerica.com/Comerica/Login.aspx
Title: https://webbanking.comerica.com/Comerica/Login.aspx

Search URL Search Domain Scan URL

URL: https://www.comerica.com/
Title: official website

Search URL Search Domain Scan URL

URL: https://www.comerica.com/personal-finance/banking/online-services/mobile-banking.html
Title: Mobile banking page

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.comerica.mobilebanking&hl=en_US&gl=US
Title: Android app

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/app/comerica-mobile-banking/id403598968
Title: iOS app

Search URL Search Domain Scan URL

URL: https://comerica.netxinvestor.com/nxi/login
Title: https://comerica.netxinvestor.com/nxi/login

Search URL Search Domain Scan URL

URL: https://comerica.netxinvestor.com/
Title: Comerica Securities page

Search URL Search Domain Scan URL

URL: https://www.myaccountaccess.com/onlineCard/login.do?theme=elan1&loc=08613
Title: https://www.myaccountaccess.com/onlineCard/login.do?theme=elan1&loc=08613

Search URL Search Domain Scan URL

URL: https://cwc.comerica.com/ComericaWealthConnect/login.html
Title: https://cwc.comerica.com/ComericaWealthConnect/login.html

Search URL Search Domain Scan URL

URL: https://comerica.com/
Title: official website

Search URL Search Domain Scan URL

URL: https://cwc.comerica.com/ComericaWealthConnect/1849-login.html
Title: https://cwc.comerica.com/ComericaWealthConnect/1849-login.html

Search URL Search Domain Scan URL

URL: https://cbc.comerica.com/pkmslogin.form
Title: https://cbc.comerica.com/pkmslogin.form

Search URL Search Domain Scan URL

URL: https://comericaauth.innovestsystems.com/console-selfservice/SelfService.do
Title: https://comericaauth.innovestsystems.com/console-selfservice/SelfService.do

Search URL Search Domain Scan URL

URL: https://www.card-data.com/ComericaCardManagementSystem/Security/Login.aspx
Title: www.card-data.com/ComericaCardManagementSystem/Security/Login.aspx

Search URL Search Domain Scan URL

URL: https://cctdonorfund.donorfirstx.com/login
Title: cctdonorfund.donorfirstx.com/login

Search URL Search Domain Scan URL

URL: https://webbanking.comerica.com/Comerica/ForgottenPassword/ForgotYourPassword.aspx
Title: webbanking.comerica.com/Comerica/ForgottenPassword/ForgotYourPassword.aspx

Search URL Search Domain Scan URL

URL: https://www.comerica.com/business.html
Title: www.comerica.com/business.html

Search URL Search Domain Scan URL

URL: https://cbc.comerica.com/
Title: cbc.comerica.com

Search URL Search Domain Scan URL

URL: https://www.myaccountaccess.com/onlineCard/login.do
Title: www.myaccountaccess.com/onlineCard/login.do

Search URL Search Domain Scan URL

URL: https://www.comerica.com/site-tools/resources/terms-conditions.html
Title: www.comerica.com/site-tools/resources/terms-conditions.html

Search URL Search Domain Scan URL

URL: https://www.comerica.com/site-tools/resources/privacy-notice.html
Title: www.comerica.com/site-tools/resources/privacy-notice.html

Search URL Search Domain Scan URL

URL: https://webbanking.comerica.com/Comerica/login.aspx
Title: Web Banking login

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fcettest.org%2Fcomerica-bank-login%2F&title=Comerica%20Web%20Banking%20Login%202023%20%5B%E2%9D%A4%EF%B8%8FEasy%20Account%20Access%5D
Title: Facebook

Search URL Search Domain Scan URL

URL: https://x.com/share?url=https%3A%2F%2Fcettest.org%2Fcomerica-bank-login%2F&text=Comerica%20Web%20Banking%20Login%202023%20%5B%E2%9D%A4%EF%B8%8FEasy%20Account%20Access%5D
Title: Twitter

Search URL Search Domain Scan URL

URL: https://telegram.me/share/url?url=https%3A%2F%2Fcettest.org%2Fcomerica-bank-login%2F&text=Comerica%20Web%20Banking%20Login%202023%20%5B%E2%9D%A4%EF%B8%8FEasy%20Account%20Access%5D
Title: Telegram

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=Comerica%20Web%20Banking%20Login%202023%20%5B%E2%9D%A4%EF%B8%8FEasy%20Account%20Access%5D%20%E2%80%94%20https%3A%2F%2Fcettest.org%2Fcomerica-bank-login%2F
Title: Whatsapp

Search URL Search Domain Scan URL

URL: https://akismet.com/privacy/
Title: Learn how your comment data is processed

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bankguide.net/comerica-bank-login/ HTTP 301
https://bankguide.net/comerica-bank-login/ HTTP 301
https://cettest.org/comerica-bank-login/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://cdn.statically.io/img/cettest.org/wp-content/uploads/2020/09/logo.png?w=125&quality=100&f=auto HTTP 302
https://cettest.org/wp-content/uploads/2020/09/logo.png

Request Chain 66

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDdXx29jcIoboNvHd6iV_8c&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDdXx29jcIoboNvHd6iV_8c&google_cver=1&C=1

Request Chain 67

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZW88rKDsuNoX00riyzwcgAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDdXx29jcIoboNvHd6iV_8c&google_cver=1

Request Chain 68

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEI-YPZGEcFCcfd6bc5iQxsc&google_cver=1

Request Chain 69

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTg3ODk2NjE0ODM0NjY0Njg4

Request Chain 71

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 75

https://googleads.g.doubleclick.net/pagead/adview?ai=CkF5LqjxvZezHO-CYjuwPmOmSKN-GwM9088vZmqcSr_P1178xEAEgwujie2CVgoCAlAegAe-whdwoyAECqQK4mNzOwSuyPqgDAcgDyQSqBIQCT9AmVHrceJDNu1c1NRBL9h0gbiXEObCw53EgmXNuolGRwg0IIRjyiWD6RNxjntojw9tIZT2xNI-7LkZTJ_uSIGi-p5tuogRrxl1d5RflgbwNgMgEPgHfr-Sj6W6RA-0lnE7mN1xlYnPx4AS5q4qAdaOaW_pB6jxCVQKCOsEKukbwjN49gTSdUxdLXAu3GmfdQOlxvF7S0zEibViVckVde1Qo2xDYXy4DfYgf_JSNzD626iln6lIfhAlTNT-Iw_zUzDe3tNcpOBXqqjTK5cJZ7ZS68iGiF5VAbClzqomnuiBnN5W9hjdWrnDLd8Sx-ymo03B_U0-jWlyJ_8shyicp_NSLdirABMuPxt-7BIgF3aK3xEKSBQQIBBgBkgUECAUYBKAGAoAH7-jVuwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBCVkgPSCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WLag37vJ-IIDmgklaHR0cHM6Ly9tZXZpeS5taXN1bWktZWMuY29tL2VuX2diLWdiL4AKAcgLAaIMFCoSChDktLEC7rWxArW4sQK7u7EC2BMN0BUBmBYBgBcBshccChoIABIUcHViLTc1MTQ1NTE3NjYxNTQzODQYAA&sigh=5_DJfgyLiyY&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwDICaaN5Vayy8-S0kP2NpzmA9eArJS9P6KxNSW0xdTrwpSkvZNfotxtS_GYuoPVWxEsjlPvG96j02dgrxH5HEWBJXpSMgNxLTtbyuN6SrMYAQ&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221362433489313709837%22,%22debug_reporting%22:true,%22destination%22:%22https://misumi-ec.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210930444399%22],%224%22:[%2212-05%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211072181518620505537%22}&andc=true

Request Chain 81

https://googleads.g.doubleclick.net/pagead/adview?ai=C9k3dqjxvZdDxOrWajuwPrtyTwA2fvKHTdJ35_6j5EdKq7b-HQBABIMLo4ntglYKAgJQHoAGm1tvcKcgBCakCuJjczsErsj6oAwHIA8sEqgSFAk_Q7yHGYnOfcKwMdQ0a7awXeR65v8bpA529SsqzAeDMBq5VmkJjr7kcqNCQDif2kqJMDBSUmbESY3PKylYRgO10HGklVlwW_EZm-wqV8M6Cd9Zu1qFW-YtP9Sog7zGDi9rO9ECNRS84gaTv2YnIp9UIviq7DxFJa9mhUoDeyn0h1lWQETgXMt7goI5Z-sn2splZR0sg6Ez-PLJqPDtj0e6iJXFIWCreqytLh6obAY63IZ-KAT9B8lUtaqUOkpASPCSVQYYHisBWYnVPKGqk4wZrGERtm4uWX8GVZQkTiz4EbeHU_K9dCGt12oUlBPIlhGVO2hPMzJzU1QJHlZjAaUtcVnLTv8AEmYbK97UEiAXZxcDATJIFBAgEGAGSBQQIBRgEoAYugAemjqy8BKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEN3CBdIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY0czeu8n4ggOaCdIBaHR0cHM6Ly93d3cuc29sYXJhbmxhZ2VuLW1hZ2F6aW4uZGUvc29sYXJhbmxhZ2UtcmVjaG5lcj91dG1fc291cmNlPUdvb2dsZSUyMERpc3BsYXlfc20mdXRtX2NhbXBhaWduPTIwNTM2MzY5ODgxJnV0bV90ZXJtPTE1MTkxNjgwNjkzNyZ1dG1fY29udGVudD02ODE2NjM4Mzg1NTMmdXRtX3BsYWNlbWVudD1jZXR0ZXN0Lm9yZyZ1dG1fZGV2aWNlPWMmZGV2aWNlbW9kZWw9gAoByAsBogwQKg4KDOS0sQLutbECtbixArgT5APYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItNzUxNDU1MTc2NjE1NDM4NBgA&sigh=1s8Ve1h5T4o&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwDICaaNHuQa2jQmRiis-VwiGinE_rakanHxAMxhEjLPdgf_9r3doPLT2D8GQ1igAmdITPA2Jdj_g4y250zBk0T9gS4uGb77KOaG5Qrk_bsYAQ&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213660870446669704984%22,%22debug_reporting%22:true,%22destination%22:%22https://solaranlagen-magazin.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211200293670%22],%224%22:[%2212-05%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224102231054251198849%22}&andc=true

Request Chain 106

https://googleads.g.doubleclick.net/pagead/adview?ai=C4CmpqzxvZdugBaO_vcAP4p-AoA6RjImHdK7BtvKnEu6_i6nePBABIMLo4ntglYKAgJQHoAH75N-YA8gBAqkCuJjczsErsj6oAwHIA8mEgIAEqgSHAk_QVAIPoyKjTi5cgJGcaFxmfpyqK3dvfjWA6DUkVbiHndieck2VpACyCFaHEr2U1S5C2KpnMagcP1Ma8IAVpxmM7NBxgxIVNbs6nnpKv1xequaZ0yu_1T814JoNay3qylNTH-rMWZK9E2OllLh1Wgle677lDnNUs5Isox2D5cP3m3EeqUuVb8qCPEISEsV6y44jcobis_iKbVP-duG-FR7iGIebJ5cyOPsrlTqJvfN70emalAmkLd42y0-asNzJ_c8EM1cS5hEYNVr33wcMqDd0_dB9bF4mQdMioXZYmcOikg6zL0b5JPN0KcnzMldeXs1CMuegBQ9FeeLcoJO_Xpaf92-rhVWZwAS14sHIrQSIBfaI669LkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB-2aoGeoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBD4li_SCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WN-Z3rvJ-IIDmgnsAWh0dHBzOi8vd3d3LmVucGFsLmRlL2FydGlrZWwyL21laHItYWxzLWRhcy1zb2xsdGVuLXNvbGFyYW5sYWdlbi1pbi0yMDIzLW5pY2h0LWtvc3Rlbj91dG1fc291cmNlPUdvb2dsZSUyMERpc3BsYXkmdXRtX2NhbXBhaWduPTIwMjMyOTc5NTc0JnV0bV90ZXJtPTE0OTY3MDYyMTQ5MyZ1dG1fY29udGVudD02ODM0NDc3MzAzODEmdXRtX3BsYWNlbWVudD1jZXR0ZXN0Lm9yZyZ1dG1fZGV2aWNlPWMmZGV2aWNlbW9kZWw9gAoByAsBogwQKg4KDOS0sQLutbECtbixAtgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi03NTE0NTUxNzY2MTU0Mzg0GAA&sigh=p-FiZ9s5ZHU&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgDICaaNVnxV2snz5bAlfSDiEiYpZk6Bnd3Av4bMyZMeeAnhqGrEuK_L8L4DyLDeA2GrGCC52rZFyqPwAfbuF2EzLTaETLMbiGHL3qVMFRgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210527982365460858973%22,%22debug_reporting%22:true,%22destination%22:%22https://enpal.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22857207419%22],%224%22:[%2212-05%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210468161930946269137%22}&andc=true

Request Chain 107

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 114

https://hal90009.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=6eaddb6ee0&subid=&uid=4fe51a5f706f9e4b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCVX3-qzxvZf3zCNaavcAPgfKzIKblvaBpvZOcp8kP8C4QASDC6OJ7YJWCgICUB8gBCakCuJjczsErsj6oAwHIA5sEqgSVAk_Qdwlr2XX99OBzZzjCDzPygllhMJSP-DVyCVsB_ltzUQdbtxbkXjOOyt19OgZ8Xcq1-kEKe2ukoqFWrFZWCWMhVCdVWkJjTDE13qD4aYYMYW2C3zlCw3YjF2W6Xj50IjQL_a_hv2fXaEnWjtNwO7JMcsAuTheRLYbXs_qXI9tSk50bQohtFBx1Ap7Y8dwNtUW6OqNep-_ew1HCmuGkFaO-Dl8AFjoqaqp-J2jI2btu3uZVCnk8CXzdouMJFUY8DyHEChZpmQlrVS-fPoQcbnjGN4WfZSrmtZhgI7Skv3Vya5-lHtloskM6TqTkHhrZ1XSGVD2aYY7UHAJr6DvGO2EcpgR4m3bRa0PHwvBJJ8MKoNpw59PABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY-ujhu8n4ggOACgGYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNxFApLX_pwqOGmwFG42Fvz7jf9uKUJ2HWWX7vNWexZeuAquhLQBwKXmwS63-bKtLiyCpLAE1HtHOmmeM9Smc0LrID2p8twU7hDxgB%26sig%3DAOD64_3-1hASw1_3JXDMUP9DU7s4yWJ3SQ%26client%3Dca-pub-7514551766154384%26dbm_c%3DAKAmf-AdPz01zhkQbBDylIPpGFF2xcX43-fHVAPKhg-nek5x176g3R3bm2xTKTA9XIgDL_66zWP8kksaguDRw8az6rOppYx0K3nNrF5Kye9dxWvjLi5jIxm9dQysaQCHMT0HRwdA-mZImbz22JXHa9Wf1qA_eXLOocCoRBeEx35QbusMWPXkrj8%26cry%3D1%26dbm_d%3DAKAmf-D7O5o_d5PX4Zx7wuClqZ0EZcZB2EA3dJmvl22QZ7zhs6m1bTg3FAhE2fvEqRFnN0prA28QcE0XF_oYllOg47gUGY7BybaynJmJe00CTSfrg3yNKJGQkBoVPIZMUeNBtY29eN5CoIHQOkHmN_6WHX1FQsOLrh-K_zwbZ2b7owdZbWhXvlqnt-6SSLtNVzjtgiFgMIPaVCNO9a0uA6XH58UqRhPBMLY2tHq-WhhWtijWg9_lQgTIZFo0HMuurvhRPqNMBuwrJriCZZjq0IDzxw2prqgLO4E-IUuWBzgcZx9EHPqIPrwl4A1i5T6sV9xHp12maB_a7rJDm8fj2u0uohvMd6bgYQ3yzP6bfwSxVS-KSR7dM-k0XeGuVRx_W8G9mdGHP4lRZr2Q86GCIj1ExZohByQgufBzKsBnZaxhMB31xJgOYfr_TUYX9V0V3NiD2OlopkbId1c69gr3KeMJCJFTxrl60Jgll5ydC3DsCRdkGhIRILDxaasRYz_PrCoQqLisLurjBrkxSXCCFRNeXBuR37OuHS64_01t2uSI3W5U2jYiE89X5o0Q4Aog6g6DV4aBfL3m%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-7514551766154384%26output%3Dhtml%26h%3D280%26slotname%3D2254100345%26adk%3D1753697443%26adf%3D1266304483%26pi%3Dt.ma~as.2254100345%26w%3D549%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1701436764%26rafmt%3D1%26format%3D549x280%26url%3Dhttps%253A%252F%252Fcettest.org%252Fcomerica-bank-login%252F%26ea%3D0%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1701788842542%26bpp%3D1%26bdt%3D452%26idt%3D436%26shv%3Dr20231130%26mjsv%3Dm202311300101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C1200x280%252C816x280%26nras%3D1%26correlator%3D5316508558607%26frm%3D20%26pv%3D1%26ga_vid%3D2029513641.1701788842%26ga_sid%3D1701788843%26ga_hid%3D1531119087%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D326%26ady%3D1203%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C31079929%252C44807753%252C44807764%252C44808148%252C44808285%252C44809071%252C95320229%26oid%3D2%26pvsid%3D1389099523732639%26tmod%3D648729593%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CeEbr%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D4%26uci%3Da!4%26btvi%3D1%26fsb%3D1%26dtd%3D440&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fcettest.org&random=5117799607512&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal90009.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=6eaddb6ee0&subid=&uid=4fe51a5f706f9e4b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCVX3-qzxvZf3zCNaavcAPgfKzIKblvaBpvZOcp8kP8C4QASDC6OJ7YJWCgICUB8gBCakCuJjczsErsj6oAwHIA5sEqgSVAk_Qdwlr2XX99OBzZzjCDzPygllhMJSP-DVyCVsB_ltzUQdbtxbkXjOOyt19OgZ8Xcq1-kEKe2ukoqFWrFZWCWMhVCdVWkJjTDE13qD4aYYMYW2C3zlCw3YjF2W6Xj50IjQL_a_hv2fXaEnWjtNwO7JMcsAuTheRLYbXs_qXI9tSk50bQohtFBx1Ap7Y8dwNtUW6OqNep-_ew1HCmuGkFaO-Dl8AFjoqaqp-J2jI2btu3uZVCnk8CXzdouMJFUY8DyHEChZpmQlrVS-fPoQcbnjGN4WfZSrmtZhgI7Skv3Vya5-lHtloskM6TqTkHhrZ1XSGVD2aYY7UHAJr6DvGO2EcpgR4m3bRa0PHwvBJJ8MKoNpw59PABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY-ujhu8n4ggOACgGYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNxFApLX_pwqOGmwFG42Fvz7jf9uKUJ2HWWX7vNWexZeuAquhLQBwKXmwS63-bKtLiyCpLAE1HtHOmmeM9Smc0LrID2p8twU7hDxgB%26sig%3DAOD64_3-1hASw1_3JXDMUP9DU7s4yWJ3SQ%26client%3Dca-pub-7514551766154384%26dbm_c%3DAKAmf-AdPz01zhkQbBDylIPpGFF2xcX43-fHVAPKhg-nek5x176g3R3bm2xTKTA9XIgDL_66zWP8kksaguDRw8az6rOppYx0K3nNrF5Kye9dxWvjLi5jIxm9dQysaQCHMT0HRwdA-mZImbz22JXHa9Wf1qA_eXLOocCoRBeEx35QbusMWPXkrj8%26cry%3D1%26dbm_d%3DAKAmf-D7O5o_d5PX4Zx7wuClqZ0EZcZB2EA3dJmvl22QZ7zhs6m1bTg3FAhE2fvEqRFnN0prA28QcE0XF_oYllOg47gUGY7BybaynJmJe00CTSfrg3yNKJGQkBoVPIZMUeNBtY29eN5CoIHQOkHmN_6WHX1FQsOLrh-K_zwbZ2b7owdZbWhXvlqnt-6SSLtNVzjtgiFgMIPaVCNO9a0uA6XH58UqRhPBMLY2tHq-WhhWtijWg9_lQgTIZFo0HMuurvhRPqNMBuwrJriCZZjq0IDzxw2prqgLO4E-IUuWBzgcZx9EHPqIPrwl4A1i5T6sV9xHp12maB_a7rJDm8fj2u0uohvMd6bgYQ3yzP6bfwSxVS-KSR7dM-k0XeGuVRx_W8G9mdGHP4lRZr2Q86GCIj1ExZohByQgufBzKsBnZaxhMB31xJgOYfr_TUYX9V0V3NiD2OlopkbId1c69gr3KeMJCJFTxrl60Jgll5ydC3DsCRdkGhIRILDxaasRYz_PrCoQqLisLurjBrkxSXCCFRNeXBuR37OuHS64_01t2uSI3W5U2jYiE89X5o0Q4Aog6g6DV4aBfL3m%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-7514551766154384%26output%3Dhtml%26h%3D280%26slotname%3D2254100345%26adk%3D1753697443%26adf%3D1266304483%26pi%3Dt.ma~as.2254100345%26w%3D549%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1701436764%26rafmt%3D1%26format%3D549x280%26url%3Dhttps%253A%252F%252Fcettest.org%252Fcomerica-bank-login%252F%26ea%3D0%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1701788842542%26bpp%3D1%26bdt%3D452%26idt%3D436%26shv%3Dr20231130%26mjsv%3Dm202311300101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C1200x280%252C816x280%26nras%3D1%26correlator%3D5316508558607%26frm%3D20%26pv%3D1%26ga_vid%3D2029513641.1701788842%26ga_sid%3D1701788843%26ga_hid%3D1531119087%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D326%26ady%3D1203%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C31079929%252C44807753%252C44807764%252C44808148%252C44808285%252C44809071%252C95320229%26oid%3D2%26pvsid%3D1389099523732639%26tmod%3D648729593%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CeEbr%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D4%26uci%3Da!4%26btvi%3D1%26fsb%3D1%26dtd%3D440&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fcettest.org&random=5117799607512&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 120

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=74828600138097904444994012529009&ra_cnt_active=1&ra_cnt=1 HTTP 302
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3365337772

Request Chain 126

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6296575581204.36 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CIywlb3J-IIDFccPogMdjE4HcQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6296575581204.36

149 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
cettest.org/comerica-bank-login/
Redirect Chain

http://bankguide.net/comerica-bank-login/
https://bankguide.net/comerica-bank-login/
https://cettest.org/comerica-bank-login/

190 KB
54 KB

544ms
411ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cettest.org/comerica-bank-login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 330f05a0465e6632bec75cbd4202a8d05a78796fe1ea28b2c5424ea57081e3bc

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 12221
alt-svc: h3=":443"; ma=86400
cache-control: max-age=0
cache-provider: CLOUDWAYS-CACHE-DE
cf-cache-status: DYNAMIC
cf-ray: 830d32c49ef22bd3-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 05 Dec 2023 15:07:22 GMT
expires: Tue, 05 Dec 2023 11:43:40 GMT
last-modified: Fri, 01 Dec 2023 13:19:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C2Mu1ui1bFt6xMXvlnU0OPimwd%2BTB3x%2FPwgLNYp5KHSA%2BeUR%2FY4f%2BN6JS09Tcz5g%2FQrMxRUcvE9gevJIdJSCJlpNpJjom5UYTX15dMnzpfjyQ6mN9MM76%2F1VsM%2FHGwHLZPAwJgoDo66ang%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-cache: HIT

Redirect headers

age: 12221
alt-svc: h3=":443"; ma=86400
cache-control: max-age=0
cf-cache-status: DYNAMIC
cf-ray: 830d32c1192d65a9-FRA
content-type: text/html; charset=iso-8859-1
date: Tue, 05 Dec 2023 15:07:21 GMT
expires: Tue, 05 Dec 2023 11:43:39 GMT
location: https://cettest.org/comerica-bank-login/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZL%2BV2LhscTzEhgg7V0cwtGMIoVzCyskOkje0n%2F%2FVEDS3LMjglpois2G72tKA8%2B%2F6qpYJEpbVzWy2S7TrgCXCmsXh%2BlWDbeIjcz8axXopwgFAfACNaqGcRzzyP1QZ%2FLFRsc12B7LsNn%2F8HY95"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-cache: HIT

GET
H2 200 style.min.css
cettest.org/wp-includes/css/dist/block-library/ 107 KB
15 KB 58ms
53ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cettest.org/wp-includes/css/dist/block-library/style.min.css?ver=6.4.1
Requested by: Host: cettest.org
URL: https://cettest.org/comerica-bank-login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cettest.org/comerica-bank-login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:07:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 19 Nov 2023 06:34:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 86331
etag: W/"6559ac88-1add3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cn23aFLMtCQIp05UjJZxE1RiMiKGD%2Fp7m9m4xwWaFIo6DLXp8d1my2wVLk8wJJfRbPiS6zWLcfnoPuf8wIjAHs4zV5NTuvRK3YxGThECU4UzV9GinJ8UHHmCpTDLpLNUeDCS8r5%2Bq72GmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 830d32c73a3f2bd3-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 text-only.min.css
cettest.org/wp-content/plugins/contextual-related-posts/css/ 38 B
397 B 53ms
50ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cettest.org/wp-content/plugins/contextual-related-posts/css/text-only.min.css?ver=3.4.1
Requested by: Host: cettest.org
URL: https://cettest.org/comerica-bank-login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61af24b5c9f2ee879adfadbe3789e9f1866717e1389949d9dec17b26bc18dd71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cettest.org/comerica-bank-login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:07:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 19 Nov 2023 06:35:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 86332
etag: W/"6559acbc-26"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GiAQRBK%2Bz84u8okC8YGNLqmLE64BlT1du3cwavV%2FQOy17V5VF4At%2FOjUCoWPP4WwXCEQbokvqvRoQRk9woBKJiqnz3jkZUelsZ4wHUGViwY5YmOo8B5nnmMMG7tc303%2FII9brQbo0GLiJw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 830d32c73a402bd3-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 notix-public.css
cettest.org/wp-content/plugins/notix-web-push-notifications/public/css/ 1 KB
699 B 58ms
54ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cettest.org/wp-content/plugins/notix-web-push-notifications/public/css/notix-public.css?ver=1.2.1
Requested by: Host: cettest.org
URL: https://cettest.org/comerica-bank-login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6738331b4ac9f5a9c6c2cad8fa28ea9a6834d28bdc5ebcb545ec7a4acd6795e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cettest.org/comerica-bank-login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:07:22 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 86332
cf-polished: origSize=1403
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 31 Oct 2023 05:39:55 GMT
server: cloudflare
etag: W/"6540932b-57b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nmIhHaITF1P9mNctjA3qzhYPN5AFTeEOqhKsBCQvuZD3lWnqmn%2BtE%2B9qj3iOaFUrShBsrv7LqWrcpZmhmcxyTHjb8mchKiZHDN7ikBad4%2F3MVBRG4%2FCiqi0yD%2FZTB%2BvZuH2NzY2vq%2B97TQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 830d32c73a412bd3-FRA

GET
H2 200 style.min.css
cettest.org/wp-content/plugins/turn-rank-math-faq-block-to-accordion/assets/css/ 1 KB
674 B 55ms
52ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cettest.org/wp-content/plugins/turn-rank-math-faq-block-to-accordion/assets/css/style.min.css?ver=1.1.0
Requested by: Host: cettest.org
URL: https://cettest.org/comerica-bank-login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5d086ab8dd7703a41e01c913e225fafdc942be3bbd121dbd3c615f33091875f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cettest.org/comerica-bank-login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:07:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 04 Jun 2022 07:44:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 86331
etag: W/"629b0d75-425"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E03paXCgbu%2B9vo6ZaxZrO20Bz6OSaotmEB2csLF7%2BIcM3ZemHEykCB9LUejLpbCmSnFiSRlz0qbnjG29Y9NarzyX2quA2r1z49czpnMEJu%2Bw3q%2B8y86aKpJB9u5I%2BSdz2mk0EklF7VoNpg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 830d32c73a452bd3-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 comments.min.css
cettest.org/wp-content/themes/generatepress/assets/css/components/ 1 KB
876 B 54ms
51ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cettest.org/wp-content/themes/generatepress/assets/css/components/comments.min.css?ver=3.3.1
Requested by: Host: cettest.org
URL: https://cettest.org/comerica-bank-login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7308904efc8da3847aab82f9ab35918e8faccef6a04a6c657251759f30a8fb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cettest.org/comerica-bank-login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:07:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 05 Sep 2023 16:19:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 86331
etag: W/"64f7552e-5d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Seib%2Bxy5eeZK5VL5428UPmmp3Mz0wFoEdVeSrYWCSvAemWoyHZHGFJRjQlZe6W0gtz%2BIyNhzlyuwadf8VapJhCBnas9pxVOEE%2FqW27YXFR22GT2JKfd2Zt0rvizA6OEBI%2BQSP%2Blky9hJTg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 830d32c73a472bd3-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 widget-areas.min.css
cettest.org/wp-content/themes/generatepress/assets/css/components/ 3 KB
1 KB 60ms
57ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cettest.org/wp-content/themes/generatepress/assets/css/components/widget-areas.min.css?ver=3.3.1
Requested by: Host: cettest.org
URL: https://cettest.org/comerica-bank-login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6b4122b94b82886e32952c07c78d342647b3a38a2834f4489e0922308a95eab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cettest.org/comerica-bank-login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:07:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 05 Sep 2023 16:19:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 86330
etag: W/"64f7552e-d1e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gMAcMlBNLqktTB2gBmRvnPUOvq0De9nkRAEf7%2FuTFVKNpc2jLY0aWitL%2FfO3XnJqdieNdHND9iJb53i1iCwixfJAwSAiEwIJtlSWQoQ8CKGxV8Iucv78u75LS%2F7RKkX9vsxtzK2g4BwoKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 830d32c73a482bd3-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 main.min.css
cettest.org/wp-content/themes/generatepress/assets/css/ 19 KB
5 KB 57ms
56ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cettest.org/wp-content/themes/generatepress/assets/css/main.min.css?ver=3.3.1
Requested by: Host: cettest.org
URL: https://cettest.org/comerica-bank-login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0468af8d74ba377eec707308168b6bfcd146fe0a2669a11a9af0128ad85b3bc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cettest.org/comerica-bank-login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:07:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 05 Sep 2023 16:19:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 86331
etag: W/"64f7552e-4c6e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ArGpKIT6yd4L5SIXR4WwPVla6BRKgVj6OIKkA%2B6hycQURTRc1Rptbaq0QNUMOyQ5pQ1O9L%2BiJX57XG8vY9leaUwLXnd9AWxlOi8AB0zrCgGxiqvh2yCZM76Qef51WQfyZDvhKALheOe4tA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 830d32c73a492bd3-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery.min.js Show response
cettest.org/wp-includes/js/jquery/ 86 KB
31 KB 63ms
61ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cettest.org/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: cettest.org
URL: https://cettest.org/comerica-bank-login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cettest.org/comerica-bank-login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:07:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 19 Nov 2023 06:34:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 86331
etag: W/"6559ac88-15601"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B8DIl8T78Id4y8XP3je6vLT%2Bqqb85%2FJlAWM4Gcp0iebX%2FD2vxH6DMr95KOFixDF%2FtxLMwstnMCwln4B32QW4ngdkdBuCpAaQu6ku4Th8z24%2Bu7ZxsGT4A1Vcl8zw6NRE15Jb3ZosjV72xg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 830d32c73a4c2bd3-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery-migrate.min.js Show response
cettest.org/wp-includes/js/jquery/ 13 KB
5 KB 75ms
74ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cettest.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: cettest.org
URL: https://cettest.org/comerica-bank-login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cettest.org/comerica-bank-login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:07:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 05 Sep 2023 16:19:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 86331
etag: W/"64f75508-3509"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HnBVkK3VYl%2Fj2u%2FXB%2BPBXKcbBK4qtkWmHltmC4omkvE%2ByllDrfAJqJmqF016rIDJNzFIUJGsHtJsmmmsVi9O3ZUVqNFg3JI3nsmIvdIfVEmLZOEIHfJfEkOHziebMZ%2FauwNmkXUaLLXiWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 830d32c73a4e2bd3-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 notix-public.js Show response
cettest.org/wp-content/plugins/notix-web-push-notifications/public/js/ 37 B
476 B 62ms
60ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cettest.org/wp-content/plugins/notix-web-push-notifications/public/js/notix-public.js?ver=1.2.1
Requested by: Host: cettest.org
URL: https://cettest.org/comerica-bank-login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1e8df27eefed0250a8e2785a341a5d35d838d8136f4ffde3168c57e9137aa2b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cettest.org/comerica-bank-login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:07:22 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 451351
cf-polished: origSize=838
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 31 Oct 2023 05:39:55 GMT
server: cloudflare
etag: W/"6540932b-346"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=48R76iICsiJtAyuKhnGNgjcLtbYIqT4OP2hb6IoI2gg%2BzB0cSaJyGJEjm1Wksamc%2FzRIuwm61Vh4F4VXTPIGa0mU6hV0fe%2FAG%2FDABwmmapg4dPwO3%2FMUuv3h%2BWdL4SZsqWevv2unP%2Bnp6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 830d32c73a4f2bd3-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 264 KB
90 KB 150ms
59ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-L99XHQ6BNW

Requested by

Host: cettest.org
URL: https://cettest.org/comerica-bank-login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2ca1bb1de7d7b50df141e9117e0c1f867d5dcbbb16ca7cea94516a8240802f7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cettest.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:07:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91436
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 05 Dec 2023 15:07:22 GMT

GET
H3

200

logo.png
cettest.org/wp-content/uploads/2020/09/
Redirect Chain

https://cdn.statically.io/img/cettest.org/wp-content/uploads/2020/09/logo.png?w=125&quality=100&f=auto
https://cettest.org/wp-content/uploads/2020/09/logo.png

3 KB
4 KB

60ms
60ms

Image
image/png

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cettest.org/wp-content/uploads/2020/09/logo.png
Requested by: Host: cettest.org
URL: https://cettest.org/comerica-bank-login/
Protocol: H3
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 286ae8f6f3b40c865c819e95b49093e542333386e1c9a5d3563e14939f6fba15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cettest.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:07:22 GMT
cf-cache-status: HIT
last-modified: Fri, 22 Jan 2021 16:58:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 253604
etag: "600b0443-dad"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sBT0NwrlnQC2NqhwqVMM8Ze4rNz1W8RuoijMSUdgJmhLroKD%2BtOka8zIdf1PMywpCpThWTGoF6YLC7cHlKh9J2UCCBsdCaEzkHgYWAImXL%2FN7fiHyoQEzqXOVz2AT7AKXSXe1y%2BAgHCsig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 830d32c88a1b04a8-CDG
alt-svc: h3=":443"; ma=86400
content-length: 3501

Redirect headers

date: Tue, 05 Dec 2023 15:07:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: statically
x-cache: HIT
access-control-allow-origin: *
location: https://cettest.org/wp-content/uploads/2020/09/logo.png
access-control-expose-headers: *
cache-control: public, max-age=10
timing-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 0
x-served-by: cache-sof1510021-SOF

GET
H2 200 email-decode.min.js Show response
cettest.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 56ms
55ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cettest.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: cettest.org
URL: https://cettest.org/comerica-bank-login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cettest.org/comerica-bank-login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:07:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 28 Nov 2023 16:06:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65660ffd-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fME4HpBeeOkJQEZIA4we%2BOWO8WFP06Zt0miNC9DfueVNrhMq36AmXCrnSJMqVRuT%2Fzq0XzKfuJFy3sjR14mh907d8Cc8Ng9KaFHoB3WWPeslnbOvU7WeCUPPpz1%2FZCtwz6k%2BiHuzd1YbAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 830d32c77a932bd3-FRA
expires: Thu, 07 Dec 2023 15:07:22 GMT

GET
H2 200 RMFA-JS.min.js Show response
cettest.org/wp-content/plugins/turn-rank-math-faq-block-to-accordion/assets/js/ 1 KB
691 B 55ms
51ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cettest.org/wp-content/plugins/turn-rank-math-faq-block-to-accordion/assets/js/RMFA-JS.min.js?ver=1.1.0
Requested by: Host: cettest.org
URL: https://cettest.org/comerica-bank-login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90a82d38c851758d27264c3808c81e7e52e4b04e03f5adb29e0e5df5021fa4b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cettest.org/comerica-bank-login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:07:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 04 Jun 2022 07:44:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 41513
etag: W/"629b0d75-50f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7mDGI29kGzsCkYmVIcRIV2IdPvywZNQVUz65h58o4921WsmJhaKQ8HYcad0ByU1Xth9yTdgWtwebMaPI3X25Tc93YuL%2BiTCp3152Pv5g3EJ5%2Bk5ZGzvmZ4wn84vb53XhZL1J6YxyqKlX0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 830d32c7caff2bd3-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 menu.min.js Show response
cettest.org/wp-content/themes/generatepress/assets/js/ 7 KB
2 KB 57ms
54ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cettest.org/wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.3.1
Requested by: Host: cettest.org
URL: https://cettest.org/comerica-bank-login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 174066535cb768d1715ae34808cd4e83f16f23715524bfff79db8860e8c03296

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cettest.org/comerica-bank-login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:07:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 05 Sep 2023 16:19:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 41513
etag: W/"64f7552e-1b3f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZDnwPd%2F8rELLtww7QpxSHdMRpblEcOXFgwuikwmmk8Z4DaEOnzrhsqHAXQi%2B50n6iPowA%2F9ET7iizLD5YBMLohYmlOTU9av1hDOwUBKMPphrdDIJndlz0jNq9%2FyWsGa0cAlE%2BngC58aQSg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 830d32c7cb032bd3-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 comment-reply.min.js Show response
cettest.org/wp-includes/js/ 3 KB
2 KB 56ms
53ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cettest.org/wp-includes/js/comment-reply.min.js?ver=6.4.1
Requested by: Host: cettest.org
URL: https://cettest.org/comerica-bank-login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cettest.org/comerica-bank-login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:07:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 26 Aug 2022 08:48:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 41513
etag: W/"630888d0-ba5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X6twy7rTJx6qBPQahVs74Sa8nhxhVX%2B0pybLxv48nOO6czxW%2FILVq4RI7p2sqpH9GDw7SPAmAJzjZgx%2FTtUChwPm2LPNIcQUtwFMotdmT8UW1pw5V7%2FaV8Wn%2F%2Biozym7HiguMNFvxgv5qg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 830d32c7cb052bd3-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 akismet-frontend.js Show response
cettest.org/wp-content/plugins/akismet/_inc/ 6 KB
2 KB 66ms
63ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cettest.org/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1694715269
Requested by: Host: cettest.org
URL: https://cettest.org/comerica-bank-login/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a88ba0b09a4416c080044dc095eabf66ca59e4d12a1d6201457b693687be85d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cettest.org/comerica-bank-login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:07:22 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 41512
cf-polished: origSize=10733
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 14 Sep 2023 18:14:29 GMT
server: cloudflare
etag: W/"65034d85-29ed"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=40Bb%2BowHyas0VGJe0Qv4cQdk7%2FPh3U4%2FrKYOzRe2pmzICfUsuhKnkk6cPU1hZ4HtiVr6PizJ2uNm08%2FZktdqrt7ialkNBMvttMTsUaHOzZqolcwYJlYVTofxRIGdKVfrm%2B7xqyWLfCUGpw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 830d32c7cb072bd3-FRA

GET
BLOB 200
OK 2ae3b2f2-4cef-492f-a59f-8ef972e6071e
https://cettest.org/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://cettest.org/2ae3b2f2-4cef-492f-a59f-8ef972e6071e
Requested by: Host: cettest.org
URL: https://cettest.org/comerica-bank-login/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 enot.min.js Show response
notix.io/ent/current/ 141 KB
43 KB 172ms
53ms Script
application/javascript 139.45.240.92
RUBY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://notix.io/ent/current/enot.min.js
Requested by: Host: cettest.org
URL: https://cettest.org/comerica-bank-login/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.240.92 , Russian Federation, ASN57304 (RUBY-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: e1d529afcbb911c99bb039ba39c7fb6716275b97650ae816a90fc03f256542bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cettest.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 15:07:22 GMT
content-encoding: gzip
last-modified: Wed, 29 Nov 2023 20:55:06 GMT
server: nginx
etag: W/"6567a52a-235f7"
content-type: application/javascript
cache-control: no-cache
access-control-allow-credentials: true

GET
H3 200 wp-emoji-release.min.js Show response
cettest.org/wp-includes/js/ 18 KB
5 KB 59ms
59ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cettest.org/wp-includes/js/wp-emoji-release.min.js?ver=6.4.1
Requested by: Host: cettest.org
URL: https://cettest.org/comerica-bank-login/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cettest.org/comerica-bank-login/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:07:22 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 21 Apr 2023 15:46:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6606
etag: W/"6442aff1-4904"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m4xO8Mkquv9yrOKcfJ%2Fh0hzgOudWqy8Q1lEZ6Zue9ReqIYc3ReAEYpsx0YFtiqzTRvkb%2FhAzEcqnP0kTn7iRQU5qog4m8CybUHiCpZTidR3pFa9KCtQCudTDA3eG%2B4nCu%2FDk7ChNCSgN4A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000
cf-ray: 830d32c859b804a8-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 151 KB
51 KB 181ms
94ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7514551766154384

Requested by

Host: cettest.org
URL: https://cettest.org/comerica-bank-login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57c11d8cca51e027c6015a5e4adc90133407f15e240727846ff0fa34b68e33f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cettest.org/
Origin: https://cettest.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:07:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52222
x-xss-protection: 0
server: cafe
etag: 7847480456018399259
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 15:07:22 GMT

GET
H2 200 2764.svg
s.w.org/images/core/emoji/14.0.0/svg/ 368 B
679 B 130ms
38ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/2764.svg

Requested by

Host: cettest.org
URL: https://cettest.org/comerica-bank-login/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

09a743ee0c32ca57c9be64b13b29c396310d1dd309cb4d7d3be722e47db95f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cettest.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Tue, 05 Dec 2023 15:07:22 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:50:38 GMT
server: nginx
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 368
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 174 KB
64 KB 54ms
53ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-205472659-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L99XHQ6BNW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

35c857ea06fd8c7641bd212a1a0e363859ed869614806ffadc75808a380db4a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cettest.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:07:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 64998
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 05 Dec 2023 15:07:22 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
250 B 133ms
46ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-L99XHQ6BNW&gtm=45je3bt0v884485442&_p=1701788842188&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=2029513641.1701788842&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701788842&sct=1&seg=0&dl=https%3A%2F%2Fcettest.org%2Fcomerica-bank-login%2F&dt=Comerica%20Web%20Banking%20Login%202023%20%5B%E2%9D%A4%EF%B8%8FEasy%20Account%20Access%5D&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1730
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L99XHQ6BNW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cettest.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 15:07:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cettest.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 settings Show response
notix.io/ 318 B
568 B 47ms
47ms Fetch
application/json 139.45.240.92
RUBY-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://notix.io/settings?appId=1005eb5ff64d4758d703c95674bd262&ver=0.15.19

Requested by

Host: notix.io
URL: https://notix.io/ent/current/enot.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.240.92 , Russian Federation, ASN57304 (RUBY-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

a8ca49249ca90a131bba14405671cb243da2849145a3d8074b0b5c232c2b57d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cettest.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:07:22 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cettest.org
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 318

POST
H2 200 event
notix.io/ 15 B
264 B 46ms
45ms Ping
application/json 139.45.240.92
RUBY-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://notix.io/event

Requested by

Host: notix.io
URL: https://notix.io/ent/current/enot.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.240.92 , Russian Federation, ASN57304 (RUBY-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://cettest.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 05 Dec 2023 15:07:22 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cettest.org
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 15

OPTIONS
H2 200 event
notix.io/ Frame 0
0 134ms
45ms Preflight
text/plain 139.45.240.92
RUBY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://notix.io/event
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.240.92 , Russian Federation, ASN57304 (RUBY-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://cettest.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://cettest.org
access-control-max-age: 86400
content-length: 0
content-type: text/plain; charset=utf-8
date: Tue, 05 Dec 2023 15:07:22 GMT
server: nginx

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/ 398 KB
134 KB 185ms
106ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7514551766154384&plah=cettest.org

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7514551766154384

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ce3955925daf4b2d81fbcdd1836817253885eb91a176e672a44932f64ade2741

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cettest.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:07:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137564
x-xss-protection: 0
server: cafe
etag: 11400616233640114713
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 15:07:22 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231130/r20190131/ Frame 3C8C 9 KB
4 KB 126ms
39ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231130/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7514551766154384

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cettest.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 47002
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 02:04:00 GMT
etag: 12051592065903069241
expires: Tue, 19 Dec 2023 02:04:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 125ms
39ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-205472659-1&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cettest.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 05 Dec 2023 14:31:36 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2146
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 05 Dec 2023 16:31:36 GMT

POST
H2 200 event
notix.io/ 15 B
264 B 53ms
52ms Ping
application/json 139.45.240.92
RUBY-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://notix.io/event

Requested by

Host: notix.io
URL: https://notix.io/ent/current/enot.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.240.92 , Russian Federation, ASN57304 (RUBY-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://cettest.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 05 Dec 2023 15:07:22 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cettest.org
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 15

OPTIONS
H2 200 event
notix.io/ Frame 0
0 44ms
44ms Preflight
text/plain 139.45.240.92
RUBY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://notix.io/event
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.240.92 , Russian Federation, ASN57304 (RUBY-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://cettest.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://cettest.org
access-control-max-age: 86400
content-length: 0
content-type: text/plain; charset=utf-8
date: Tue, 05 Dec 2023 15:07:22 GMT
server: nginx

POST
H2 200 event
notix.io/ 15 B
264 B 47ms
46ms Ping
application/json 139.45.240.92
RUBY-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://notix.io/event

Requested by

Host: notix.io
URL: https://notix.io/ent/current/enot.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.240.92 , Russian Federation, ASN57304 (RUBY-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://cettest.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 05 Dec 2023 15:07:22 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cettest.org
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 15

OPTIONS
H2 200 event
notix.io/ Frame 0
0 45ms
44ms Preflight
text/plain 139.45.240.92
RUBY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://notix.io/event
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.240.92 , Russian Federation, ASN57304 (RUBY-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://cettest.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://cettest.org
access-control-max-age: 86400
content-length: 0
content-type: text/plain; charset=utf-8
date: Tue, 05 Dec 2023 15:07:22 GMT
server: nginx

POST
H2 200 event
notix.io/ 15 B
264 B 46ms
45ms Ping
application/json 139.45.240.92
RUBY-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://notix.io/event

Requested by

Host: notix.io
URL: https://notix.io/ent/current/enot.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.240.92 , Russian Federation, ASN57304 (RUBY-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://cettest.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 05 Dec 2023 15:07:22 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cettest.org
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 15

OPTIONS
H2 200 event
notix.io/ Frame 0
0 45ms
44ms Preflight
text/plain 139.45.240.92
RUBY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://notix.io/event
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.240.92 , Russian Federation, ASN57304 (RUBY-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://cettest.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token,X-Oaid
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://cettest.org
access-control-max-age: 86400
content-length: 0
content-type: text/plain; charset=utf-8
date: Tue, 05 Dec 2023 15:07:22 GMT
server: nginx

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
202 B 49ms
48ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1531119087&t=pageview&_s=1&dl=https%3A%2F%2Fcettest.org%2Fcomerica-bank-login%2F&ul=en-us&de=UTF-8&dt=Comerica%20Web%20Banking%20Login%202023%20%5B%E2%9D%A4%EF%B8%8FEasy%20Account%20Access%5D&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=465852467&gjid=951951344&cid=2029513641.1701788842&tid=UA-205472659-1&_gid=1573115588.1701788843&_r=1&gtm=457e3bt0z8884485442&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=1021384162

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cettest.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 15:07:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cettest.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CC99 322 KB
79 KB 1173ms
1172ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7514551766154384&output=html&adk=1812271804&adf=3025194257&lmt=1701436764&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x1080_l%7C140x1080_r&format=0x0&url=https%3A%2F%2Fcettest.org%2Fcomerica-bank-login%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701788842532&bpp=7&bdt=442&idt=370&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5316508558607&frm=20&pv=2&ga_vid=2029513641.1701788842&ga_sid=1701788843&ga_hid=1531119087&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079929%2C44807753%2C44807764%2C44808148%2C44808285%2C44809071%2C95320229&oid=2&pvsid=1389099523732639&tmod=648729593&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=390

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7514551766154384&plah=cettest.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9845e218b4040e5f30aecab78cdc0289e0b56f89a9642c0f3f527f61fb83cc7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cettest.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 80881
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 15:07:24 GMT
expires: Tue, 05 Dec 2023 15:07:24 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FCCA 123 KB
41 KB 645ms
644ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7514551766154384&output=html&h=280&slotname=2254100345&adk=3504406088&adf=995376434&pi=t.ma~as.2254100345&w=1200&fwrn=4&fwrnh=100&lmt=1701436764&rafmt=1&format=1200x280&url=https%3A%2F%2Fcettest.org%2Fcomerica-bank-login%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701788842539&bpp=2&bdt=449&idt=387&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5316508558607&frm=20&pv=1&ga_vid=2029513641.1701788842&ga_sid=1701788843&ga_hid=1531119087&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=164&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079929%2C44807753%2C44807764%2C44808148%2C44808285%2C44809071%2C95320229&oid=2&pvsid=1389099523732639&tmod=648729593&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=391

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb89bea8a270c5940b9e1a4c6cdba30d609f8010f72c43ced4531582c95cd952

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cettest.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 41233
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 15:07:23 GMT
expires: Tue, 05 Dec 2023 15:07:23 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 032E 103 KB
38 KB 849ms
849ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7514551766154384&output=html&h=280&slotname=2254100345&adk=2067144678&adf=4055265243&pi=t.ma~as.2254100345&w=816&fwrn=4&fwrnh=100&lmt=1701436764&rafmt=1&format=816x280&url=https%3A%2F%2Fcettest.org%2Fcomerica-bank-login%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701788842541&bpp=1&bdt=451&idt=396&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=5316508558607&frm=20&pv=1&ga_vid=2029513641.1701788842&ga_sid=1701788843&ga_hid=1531119087&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=190&ady=820&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079929%2C44807753%2C44807764%2C44808148%2C44808285%2C44809071%2C95320229&oid=2&pvsid=1389099523732639&tmod=648729593&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba5bd891cb35fd1e79b5520650ab0805ef73bb9a3c8f0b56244bd5b27ae4476a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cettest.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 38959
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 15:07:23 GMT
expires: Tue, 05 Dec 2023 15:07:23 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9766 29 KB
12 KB 941ms
941ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7514551766154384&output=html&h=280&slotname=2254100345&adk=1753697443&adf=1266304483&pi=t.ma~as.2254100345&w=549&fwrn=4&fwrnh=100&lmt=1701436764&rafmt=1&format=549x280&url=https%3A%2F%2Fcettest.org%2Fcomerica-bank-login%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701788842542&bpp=1&bdt=452&idt=436&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C816x280&nras=1&correlator=5316508558607&frm=20&pv=1&ga_vid=2029513641.1701788842&ga_sid=1701788843&ga_hid=1531119087&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=326&ady=1203&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079929%2C44807753%2C44807764%2C44808148%2C44808285%2C44809071%2C95320229&oid=2&pvsid=1389099523732639&tmod=648729593&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=440

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5eaec56527975af57c1e4abf97d2d35cce00666e2ae547048c6bf271bb9ebc75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cettest.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 11848
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 15:07:23 GMT
expires: Tue, 05 Dec 2023 15:07:23 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6898 717 B
529 B 638ms
637ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7514551766154384&output=html&h=280&slotname=2254100345&adk=2067144678&adf=2898655329&pi=t.ma~as.2254100345&w=816&fwrn=4&fwrnh=100&lmt=1701436764&rafmt=1&format=816x280&url=https%3A%2F%2Fcettest.org%2Fcomerica-bank-login%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701788842543&bpp=1&bdt=454&idt=444&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C816x280%2C549x280&nras=1&correlator=5316508558607&frm=20&pv=1&ga_vid=2029513641.1701788842&ga_sid=1701788843&ga_hid=1531119087&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=190&ady=2974&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079929%2C44807753%2C44807764%2C44808148%2C44808285%2C44809071%2C95320229&oid=2&pvsid=1389099523732639&tmod=648729593&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=448

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

81cbe79005ad7179f8bdce2a04db0232dc44731b2e2b09efdc78bf3cec2a10d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cettest.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 357
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 15:07:23 GMT
expires: Tue, 05 Dec 2023 15:07:23 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame FCCA 4 KB
1 KB 136ms
47ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7514551766154384&output=html&h=280&slotname=2254100345&adk=3504406088&adf=995376434&pi=t.ma~as.2254100345&w=1200&fwrn=4&fwrnh=100&lmt=1701436764&rafmt=1&format=1200x280&url=https%3A%2F%2Fcettest.org%2Fcomerica-bank-login%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701788842539&bpp=2&bdt=449&idt=387&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5316508558607&frm=20&pv=1&ga_vid=2029513641.1701788842&ga_sid=1701788843&ga_hid=1531119087&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=164&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079929%2C44807753%2C44807764%2C44808148%2C44808285%2C44809071%2C95320229&oid=2&pvsid=1389099523732639&tmod=648729593&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=391

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 05 Dec 2023 15:07:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 05 Dec 2023 13:51:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 05 Dec 2023 15:07:23 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame FCCA 2 KB
903 B 532ms
47ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:34:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59595
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 22:34:09 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/1144290754256996351/ Frame FCCA 152 KB
152 KB 563ms
88ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1144290754256996351/14763004658117789537

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

add0c25eb062a0021a5bb58e9f60e1145cf85b3783128cf6899a79336b6bcdc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 00:05:33 GMT
x-content-type-options: nosniff
age: 54111
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 155725
x-xss-protection: 0
last-modified: Mon, 13 Nov 2023 14:07:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 04 Dec 2024 00:05:33 GMT

GET
H2 200 3570889295123759882
tpc.googlesyndication.com/simgad/ Frame FCCA 8 KB
8 KB 588ms
113ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3570889295123759882?w=100&h=100&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

addece7e66c89300368ec28cd45deb53eea9a3370121cbf3b7609c3373bb66d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 11:28:37 GMT
x-content-type-options: nosniff
age: 272327
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8117
x-xss-protection: 0
last-modified: Fri, 11 Aug 2023 15:01:15 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 01 Dec 2024 11:28:37 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/ Frame FCCA 24 KB
9 KB 510ms
48ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a7b1c8d19c1d74836d2aaaaaf1fb2bde2a42708f6d4bb4c9168d7609503fbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:39:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59252
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9313
x-xss-protection: 0
server: cafe
etag: 8709779397046830652
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 22:39:52 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame FCCA 3 KB
1 KB 514ms
52ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 18:56:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72680
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 18:56:04 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame FCCA 20 KB
9 KB 508ms
46ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

240ed2cf95df9fa682cc2a820a6681e8faa474dcd678ffbe844351ccbda9bb6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 12:26:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9667
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8549
x-xss-protection: 0
server: cafe
etag: 755982428571291914
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 12:26:17 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame FCCA 202 KB
64 KB 512ms
50ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dce4158779dce6da3ede11337029f817a03f45c9559b1f91d8a7c5ac130f38c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:07:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65147
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701694399686299"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Dec 2023 15:07:24 GMT

GET
H2 200 7a8419aef3683f04c437bd15cecf843d.js Show response
www.gstatic.com/mysidia/ Frame FCCA 37 KB
16 KB 510ms
49ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7a8419aef3683f04c437bd15cecf843d.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

949b3cde1a46caf4f55bb496f58a44af641a4b9fed64f95057bb5eeff142170b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:09:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68282
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 19:10:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 03 Mar 2024 20:09:22 GMT

GET
H2 200 4913276057234064634
tpc.googlesyndication.com/daca_images/simgad/ Frame 032E 142 KB
142 KB 170ms
169ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/4913276057234064634

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7514551766154384&output=html&h=280&slotname=2254100345&adk=2067144678&adf=4055265243&pi=t.ma~as.2254100345&w=816&fwrn=4&fwrnh=100&lmt=1701436764&rafmt=1&format=816x280&url=https%3A%2F%2Fcettest.org%2Fcomerica-bank-login%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701788842541&bpp=1&bdt=451&idt=396&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=5316508558607&frm=20&pv=1&ga_vid=2029513641.1701788842&ga_sid=1701788843&ga_hid=1531119087&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=190&ady=820&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079929%2C44807753%2C44807764%2C44808148%2C44808285%2C44809071%2C95320229&oid=2&pvsid=1389099523732639&tmod=648729593&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff830edc4d163e56eb21869c7c57f79c5814df443f8dfc8a1e921975c8beead6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 07:01:05 GMT
x-content-type-options: nosniff
age: 115579
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 145318
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 05:28:38 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 03 Dec 2024 07:01:05 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/ Frame 032E 24 KB
9 KB 202ms
201ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7514551766154384&output=html&h=280&slotname=2254100345&adk=2067144678&adf=4055265243&pi=t.ma~as.2254100345&w=816&fwrn=4&fwrnh=100&lmt=1701436764&rafmt=1&format=816x280&url=https%3A%2F%2Fcettest.org%2Fcomerica-bank-login%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701788842541&bpp=1&bdt=451&idt=396&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=5316508558607&frm=20&pv=1&ga_vid=2029513641.1701788842&ga_sid=1701788843&ga_hid=1531119087&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=190&ady=820&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079929%2C44807753%2C44807764%2C44808148%2C44808285%2C44809071%2C95320229&oid=2&pvsid=1389099523732639&tmod=648729593&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a7b1c8d19c1d74836d2aaaaaf1fb2bde2a42708f6d4bb4c9168d7609503fbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:39:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59252
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9313
x-xss-protection: 0
server: cafe
etag: 8709779397046830652
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 22:39:52 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame 032E 3 KB
1 KB 180ms
179ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7514551766154384&output=html&h=280&slotname=2254100345&adk=2067144678&adf=4055265243&pi=t.ma~as.2254100345&w=816&fwrn=4&fwrnh=100&lmt=1701436764&rafmt=1&format=816x280&url=https%3A%2F%2Fcettest.org%2Fcomerica-bank-login%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701788842541&bpp=1&bdt=451&idt=396&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=5316508558607&frm=20&pv=1&ga_vid=2029513641.1701788842&ga_sid=1701788843&ga_hid=1531119087&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=190&ady=820&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079929%2C44807753%2C44807764%2C44808148%2C44808285%2C44809071%2C95320229&oid=2&pvsid=1389099523732639&tmod=648729593&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 18:56:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72680
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 18:56:04 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame 032E 20 KB
8 KB 73ms
72ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7514551766154384&output=html&h=280&slotname=2254100345&adk=2067144678&adf=4055265243&pi=t.ma~as.2254100345&w=816&fwrn=4&fwrnh=100&lmt=1701436764&rafmt=1&format=816x280&url=https%3A%2F%2Fcettest.org%2Fcomerica-bank-login%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701788842541&bpp=1&bdt=451&idt=396&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=5316508558607&frm=20&pv=1&ga_vid=2029513641.1701788842&ga_sid=1701788843&ga_hid=1531119087&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=190&ady=820&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079929%2C44807753%2C44807764%2C44808148%2C44808285%2C44809071%2C95320229&oid=2&pvsid=1389099523732639&tmod=648729593&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

240ed2cf95df9fa682cc2a820a6681e8faa474dcd678ffbe844351ccbda9bb6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 12:26:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9667
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8549
x-xss-protection: 0
server: cafe
etag: 755982428571291914
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 12:26:17 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 032E 202 KB
64 KB 95ms
94ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7514551766154384&output=html&h=280&slotname=2254100345&adk=2067144678&adf=4055265243&pi=t.ma~as.2254100345&w=816&fwrn=4&fwrnh=100&lmt=1701436764&rafmt=1&format=816x280&url=https%3A%2F%2Fcettest.org%2Fcomerica-bank-login%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701788842541&bpp=1&bdt=451&idt=396&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=5316508558607&frm=20&pv=1&ga_vid=2029513641.1701788842&ga_sid=1701788843&ga_hid=1531119087&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=190&ady=820&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079929%2C44807753%2C44807764%2C44808148%2C44808285%2C44809071%2C95320229&oid=2&pvsid=1389099523732639&tmod=648729593&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dce4158779dce6da3ede11337029f817a03f45c9559b1f91d8a7c5ac130f38c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:07:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65147
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701694399686299"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Dec 2023 15:07:24 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame 032E 36 KB
15 KB 180ms
180ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7514551766154384&output=html&h=280&slotname=2254100345&adk=2067144678&adf=4055265243&pi=t.ma~as.2254100345&w=816&fwrn=4&fwrnh=100&lmt=1701436764&rafmt=1&format=816x280&url=https%3A%2F%2Fcettest.org%2Fcomerica-bank-login%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701788842541&bpp=1&bdt=451&idt=396&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=5316508558607&frm=20&pv=1&ga_vid=2029513641.1701788842&ga_sid=1701788843&ga_hid=1531119087&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=190&ady=820&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079929%2C44807753%2C44807764%2C44808148%2C44808285%2C44809071%2C95320229&oid=2&pvsid=1389099523732639&tmod=648729593&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f0661b34bdd99c850e7c1c3fb40188743848c2353682e600dc0fa009ced29f9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:45:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58908
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14794
x-xss-protection: 0
server: cafe
etag: 15882346334465922746
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 22:45:36 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0933 143 B
166 B 41ms
39ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7514551766154384&output=html&h=280&slotname=2254100345&adk=2067144678&adf=4055265243&pi=t.ma~as.2254100345&w=816&fwrn=4&fwrnh=100&lmt=1701436764&rafmt=1&format=816x280&url=https%3A%2F%2Fcettest.org%2Fcomerica-bank-login%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701788842541&bpp=1&bdt=451&idt=396&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=5316508558607&frm=20&pv=1&ga_vid=2029513641.1701788842&ga_sid=1701788843&ga_hid=1531119087&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=190&ady=820&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079929%2C44807753%2C44807764%2C44808148%2C44808285%2C44809071%2C95320229&oid=2&pvsid=1389099523732639&tmod=648729593&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7514551766154384&output=html&h=280&slotname=2254100345&adk=2067144678&adf=4055265243&pi=t.ma~as.2254100345&w=816&fwrn=4&fwrnh=100&lmt=1701436764&rafmt=1&format=816x280&url=https%3A%2F%2Fcettest.org%2Fcomerica-bank-login%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701788842541&bpp=1&bdt=451&idt=396&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=5316508558607&frm=20&pv=1&ga_vid=2029513641.1701788842&ga_sid=1701788843&ga_hid=1531119087&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=190&ady=820&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079929%2C44807753%2C44807764%2C44808148%2C44808285%2C44809071%2C95320229&oid=2&pvsid=1389099523732639&tmod=648729593&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=400
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1737
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 14:38:27 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 967B 624 B
246 B 88ms
87ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNW8qKpTBmWqUIyLsQ9jg7dcMlXclr4-TuSuxbCVW2XdfCypwQuy3oJGl50YRBI-tRvf55G78WQfAwkiKL-tWPvN9nm3XAaIIGlzslkP8NEUZ9IHrTW0i7bEHUFdxx2kD-Lyw_IOfN8dOeVfCVIM5dayMUmlVPD2aoSvkji60u414j1HLe0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7514551766154384&output=html&h=280&slotname=2254100345&adk=1753697443&adf=1266304483&pi=t.ma~as.2254100345&w=549&fwrn=4&fwrnh=100&lmt=1701436764&rafmt=1&format=549x280&url=https%3A%2F%2Fcettest.org%2Fcomerica-bank-login%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701788842542&bpp=1&bdt=452&idt=436&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C816x280&nras=1&correlator=5316508558607&frm=20&pv=1&ga_vid=2029513641.1701788842&ga_sid=1701788843&ga_hid=1531119087&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=326&ady=1203&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079929%2C44807753%2C44807764%2C44808148%2C44808285%2C44809071%2C95320229&oid=2&pvsid=1389099523732639&tmod=648729593&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=440

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7514551766154384&output=html&h=280&slotname=2254100345&adk=1753697443&adf=1266304483&pi=t.ma~as.2254100345&w=549&fwrn=4&fwrnh=100&lmt=1701436764&rafmt=1&format=549x280&url=https%3A%2F%2Fcettest.org%2Fcomerica-bank-login%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701788842542&bpp=1&bdt=452&idt=436&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C816x280&nras=1&correlator=5316508558607&frm=20&pv=1&ga_vid=2029513641.1701788842&ga_sid=1701788843&ga_hid=1531119087&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=326&ady=1203&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079929%2C44807753%2C44807764%2C44808148%2C44808285%2C44809071%2C95320229&oid=2&pvsid=1389099523732639&tmod=648729593&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=440
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 15:07:24 GMT
expires: Tue, 05 Dec 2023 15:07:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame B5CF 89 KB
31 KB 128ms
127ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7514551766154384&output=html&h=280&slotname=2254100345&adk=1753697443&adf=1266304483&pi=t.ma~as.2254100345&w=549&fwrn=4&fwrnh=100&lmt=1701436764&rafmt=1&format=549x280&url=https%3A%2F%2Fcettest.org%2Fcomerica-bank-login%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701788842542&bpp=1&bdt=452&idt=436&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C816x280&nras=1&correlator=5316508558607&frm=20&pv=1&ga_vid=2029513641.1701788842&ga_sid=1701788843&ga_hid=1531119087&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=326&ady=1203&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079929%2C44807753%2C44807764%2C44808148%2C44808285%2C44809071%2C95320229&oid=2&pvsid=1389099523732639&tmod=648729593&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=440

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:07:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 15:07:24 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame B5CF 3 KB
1 KB 169ms
167ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7514551766154384&output=html&h=280&slotname=2254100345&adk=1753697443&adf=1266304483&pi=t.ma~as.2254100345&w=549&fwrn=4&fwrnh=100&lmt=1701436764&rafmt=1&format=549x280&url=https%3A%2F%2Fcettest.org%2Fcomerica-bank-login%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701788842542&bpp=1&bdt=452&idt=436&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C816x280&nras=1&correlator=5316508558607&frm=20&pv=1&ga_vid=2029513641.1701788842&ga_sid=1701788843&ga_hid=1531119087&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=326&ady=1203&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079929%2C44807753%2C44807764%2C44808148%2C44808285%2C44809071%2C95320229&oid=2&pvsid=1389099523732639&tmod=648729593&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=440

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 18:56:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72680
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 18:56:04 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame B5CF 20 KB
8 KB 153ms
152ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7514551766154384&output=html&h=280&slotname=2254100345&adk=1753697443&adf=1266304483&pi=t.ma~as.2254100345&w=549&fwrn=4&fwrnh=100&lmt=1701436764&rafmt=1&format=549x280&url=https%3A%2F%2Fcettest.org%2Fcomerica-bank-login%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701788842542&bpp=1&bdt=452&idt=436&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C816x280&nras=1&correlator=5316508558607&frm=20&pv=1&ga_vid=2029513641.1701788842&ga_sid=1701788843&ga_hid=1531119087&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=326&ady=1203&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079929%2C44807753%2C44807764%2C44808148%2C44808285%2C44809071%2C95320229&oid=2&pvsid=1389099523732639&tmod=648729593&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=440

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

240ed2cf95df9fa682cc2a820a6681e8faa474dcd678ffbe844351ccbda9bb6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 12:26:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9667
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8549
x-xss-protection: 0
server: cafe
etag: 755982428571291914
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 12:26:17 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame B5CF 202 KB
64 KB 113ms
112ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7514551766154384&output=html&h=280&slotname=2254100345&adk=1753697443&adf=1266304483&pi=t.ma~as.2254100345&w=549&fwrn=4&fwrnh=100&lmt=1701436764&rafmt=1&format=549x280&url=https%3A%2F%2Fcettest.org%2Fcomerica-bank-login%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701788842542&bpp=1&bdt=452&idt=436&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C816x280&nras=1&correlator=5316508558607&frm=20&pv=1&ga_vid=2029513641.1701788842&ga_sid=1701788843&ga_hid=1531119087&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=326&ady=1203&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079929%2C44807753%2C44807764%2C44808148%2C44808285%2C44809071%2C95320229&oid=2&pvsid=1389099523732639&tmod=648729593&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=440

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dce4158779dce6da3ede11337029f817a03f45c9559b1f91d8a7c5ac130f38c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:07:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65147
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701694399686299"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Dec 2023 15:07:24 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame B5CF 42 B
63 B 82ms
81ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AVzhq2ILNenO6psmsmgSbd9cqGcdBatfoXBASDjdqK6n1sd9ZOHJMW5rcHokbRoxY2vXmPLFS21BEEdSDLNj-GMwd3ycxYrTHWI32ttQWuxYtRB1A

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7514551766154384&output=html&h=280&slotname=2254100345&adk=1753697443&adf=1266304483&pi=t.ma~as.2254100345&w=549&fwrn=4&fwrnh=100&lmt=1701436764&rafmt=1&format=549x280&url=https%3A%2F%2Fcettest.org%2Fcomerica-bank-login%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701788842542&bpp=1&bdt=452&idt=436&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C816x280&nras=1&correlator=5316508558607&frm=20&pv=1&ga_vid=2029513641.1701788842&ga_sid=1701788843&ga_hid=1531119087&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=326&ady=1203&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079929%2C44807753%2C44807764%2C44808148%2C44808285%2C44809071%2C95320229&oid=2&pvsid=1389099523732639&tmod=648729593&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=440

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 15:07:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/ 160 KB
55 KB 105ms
104ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16f0033ba7c6c6edbd5dcc9385edc162f3cab91504496918326925c67c092577

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cettest.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:07:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55944
x-xss-protection: 0
server: cafe
etag: 10679427188213330262
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 15:07:24 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 41C7 430 B
228 B 843ms
843ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7514551766154384&output=html&h=280&adk=430837545&adf=2755680023&pi=t.aa~a.3039439558~i.31~rp.4&w=816&fwrn=4&fwrnh=100&lmt=1701436764&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1635201990&ad_type=text_image&format=816x280&url=https%3A%2F%2Fcettest.org%2Fcomerica-bank-login%2F&ea=0&fwr=0&pra=3&rh=200&rw=816&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701788844214&bpp=1&bdt=2124&idt=1&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D32a4c756c012f505%3AT%3D1701788843%3ART%3D1701788843%3AS%3DALNI_MZFl5nP-tDkgeL3VM-MdQubyMqmcQ&gpic=UID%3D00000d0b24463e92%3AT%3D1701788843%3ART%3D1701788843%3AS%3DALNI_MYiydFmTAFivVFjN1M95V2XqqX1gA&prev_fmts=0x0%2C1200x280%2C816x280%2C549x280%2C816x280&nras=2&correlator=5316508558607&frm=20&pv=1&ga_vid=2029513641.1701788842&ga_sid=1701788843&ga_hid=1531119087&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=190&ady=3559&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079929%2C44807753%2C44807764%2C44808148%2C44808285%2C44809071%2C95320229&oid=2&pvsid=1389099523732639&tmod=648729593&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=3&fsb=1&dtd=21

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d0717c62eadf5412a2c5c634b11e147b7bc3bccad7c4390a04eee5bed115ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cettest.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 207
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 15:07:25 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 967B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDdXx29jcIoboNvHd6iV_8c&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDdXx29jcIoboNvHd6iV_8c&google_cver=1&C=1

43 B
344 B

83ms
82ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDdXx29jcIoboNvHd6iV_8c&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNW8qKpTBmWqUIyLsQ9jg7dcMlXclr4-TuSuxbCVW2XdfCypwQuy3oJGl50YRBI-tRvf55G78WQfAwkiKL-tWPvN9nm3XAaIIGlzslkP8NEUZ9IHrTW0i7bEHUFdxx2kD-Lyw_IOfN8dOeVfCVIM5dayMUmlVPD2aoSvkji60u414j1HLe0
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 15:07:24 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3%2FTG2eBTRMK%2B1wSly%2FxuPBZTMHWl0Z%2BF0oeU5qXGBKQDh%2FhrU%2BPKBp4O528M48pInP2mvzYATadCCXa%2BoEVj09Hr41FHln8kNzrIk8omCaYiTUKSJrN324aCvKu4pLO6lvS80XwX3%2FtVmg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 830d32d6ac0f44f2-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 05 Dec 2023 15:07:24 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EJURqlejrc29qNOrHRQjDTQblpcuAUvHqmEt3NB7lPfFZMkk99qjEaC%2BA%2BIiZaJ83gSs9FSY0LKGvxNHJ2%2FnowriU0rYlTvK3M9CDcZCOvOOOIogkRzDBifDMDeNA%2F9Efc%2BRuNn%2Bt2Grmg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEDdXx29jcIoboNvHd6iV_8c&google_cver=1&C=1
cache-control: no-cache
cf-ray: 830d32d62b0244f2-TXL
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 967B
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZW88rKDsuNoX00riyzwcgAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDdXx29jcIoboNvHd6iV_8c&google_cver=1

43 B
769 B

80ms
80ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDdXx29jcIoboNvHd6iV_8c&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNW8qKpTBmWqUIyLsQ9jg7dcMlXclr4-TuSuxbCVW2XdfCypwQuy3oJGl50YRBI-tRvf55G78WQfAwkiKL-tWPvN9nm3XAaIIGlzslkP8NEUZ9IHrTW0i7bEHUFdxx2kD-Lyw_IOfN8dOeVfCVIM5dayMUmlVPD2aoSvkji60u414j1HLe0
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 15:07:24 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fWJe6S8KqOByKDjFuFvnEqjUoz%2FOTwkrQlOG3lr6V62sXvR693bbvWYpHTUY7g46euB0cA%2F3DVOat9EEaGmv3jSVyfkgWqr2hokKZXM9rGxZWa8q4cIPsXGA%2FOpKfVnTidOCd2FmuqS4ig%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 830d32d7696644fe-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 05 Dec 2023 15:07:24 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDdXx29jcIoboNvHd6iV_8c&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 967B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEI-YPZGEcFCcfd6bc5iQxsc&google_cver=1

43 B
838 B

40ms
39ms

Image
image/gif

37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEI-YPZGEcFCcfd6bc5iQxsc&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNW8qKpTBmWqUIyLsQ9jg7dcMlXclr4-TuSuxbCVW2XdfCypwQuy3oJGl50YRBI-tRvf55G78WQfAwkiKL-tWPvN9nm3XAaIIGlzslkP8NEUZ9IHrTW0i7bEHUFdxx2kD-Lyw_IOfN8dOeVfCVIM5dayMUmlVPD2aoSvkji60u414j1HLe0

Protocol

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 15:07:24 GMT
an-x-request-uuid: 6fc7bada-9402-4a12-8f43-ccf5b5c50ee6
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.101; 80.255.7.101; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 Dec 2023 15:07:24 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEI-YPZGEcFCcfd6bc5iQxsc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 967B
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTg3ODk2NjE0ODM0NjY0Njg4

170 B
243 B

54ms
53ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTg3ODk2NjE0ODM0NjY0Njg4

Requested by

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 15:07:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 05 Dec 2023 15:07:24 GMT
an-x-request-uuid: 6c318c07-0b3c-4a7c-951a-529cb3f8a1f4
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTg3ODk2NjE0ODM0NjY0Njg4
x-proxy-origin: 80.255.7.101; 80.255.7.101; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame FCCA 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 03518a17675981ba84025c17cc038638110c38bc1bca86561529d117fc07172e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0933
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

50ms
48ms

Document
text/html

2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7514551766154384&output=html&h=280&slotname=2254100345&adk=2067144678&adf=4055265243&pi=t.ma~as.2254100345&w=816&fwrn=4&fwrnh=100&lmt=1701436764&rafmt=1&format=816x280&url=https%3A%2F%2Fcettest.org%2Fcomerica-bank-login%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701788842541&bpp=1&bdt=451&idt=396&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=5316508558607&frm=20&pv=1&ga_vid=2029513641.1701788842&ga_sid=1701788843&ga_hid=1531119087&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=190&ady=820&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079929%2C44807753%2C44807764%2C44808148%2C44808285%2C44809071%2C95320229&oid=2&pvsid=1389099523732639&tmod=648729593&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 15:07:24 GMT
expires: Tue, 05 Dec 2023 15:07:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 15:07:24 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame FCCA 16 KB
16 KB 144ms
50ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 16:05:47 GMT
x-content-type-options: nosniff
age: 82897
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Dec 2024 16:05:47 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame FCCA 15 KB
16 KB 132ms
39ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 23:12:30 GMT
x-content-type-options: nosniff
age: 57294
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Dec 2024 23:12:30 GMT

GET
DATA 200
OK truncated
/ Frame 032E 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e563ed223752468401426e5468529384a27d0f8b43c45151f817b8191164e1c8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 032E
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CkF5LqjxvZezHO-CYjuwPmOmSKN-GwM9088vZmqcSr_P1178xEAEgwujie2CVgoCAlAegAe-whdwoyAECqQK4mNzOwSuyPqgDAcgDyQSqBIQCT9AmVHrceJDNu1c1NRBL9h0gbiXEObCw53E...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221362433489313709837%22,%22debug_reporting%22:true,%22destination%22:%22https://misumi-ec.com%22,%22event_report_window%22:...

0
0

269ms
78ms

Fetch
text/css

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%221362433489313709837%22,%22debug_reporting%22:true,%22destination%22:%22https://misumi-ec.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210930444399%22],%224%22:[%2212-05%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211072181518620505537%22}&andc=true

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7514551766154384&output=html&h=280&slotname=2254100345&adk=2067144678&adf=4055265243&pi=t.ma~as.2254100345&w=816&fwrn=4&fwrnh=100&lmt=1701436764&rafmt=1&format=816x280&url=https%3A%2F%2Fcettest.org%2Fcomerica-bank-login%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701788842541&bpp=1&bdt=451&idt=396&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=5316508558607&frm=20&pv=1&ga_vid=2029513641.1701788842&ga_sid=1701788843&ga_hid=1531119087&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=190&ady=820&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079929%2C44807753%2C44807764%2C44808148%2C44808285%2C44809071%2C95320229&oid=2&pvsid=1389099523732639&tmod=648729593&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=400

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:07:24 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"1362433489313709837","debug_reporting":true,"destination":"https://misumi-ec.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10930444399"],"4":["12-05"],"6":["true"]},"priority":"500","source_event_id":"11072181518620505537"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 05 Dec 2023 15:07:24 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 05 Dec 2023 15:07:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"1362433489313709837","debug_reporting":true,"destination":"https://misumi-ec.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10930444399"],"4":["12-05"],"6":["true"]},"priority":"500","source_event_id":"11072181518620505537"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B5CF 0
20 B 85ms
85ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9912299461400&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 15:07:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B5CF 0
20 B 81ms
81ms Ping
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9912299461400&version=m202309260101&ct=77&x=1&cor=7850404630048310000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 15:07:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame B5CF 20 KB
14 KB 323ms
322ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cyv07QLNTDa-OpZITXR1Wk6noBREvqUCBwVkaysGDo9lDInqyYsV_sTyXw7zxcVp0mNRc4_XwXLI_dyChPUVeFpXPg1EvPfngiXehFCSHcyuQ-G0PJJPZYF9VeVBYBwLwAe2-ePCpZe5lJDqNV5eIJiZoyF9rzd-s6TfgBx7ATgwX-mCE&cry=1&dbm_d=AKAmf-DNnJPXuTI-B7LM2h_ybyU2iQ4_1E9l3oh2dI1EvPaYnbpjC9wbxDQ8t60sX8lo_MqcM9AkAofRDlNLnC3fSBBkLKMvViMfDG7GXe0sK5fITuPf5lxOJkFW6ftqJggWKPbTZgYsx8Y-Npu9M0wIhpTbie8VIhQhdBpzLFDBdRewIF-NA65iMHQorM6U6y6_YV7OX-6AfLjSp3DBkV5XsZ6cHIbedUdm7tGAIaM_aNG5tnQH0oSFb4vdd4lJIccCIObI3u7ghqeRC9iLf_J2uB8em3cKi2gJTS6J3CWvpR6HjDJN49CR5kuzvvmo6NMKS5gzeqMd6rs3-BO0nTf_yI8S2RLo3pD42KH2ZdOnoszV3GQlj5gyoTY7Nkd4ROE1Pj22eDLoUQZ5Qzoc9DCDsQT_cOWVRg90rd8pvxSmQaWObQS5ae-MSGC-D9wIXk6fi-ChArxeMJ-3luEb4anPRkWNIWF__IeDLmkpfIqFOnh10aKDVMfvmVpoGiBblJnkTRv9_tPgcNK8G_0_tENREj_ZB9VaROH6Ev5P-zJYg-xBXIFYQBDoI14AyPixtVQ0RRilQZ3KHSZmRWPNYo04EGh_y1nzASuXkSOwBmEEtylNmojz9QSlh4uSOmNO8bbJEGLOT0ielcLC2g3b09GnilThx4GClL0CeCcZN-wkSISBRE0gx5QppYyWmff97TLZ-kpLTIVOf_t3xcBdBJpJYfvXFH_jwHqpTT2vPRJfyU_gVB17Ws8Ii-LR_snIjrHXU2pC2HgclyLs87NdLSRpzoS4WGv537deza5nDWv9ExMnpZhQVRx1bX5ICy_fzVCKTViZ7p5Hn4JHb44isj04GXFy9UHydRXJd7LCOTbkMjO2qfrUXX3CwwdfAAQhIeM80hdSkm0kMT7Po5Vc-ZrPYngjKPxGln763VAZ7nyYr1uuYCd9vVokxi9GkLdsB2KE85S-1Cy8rrhinckuG-Qhue5VAuTuoLZVwsP9csattJardf2bvJ9od1r7dGbMw7HwnopFUlujJ_pF2TKkYScJiC_JB7JQeQuTinkj3O1zKkJvrKKeYSZ5JWY502SL6hNRbbMCZSXiLDBkEyyzdAbdKg_OpEcPvgBXu3MP8-Ygzg0Kxz3ci_0W9ji1abl7_4Khb_3PCzW9by9YRFPlre05nQaskAm2KQyv2OrRMaymaGmnUMA-ucH1Gw4xZbxr7D75N6WZrkkXJZSjj8Ye4Qa9_R5JwAk3QE84VIqN7deae6Ljx7rGH4qJcC_BwNlz1bKJLK0EZvXghVgmJ3DUKRvxJqsu3WAjdGrN6w4Bu1qUFki5rxu3LoPgYvA-JobJiUaOejvEgvHMh_xmO4jQd1RoOAxbuK4AzcUlOSKDkRUDyCVo5hNcQlVyDtd4esk3i13WQLa4pfp6r-fDKPVzGnJ_AfxqYd_NzJHIqVzs_kn315JHjJJupKqIO6zpndt_nhe40D2TR2HIn5l4LJILATDc02f65IE-fDncLeJbl-Np_2U5uYO01_mR2_bbfuznJJpI12YluiuZSbJ-bK0AUzqx88Blheenf3eAbJfylaBFblA-UFS-IbHfc8X90MxjaHrkBfocPEwNAjfGJGySDyWAY_OUqVTtZsgmY3uOq77Ym36Mf86A3CefFQMpegnaBRn_Oj2HyZXYu3s_Ga-x6kWyKlpYHV_MCAII7wed-_IZmgVqS0ta_WHRqBkjNzkTm8yDL6C5CjrgaEv3-sqyz8peqMDub-DoNHtH42n2DzY4rqLKOtSdEhDsTIrFUTwkKh3UVnSnvNNycWeSZtjLMVS8U4QtzwgnuoJopqWCdOMlipndOpjZrFqrZSIm-0t0OameCdMXMc8SvN0Mo9WEv5IaN-ZU6WWlzwTSYnqaidZnOeLWvHjZsGgN2z6L4hX0XhgA2fi_xexbB858AFCEHYzGZBM8pAgb5Lgxf9M9fzvSEqACtdEgMClfrffRDWyTzXOakVPUcLb5LuejMqD6UySU3gNC3_bsKu3_E-FzwX3JxUftG1xC3VokqlBWZHjBzFkNMwumcgxuAmzMVUXypzItyYEQ9vAiVQjsrMvQlr-E1jiaW8ynZ4Rc3XWHRI_qLJtA-ih_j_Pk2aroTUuMwPSB4bpbc49VuTTvjrHLcXkPzbN7N2JHt2_2m2i-rc6CtY67SjfbMo7BeDsyhDjyJcKveeDHyEXTKWugFspRO5DNFX3MZoKg0IS44x_M_6JX8rOZ74NbtxDD3XgKSReK3zGyPzjQTecEutOI_O4A8Jwr3jxPUSJ6AY5GKdhkmyMRBd8ilvSrJvVfTGdsbJSs0kZiUh6JZnE9oRUENlpr2WcvAQEujH8jQuRDY_PvD-1B9lM_wdF9_kEeDhTLTx4vAaNISIORTp8dEciF8mpfbxnSqDLXjw-ddUepj9HkiCOiCt9gdGsD74F39WJJz8XsA2H0SLR3Ro3ZnHc6D8wHtBepUiepgV2rKeJ5r4gffhOpUZd8WrqKN0hyDSKQwo_j0O6uKhVnz4VvOg7H9fy4WRiis2wVsbAsVB8rBvW88z4LR1ZRpw45oOAwLOSClukew2jEGnEVuHbhVeVMgCMahawnS8cfmB4bzv6kXL4ldflQRx5NJ34zYX5AMl_cyk1z8a2YopJTWRpPBT3x8RZLckFPYbssXnHiyNIVucNEryIImvTXRUsW8d1pvkJkt4dspZhA7Ms-J2pA1kA1oNKUotIC--XxfWQctVBSy7PGpgv2jYTlc76MKa04sH_Fa8MDKQ0Pi0F5Xb92EaJ5AM3TVhwvxizU-B0LzRaG8b2pgawnT1lKt-ejSOtsYEd2mPsPbZM4sZ37azRFI9JvYx69B3S4D7hHwNeGKhwasKze1Be077cJy4PSLQNXLX_LtilMvOkEimyuBl1dRYp9s57GaVCHiyqbZgjnZGJbYRZmIdR_rxjS3Q0SDZDGMxGhH2fSCjs4aCBe-bxUM_bG59t5Y1J7lbipnFjIRyIzIxwCSD2fhftrRbORIFZx7VmpuVG_BmNob05NjfBSOd2pzNa87WOKABE9DC1S6yYjFgu-_vuMy12K7PaBnfGt98KSwAlVzh3UkkTYWbxcCy_fGyvMvqxoGGxdv8txWN7ob0sWbGanWUWG2wegQNk6ZG1RJFiQGZ0hOXW8j0H1xN5iznuzrpLwWxwNbBQAhCfOIN5VQP8Gsfw-i6mDhHx5hVgzLMTJbYtxfiAyJT9sYxIE6i6T9bDsFov9GGmxsvjEWKbOk5j_MTYQWECQwIVhYOWVXtRw2sY8uyRv8jn9k8FTBz_kv76n1uyiKotyRXGLP6BTebHHx6Q9jJsf_FwamHOP_5_GDTgQHp7JptnewI-3vvzLZWZsQDIt4VDrm5wsDHCTx2FepYaU23C-rO4Ha783V5pi1w9XJ6sbAqgwTUJbsE1ekN5oeiw5YL4u1XJjYFJ3LqCQT7qQ9UAdUuvSoHKSRUFXFwD6lETUVlh2P-nXW8ISrrqiUMGOwBnowQETVRaVOTMB0_nFu0WETSi1FtzyEj3UYGiGjrEJbU9dpB-_tXA6kCfntMfvQ7W786ZGaGJvo4CGVZpQcDqIl3Q-cTpBlQo42435_N2GgXfCk84sAq9JWkETmZZOQ8LBLNFGpLoZXi-6dyuH13sHfbWOyCopuUiTbBWqvXVdvdvxW72apTLndEAd4x7fKCvV5RU4qoHaJjyxxg1XgMJNoTroXcZOi5i60AhafZNG2Zn3Hg_VFL0yU7tw7fg3nh-_zS9WSKylnLtwoBDAsZ1d8-Pu2vnkCZeu27ZIFH2DR119s9gr8hyMu0vRSsLYgLsI3ahBbDj7Kcd6jFWbdcciLksbK2QYT79v2trIiMmUkYsJub0UKJqJeI3Sounl0uT9Qp2fi81wvLoX12XET9YhNdjNxrENqrjrI6Hw0NYcJsHSzQ&cid=CAQSTgDICaaNxFApLX_pwqOGmwFG42Fvz7jf9uKUJ2HWWX7vNWexZeuAquhLQBwKXmwS63-bKtLiyCpLAE1HtHOmmeM9Smc0LrID2p8twU7hDxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fcettest.org%2F&ds=l&xdt=1&iif=1&cor=7850404630048310000&adk=1761367584&idt=136&cac=0&dtd=9

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

13759c4f299262320974e86d2cc7481b2a235547aa4121acf8a0226d377605d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7514551766154384&output=html&h=280&slotname=2254100345&adk=1753697443&adf=1266304483&pi=t.ma~as.2254100345&w=549&fwrn=4&fwrnh=100&lmt=1701436764&rafmt=1&format=549x280&url=https%3A%2F%2Fcettest.org%2Fcomerica-bank-login%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701788842542&bpp=1&bdt=452&idt=436&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C816x280&nras=1&correlator=5316508558607&frm=20&pv=1&ga_vid=2029513641.1701788842&ga_sid=1701788843&ga_hid=1531119087&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=326&ady=1203&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079929%2C44807753%2C44807764%2C44808148%2C44808285%2C44809071%2C95320229&oid=2&pvsid=1389099523732639&tmod=648729593&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=440
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 15:07:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13967
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/ Frame B96F 9 KB
4 KB 40ms
40ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cettest.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 57371
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 23:11:13 GMT
etag: 12051592065903069241
expires: Mon, 18 Dec 2023 23:11:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/ Frame 6F0A 9 KB
4 KB 40ms
39ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cettest.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 57371
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 23:11:13 GMT
etag: 12051592065903069241
expires: Mon, 18 Dec 2023 23:11:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame FCCA
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C9k3dqjxvZdDxOrWajuwPrtyTwA2fvKHTdJ35_6j5EdKq7b-HQBABIMLo4ntglYKAgJQHoAGm1tvcKcgBCakCuJjczsErsj6oAwHIA8sEqgSFAk_Q7yHGYnOfcKwMdQ0a7awXeR65v8bpA52...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213660870446669704984%22,%22debug_reporting%22:true,%22destination%22:%22https://solaranlagen-magazin.de%22,%22event_report...

0
0

252ms
77ms

Fetch
text/css

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213660870446669704984%22,%22debug_reporting%22:true,%22destination%22:%22https://solaranlagen-magazin.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211200293670%22],%224%22:[%2212-05%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224102231054251198849%22}&andc=true

Requested by

Host: cettest.org
URL: https://cettest.org/comerica-bank-login/

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:07:24 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"13660870446669704984","debug_reporting":true,"destination":"https://solaranlagen-magazin.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11200293670"],"4":["12-05"],"6":["true"]},"priority":"500","source_event_id":"4102231054251198849"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 05 Dec 2023 15:07:24 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 05 Dec 2023 15:07:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"13660870446669704984","debug_reporting":true,"destination":"https://solaranlagen-magazin.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11200293670"],"4":["12-05"],"6":["true"]},"priority":"500","source_event_id":"4102231054251198849"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 173ms
75ms Preflight
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 05 Dec 2023 15:07:24 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js Show response
pagead2.googlesyndication.com/bg/ Frame FC4E 51 KB
19 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7fee07b08f21a5a9c385220b8e279007527e8bfb32434d53da04727600362ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:53:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 90839
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19719
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 03 Dec 2024 13:53:25 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame B96F 4 KB
767 B 56ms
48ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 05 Dec 2023 15:07:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 05 Dec 2023 13:54:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 05 Dec 2023 15:07:24 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame B96F 205 B
519 B 45ms
38ms Image
image/png 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 12:13:25 GMT
x-content-type-options: nosniff
age: 96839
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 03 Dec 2024 12:13:25 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame B96F 604 B
695 B 45ms
39ms Image
image/png 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 08:48:38 GMT
x-content-type-options: nosniff
age: 22726
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 04 Dec 2024 08:48:38 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/elements/html/ Frame B96F 16 KB
7 KB 48ms
42ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6df8215439f8c1a4f31e4407a93cdb72cfc12b525cc378678ad717f8451325d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 19:04:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72165
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6758
x-xss-protection: 0
server: cafe
etag: 13232977368472197749
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 19:04:39 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/elements/html/ Frame B96F 22 KB
9 KB 46ms
40ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6e3e3fc8cdf8924500e7972820c834a71917633559f5deb528ea3091959130ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 21:00:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65192
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9196
x-xss-protection: 0
server: cafe
etag: 14855042226819348905
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 21:00:52 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/ Frame 6F0A 24 KB
9 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a7b1c8d19c1d74836d2aaaaaf1fb2bde2a42708f6d4bb4c9168d7609503fbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:39:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59252
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9313
x-xss-protection: 0
server: cafe
etag: 8709779397046830652
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 22:39:52 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 73FE 143 B
166 B 42ms
40ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1737
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 14:38:27 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame 6F0A 3 KB
1 KB 41ms
39ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 18:56:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72680
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 18:56:04 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame 6F0A 20 KB
8 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

240ed2cf95df9fa682cc2a820a6681e8faa474dcd678ffbe844351ccbda9bb6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 12:26:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9667
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8549
x-xss-protection: 0
server: cafe
etag: 755982428571291914
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 12:26:17 GMT

GET
H2 200 5370432409221718499
tpc.googlesyndication.com/daca_images/simgad/ Frame 6F0A 40 KB
40 KB 42ms
41ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/5370432409221718499

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98f7d52de022e3c8a9d411824f21d1c8975bc9feeba8f86afce2730d76b0669f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 09:32:39 GMT
x-content-type-options: nosniff
age: 20085
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41011
x-xss-protection: 0
last-modified: Tue, 05 Dec 2023 09:24:27 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 04 Dec 2024 09:32:39 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6F0A 202 KB
64 KB 67ms
66ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dce4158779dce6da3ede11337029f817a03f45c9559b1f91d8a7c5ac130f38c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:07:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65147
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701694399686299"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Dec 2023 15:07:24 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame 6F0A 36 KB
15 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f0661b34bdd99c850e7c1c3fb40188743848c2353682e600dc0fa009ced29f9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:45:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58908
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14794
x-xss-protection: 0
server: cafe
etag: 15882346334465922746
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 22:45:36 GMT

GET
H3 200 1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js Show response
pagead2.googlesyndication.com/bg/ Frame 9CE0 51 KB
19 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7514551766154384&output=html&h=280&slotname=2254100345&adk=2067144678&adf=4055265243&pi=t.ma~as.2254100345&w=816&fwrn=4&fwrnh=100&lmt=1701436764&rafmt=1&format=816x280&url=https%3A%2F%2Fcettest.org%2Fcomerica-bank-login%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701788842541&bpp=1&bdt=451&idt=396&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=5316508558607&frm=20&pv=1&ga_vid=2029513641.1701788842&ga_sid=1701788843&ga_hid=1531119087&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=190&ady=820&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079929%2C44807753%2C44807764%2C44808148%2C44808285%2C44809071%2C95320229&oid=2&pvsid=1389099523732639&tmod=648729593&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7fee07b08f21a5a9c385220b8e279007527e8bfb32434d53da04727600362ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:53:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 90839
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19719
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 03 Dec 2024 13:53:25 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 75ms
75ms Preflight
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 05 Dec 2023 15:07:24 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 14C7 14 KB
1 KB 51ms
51ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 05 Dec 2023 15:07:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 05 Dec 2023 13:58:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 05 Dec 2023 15:07:24 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame 14C7 2 KB
822 B 40ms
40ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:34:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59595
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 22:34:09 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/ Frame 14C7 24 KB
9 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a7b1c8d19c1d74836d2aaaaaf1fb2bde2a42708f6d4bb4c9168d7609503fbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:39:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59252
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9313
x-xss-protection: 0
server: cafe
etag: 8709779397046830652
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 22:39:52 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame 14C7 3 KB
1 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 18:56:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72680
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 18:56:04 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame 14C7 20 KB
8 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

240ed2cf95df9fa682cc2a820a6681e8faa474dcd678ffbe844351ccbda9bb6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 12:26:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9667
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8549
x-xss-protection: 0
server: cafe
etag: 755982428571291914
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Dec 2023 12:26:17 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 14C7 202 KB
64 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dce4158779dce6da3ede11337029f817a03f45c9559b1f91d8a7c5ac130f38c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:07:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65147
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701694399686299"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Dec 2023 15:07:24 GMT

GET
H3 200 7a8419aef3683f04c437bd15cecf843d.js Show response
www.gstatic.com/mysidia/ Frame 14C7 37 KB
15 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7a8419aef3683f04c437bd15cecf843d.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

949b3cde1a46caf4f55bb496f58a44af641a4b9fed64f95057bb5eeff142170b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:09:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68282
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15452
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 19:10:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 03 Mar 2024 20:09:22 GMT

GET
DATA 200
OK truncated
/ Frame 6F0A 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01d81bf26970ab7af66656de74f82e1e61a3013481d5550942f3cbe79af8f9d3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 6F0A
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C4CmpqzxvZdugBaO_vcAP4p-AoA6RjImHdK7BtvKnEu6_i6nePBABIMLo4ntglYKAgJQHoAH75N-YA8gBAqkCuJjczsErsj6oAwHIA8mEgIAEqgSHAk_QVAIPoyKjTi5cgJGcaFxmfpyqK3d...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210527982365460858973%22,%22debug_reporting%22:true,%22destination%22:%22https://enpal.de%22,%22event_report_window%22:%222...

0
0

76ms
75ms

Fetch
text/css

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210527982365460858973%22,%22debug_reporting%22:true,%22destination%22:%22https://enpal.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22857207419%22],%224%22:[%2212-05%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210468161930946269137%22}&andc=true

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:07:25 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"10527982365460858973","debug_reporting":true,"destination":"https://enpal.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["857207419"],"4":["12-05"],"6":["true"]},"priority":"500","source_event_id":"10468161930946269137"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 05 Dec 2023 15:07:25 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 05 Dec 2023 15:07:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"10527982365460858973","debug_reporting":true,"destination":"https://enpal.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["857207419"],"4":["12-05"],"6":["true"]},"priority":"500","source_event_id":"10468161930946269137"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 73FE
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

57ms
54ms

Document
text/html

2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 15:07:25 GMT
expires: Tue, 05 Dec 2023 15:07:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 15:07:24 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame B5CF 41 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cyv07QLNTDa-OpZITXR1Wk6noBREvqUCBwVkaysGDo9lDInqyYsV_sTyXw7zxcVp0mNRc4_XwXLI_dyChPUVeFpXPg1EvPfngiXehFCSHcyuQ-G0PJJPZYF9VeVBYBwLwAe2-ePCpZe5lJDqNV5eIJiZoyF9rzd-s6TfgBx7ATgwX-mCE&cry=1&dbm_d=AKAmf-DNnJPXuTI-B7LM2h_ybyU2iQ4_1E9l3oh2dI1EvPaYnbpjC9wbxDQ8t60sX8lo_MqcM9AkAofRDlNLnC3fSBBkLKMvViMfDG7GXe0sK5fITuPf5lxOJkFW6ftqJggWKPbTZgYsx8Y-Npu9M0wIhpTbie8VIhQhdBpzLFDBdRewIF-NA65iMHQorM6U6y6_YV7OX-6AfLjSp3DBkV5XsZ6cHIbedUdm7tGAIaM_aNG5tnQH0oSFb4vdd4lJIccCIObI3u7ghqeRC9iLf_J2uB8em3cKi2gJTS6J3CWvpR6HjDJN49CR5kuzvvmo6NMKS5gzeqMd6rs3-BO0nTf_yI8S2RLo3pD42KH2ZdOnoszV3GQlj5gyoTY7Nkd4ROE1Pj22eDLoUQZ5Qzoc9DCDsQT_cOWVRg90rd8pvxSmQaWObQS5ae-MSGC-D9wIXk6fi-ChArxeMJ-3luEb4anPRkWNIWF__IeDLmkpfIqFOnh10aKDVMfvmVpoGiBblJnkTRv9_tPgcNK8G_0_tENREj_ZB9VaROH6Ev5P-zJYg-xBXIFYQBDoI14AyPixtVQ0RRilQZ3KHSZmRWPNYo04EGh_y1nzASuXkSOwBmEEtylNmojz9QSlh4uSOmNO8bbJEGLOT0ielcLC2g3b09GnilThx4GClL0CeCcZN-wkSISBRE0gx5QppYyWmff97TLZ-kpLTIVOf_t3xcBdBJpJYfvXFH_jwHqpTT2vPRJfyU_gVB17Ws8Ii-LR_snIjrHXU2pC2HgclyLs87NdLSRpzoS4WGv537deza5nDWv9ExMnpZhQVRx1bX5ICy_fzVCKTViZ7p5Hn4JHb44isj04GXFy9UHydRXJd7LCOTbkMjO2qfrUXX3CwwdfAAQhIeM80hdSkm0kMT7Po5Vc-ZrPYngjKPxGln763VAZ7nyYr1uuYCd9vVokxi9GkLdsB2KE85S-1Cy8rrhinckuG-Qhue5VAuTuoLZVwsP9csattJardf2bvJ9od1r7dGbMw7HwnopFUlujJ_pF2TKkYScJiC_JB7JQeQuTinkj3O1zKkJvrKKeYSZ5JWY502SL6hNRbbMCZSXiLDBkEyyzdAbdKg_OpEcPvgBXu3MP8-Ygzg0Kxz3ci_0W9ji1abl7_4Khb_3PCzW9by9YRFPlre05nQaskAm2KQyv2OrRMaymaGmnUMA-ucH1Gw4xZbxr7D75N6WZrkkXJZSjj8Ye4Qa9_R5JwAk3QE84VIqN7deae6Ljx7rGH4qJcC_BwNlz1bKJLK0EZvXghVgmJ3DUKRvxJqsu3WAjdGrN6w4Bu1qUFki5rxu3LoPgYvA-JobJiUaOejvEgvHMh_xmO4jQd1RoOAxbuK4AzcUlOSKDkRUDyCVo5hNcQlVyDtd4esk3i13WQLa4pfp6r-fDKPVzGnJ_AfxqYd_NzJHIqVzs_kn315JHjJJupKqIO6zpndt_nhe40D2TR2HIn5l4LJILATDc02f65IE-fDncLeJbl-Np_2U5uYO01_mR2_bbfuznJJpI12YluiuZSbJ-bK0AUzqx88Blheenf3eAbJfylaBFblA-UFS-IbHfc8X90MxjaHrkBfocPEwNAjfGJGySDyWAY_OUqVTtZsgmY3uOq77Ym36Mf86A3CefFQMpegnaBRn_Oj2HyZXYu3s_Ga-x6kWyKlpYHV_MCAII7wed-_IZmgVqS0ta_WHRqBkjNzkTm8yDL6C5CjrgaEv3-sqyz8peqMDub-DoNHtH42n2DzY4rqLKOtSdEhDsTIrFUTwkKh3UVnSnvNNycWeSZtjLMVS8U4QtzwgnuoJopqWCdOMlipndOpjZrFqrZSIm-0t0OameCdMXMc8SvN0Mo9WEv5IaN-ZU6WWlzwTSYnqaidZnOeLWvHjZsGgN2z6L4hX0XhgA2fi_xexbB858AFCEHYzGZBM8pAgb5Lgxf9M9fzvSEqACtdEgMClfrffRDWyTzXOakVPUcLb5LuejMqD6UySU3gNC3_bsKu3_E-FzwX3JxUftG1xC3VokqlBWZHjBzFkNMwumcgxuAmzMVUXypzItyYEQ9vAiVQjsrMvQlr-E1jiaW8ynZ4Rc3XWHRI_qLJtA-ih_j_Pk2aroTUuMwPSB4bpbc49VuTTvjrHLcXkPzbN7N2JHt2_2m2i-rc6CtY67SjfbMo7BeDsyhDjyJcKveeDHyEXTKWugFspRO5DNFX3MZoKg0IS44x_M_6JX8rOZ74NbtxDD3XgKSReK3zGyPzjQTecEutOI_O4A8Jwr3jxPUSJ6AY5GKdhkmyMRBd8ilvSrJvVfTGdsbJSs0kZiUh6JZnE9oRUENlpr2WcvAQEujH8jQuRDY_PvD-1B9lM_wdF9_kEeDhTLTx4vAaNISIORTp8dEciF8mpfbxnSqDLXjw-ddUepj9HkiCOiCt9gdGsD74F39WJJz8XsA2H0SLR3Ro3ZnHc6D8wHtBepUiepgV2rKeJ5r4gffhOpUZd8WrqKN0hyDSKQwo_j0O6uKhVnz4VvOg7H9fy4WRiis2wVsbAsVB8rBvW88z4LR1ZRpw45oOAwLOSClukew2jEGnEVuHbhVeVMgCMahawnS8cfmB4bzv6kXL4ldflQRx5NJ34zYX5AMl_cyk1z8a2YopJTWRpPBT3x8RZLckFPYbssXnHiyNIVucNEryIImvTXRUsW8d1pvkJkt4dspZhA7Ms-J2pA1kA1oNKUotIC--XxfWQctVBSy7PGpgv2jYTlc76MKa04sH_Fa8MDKQ0Pi0F5Xb92EaJ5AM3TVhwvxizU-B0LzRaG8b2pgawnT1lKt-ejSOtsYEd2mPsPbZM4sZ37azRFI9JvYx69B3S4D7hHwNeGKhwasKze1Be077cJy4PSLQNXLX_LtilMvOkEimyuBl1dRYp9s57GaVCHiyqbZgjnZGJbYRZmIdR_rxjS3Q0SDZDGMxGhH2fSCjs4aCBe-bxUM_bG59t5Y1J7lbipnFjIRyIzIxwCSD2fhftrRbORIFZx7VmpuVG_BmNob05NjfBSOd2pzNa87WOKABE9DC1S6yYjFgu-_vuMy12K7PaBnfGt98KSwAlVzh3UkkTYWbxcCy_fGyvMvqxoGGxdv8txWN7ob0sWbGanWUWG2wegQNk6ZG1RJFiQGZ0hOXW8j0H1xN5iznuzrpLwWxwNbBQAhCfOIN5VQP8Gsfw-i6mDhHx5hVgzLMTJbYtxfiAyJT9sYxIE6i6T9bDsFov9GGmxsvjEWKbOk5j_MTYQWECQwIVhYOWVXtRw2sY8uyRv8jn9k8FTBz_kv76n1uyiKotyRXGLP6BTebHHx6Q9jJsf_FwamHOP_5_GDTgQHp7JptnewI-3vvzLZWZsQDIt4VDrm5wsDHCTx2FepYaU23C-rO4Ha783V5pi1w9XJ6sbAqgwTUJbsE1ekN5oeiw5YL4u1XJjYFJ3LqCQT7qQ9UAdUuvSoHKSRUFXFwD6lETUVlh2P-nXW8ISrrqiUMGOwBnowQETVRaVOTMB0_nFu0WETSi1FtzyEj3UYGiGjrEJbU9dpB-_tXA6kCfntMfvQ7W786ZGaGJvo4CGVZpQcDqIl3Q-cTpBlQo42435_N2GgXfCk84sAq9JWkETmZZOQ8LBLNFGpLoZXi-6dyuH13sHfbWOyCopuUiTbBWqvXVdvdvxW72apTLndEAd4x7fKCvV5RU4qoHaJjyxxg1XgMJNoTroXcZOi5i60AhafZNG2Zn3Hg_VFL0yU7tw7fg3nh-_zS9WSKylnLtwoBDAsZ1d8-Pu2vnkCZeu27ZIFH2DR119s9gr8hyMu0vRSsLYgLsI3ahBbDj7Kcd6jFWbdcciLksbK2QYT79v2trIiMmUkYsJub0UKJqJeI3Sounl0uT9Qp2fi81wvLoX12XET9YhNdjNxrENqrjrI6Hw0NYcJsHSzQ&cid=CAQSTgDICaaNxFApLX_pwqOGmwFG42Fvz7jf9uKUJ2HWWX7vNWexZeuAquhLQBwKXmwS63-bKtLiyCpLAE1HtHOmmeM9Smc0LrID2p8twU7hDxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fcettest.org%2F&ds=l&xdt=1&iif=1&cor=7850404630048310000&adk=1761367584&idt=136&cac=0&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 16:17:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 255002
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 16:17:22 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMTc4ODg0NDQ1MTExMQogIHNlcnZlcl9pcDogMTI2MDYxNjg4CiAgcHJvY2Vzc19pZDogMzAzNzI3MDQyNAp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0...
ad.doubleclick.net/ddm/activity/ Frame B5CF 0
867 B 188ms
75ms Image
image/png 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMTc4ODg0NDQ1MTExMQogIHNlcnZlcl9pcDogMTI2MDYxNjg4CiAgcHJvY2Vzc19pZDogMzAzNzI3MDQyNAp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiAzNjkzMTEwNDE0MDg4ODg4MTQyCmRlYnVnX2tleTogMjU0MDQ4NjYzMjkxOTM0Mjg2MgppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QUk9EVUNUX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9EQVRFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIjIwMjMtMTItMDUiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0ZMT09ETElHSFRfQ09ORklHX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxMTg2ODk0MwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9DT1JFX1BMQVRGT1JNX1NFUlZJQ0UKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBVEZPUk1fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9RVUVSWV9DT1VOVFJZCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIlVTIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFDRU1FTlRfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMzMjI1OTc0MQogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQURWRVJUSVNFUl9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogODc4MjQzNjk2CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19MSU5FX0lURU1fSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDE2NjYwMTQyMDYzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19DUkVBVElWRV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogNDE2MjEyMzIwCiAgfQp9CmFyY2hldHlwZV9pZDogMTIKYXJjaGV0eXBlX2lkOiAxMwphcmNoZXR5cGVfaWQ6IDE0CmFyY2hldHlwZV9pZDogMTUKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL3JlZGludGVsbGlnZW5jZS5uZXQiCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9hZC1zcnYubmV0IgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8va2xpY2std2VsdC5kZSIKaW1wcmVzc2lvbl9ldmVudF9yZXBvcnRpbmdfd2luZG93X2RheXM6IDQKYnJvd3Nlcl9hdHRyaWJ1dGlvbl9hcGlfcmVxdWVzdF9wcm9jZXNzaW5nX2JpdHM6IDczODE5NzUwNAo

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7514551766154384&output=html&h=280&slotname=2254100345&adk=1753697443&adf=1266304483&pi=t.ma~as.2254100345&w=549&fwrn=4&fwrnh=100&lmt=1701436764&rafmt=1&format=549x280&url=https%3A%2F%2Fcettest.org%2Fcomerica-bank-login%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701788842542&bpp=1&bdt=452&idt=436&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C816x280&nras=1&correlator=5316508558607&frm=20&pv=1&ga_vid=2029513641.1701788842&ga_sid=1701788843&ga_hid=1531119087&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=326&ady=1203&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079929%2C44807753%2C44807764%2C44808148%2C44808285%2C44809071%2C95320229&oid=2&pvsid=1389099523732639&tmod=648729593&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=440

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 15:07:24 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0x67c171d8ba4de45f0000000000000000","13":"0xb668e6866b4772090000000000000000","14":"0xd33526cf05b9123c0000000000000000","15":"0xff96e38e0e3df10a0000000000000000"},"debug_key":"2540486632919342862","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["11868943"]},"priority":"0","source_event_id":"3693110414088888142"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK wmoiqux43uzw Show response
hal9000.redintelligence.net/zone/ Frame B5CF 12 KB
4 KB 151ms
42ms Script
text/html 138.201.84.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/wmoiqux43uzw?subid=&gdpr=&gdpr_consent=&rnd=1701788843145917&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCVX3-qzxvZf3zCNaavcAPgfKzIKblvaBpvZOcp8kP8C4QASDC6OJ7YJWCgICUB8gBCakCuJjczsErsj6oAwHIA5sEqgSVAk_Qdwlr2XX99OBzZzjCDzPygllhMJSP-DVyCVsB_ltzUQdbtxbkXjOOyt19OgZ8Xcq1-kEKe2ukoqFWrFZWCWMhVCdVWkJjTDE13qD4aYYMYW2C3zlCw3YjF2W6Xj50IjQL_a_hv2fXaEnWjtNwO7JMcsAuTheRLYbXs_qXI9tSk50bQohtFBx1Ap7Y8dwNtUW6OqNep-_ew1HCmuGkFaO-Dl8AFjoqaqp-J2jI2btu3uZVCnk8CXzdouMJFUY8DyHEChZpmQlrVS-fPoQcbnjGN4WfZSrmtZhgI7Skv3Vya5-lHtloskM6TqTkHhrZ1XSGVD2aYY7UHAJr6DvGO2EcpgR4m3bRa0PHwvBJJ8MKoNpw59PABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY-ujhu8n4ggOACgGYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNxFApLX_pwqOGmwFG42Fvz7jf9uKUJ2HWWX7vNWexZeuAquhLQBwKXmwS63-bKtLiyCpLAE1HtHOmmeM9Smc0LrID2p8twU7hDxgB%26sig%3DAOD64_3-1hASw1_3JXDMUP9DU7s4yWJ3SQ%26client%3Dca-pub-7514551766154384%26dbm_c%3DAKAmf-AdPz01zhkQbBDylIPpGFF2xcX43-fHVAPKhg-nek5x176g3R3bm2xTKTA9XIgDL_66zWP8kksaguDRw8az6rOppYx0K3nNrF5Kye9dxWvjLi5jIxm9dQysaQCHMT0HRwdA-mZImbz22JXHa9Wf1qA_eXLOocCoRBeEx35QbusMWPXkrj8%26cry%3D1%26dbm_d%3DAKAmf-D7O5o_d5PX4Zx7wuClqZ0EZcZB2EA3dJmvl22QZ7zhs6m1bTg3FAhE2fvEqRFnN0prA28QcE0XF_oYllOg47gUGY7BybaynJmJe00CTSfrg3yNKJGQkBoVPIZMUeNBtY29eN5CoIHQOkHmN_6WHX1FQsOLrh-K_zwbZ2b7owdZbWhXvlqnt-6SSLtNVzjtgiFgMIPaVCNO9a0uA6XH58UqRhPBMLY2tHq-WhhWtijWg9_lQgTIZFo0HMuurvhRPqNMBuwrJriCZZjq0IDzxw2prqgLO4E-IUuWBzgcZx9EHPqIPrwl4A1i5T6sV9xHp12maB_a7rJDm8fj2u0uohvMd6bgYQ3yzP6bfwSxVS-KSR7dM-k0XeGuVRx_W8G9mdGHP4lRZr2Q86GCIj1ExZohByQgufBzKsBnZaxhMB31xJgOYfr_TUYX9V0V3NiD2OlopkbId1c69gr3KeMJCJFTxrl60Jgll5ydC3DsCRdkGhIRILDxaasRYz_PrCoQqLisLurjBrkxSXCCFRNeXBuR37OuHS64_01t2uSI3W5U2jYiE89X5o0Q4Aog6g6DV4aBfL3m%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7514551766154384&output=html&h=280&slotname=2254100345&adk=1753697443&adf=1266304483&pi=t.ma~as.2254100345&w=549&fwrn=4&fwrnh=100&lmt=1701436764&rafmt=1&format=549x280&url=https%3A%2F%2Fcettest.org%2Fcomerica-bank-login%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701788842542&bpp=1&bdt=452&idt=436&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C816x280&nras=1&correlator=5316508558607&frm=20&pv=1&ga_vid=2029513641.1701788842&ga_sid=1701788843&ga_hid=1531119087&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=326&ady=1203&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079929%2C44807753%2C44807764%2C44808148%2C44808285%2C44809071%2C95320229&oid=2&pvsid=1389099523732639&tmod=648729593&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=440
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.244.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 7ff7882c19a951c8a371370543c425df8aed798bedf7b7f600bda144ecc996c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 15:07:24 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4237
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js Show response
pagead2.googlesyndication.com/bg/ Frame 38ED 51 KB
19 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js

Requested by

Host: cettest.org
URL: https://cettest.org/comerica-bank-login/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7fee07b08f21a5a9c385220b8e279007527e8bfb32434d53da04727600362ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:53:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 90839
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19719
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 03 Dec 2024 13:53:25 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 74ms
74ms Preflight
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 05 Dec 2023 15:07:24 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame CCFB 38 KB
13 KB 45ms
39ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 97259
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 12:06:25 GMT
expires: Tue, 03 Dec 2024 12:06:25 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

request.php Show response
hal90009.redintelligence.net/ Frame B5CF
Redirect Chain

https://hal90009.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=6eaddb6ee0&subid=&uid=4fe51a5f706f9e4b&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
https://hal90009.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=6eaddb6ee0&subid=&uid=4fe51a5f706f9e4b&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...

4 KB
2 KB

198ms
118ms

Script
application/x-javascript

138.201.63.149
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90009.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=6eaddb6ee0&subid=&uid=4fe51a5f706f9e4b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCVX3-qzxvZf3zCNaavcAPgfKzIKblvaBpvZOcp8kP8C4QASDC6OJ7YJWCgICUB8gBCakCuJjczsErsj6oAwHIA5sEqgSVAk_Qdwlr2XX99OBzZzjCDzPygllhMJSP-DVyCVsB_ltzUQdbtxbkXjOOyt19OgZ8Xcq1-kEKe2ukoqFWrFZWCWMhVCdVWkJjTDE13qD4aYYMYW2C3zlCw3YjF2W6Xj50IjQL_a_hv2fXaEnWjtNwO7JMcsAuTheRLYbXs_qXI9tSk50bQohtFBx1Ap7Y8dwNtUW6OqNep-_ew1HCmuGkFaO-Dl8AFjoqaqp-J2jI2btu3uZVCnk8CXzdouMJFUY8DyHEChZpmQlrVS-fPoQcbnjGN4WfZSrmtZhgI7Skv3Vya5-lHtloskM6TqTkHhrZ1XSGVD2aYY7UHAJr6DvGO2EcpgR4m3bRa0PHwvBJJ8MKoNpw59PABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY-ujhu8n4ggOACgGYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNxFApLX_pwqOGmwFG42Fvz7jf9uKUJ2HWWX7vNWexZeuAquhLQBwKXmwS63-bKtLiyCpLAE1HtHOmmeM9Smc0LrID2p8twU7hDxgB%26sig%3DAOD64_3-1hASw1_3JXDMUP9DU7s4yWJ3SQ%26client%3Dca-pub-7514551766154384%26dbm_c%3DAKAmf-AdPz01zhkQbBDylIPpGFF2xcX43-fHVAPKhg-nek5x176g3R3bm2xTKTA9XIgDL_66zWP8kksaguDRw8az6rOppYx0K3nNrF5Kye9dxWvjLi5jIxm9dQysaQCHMT0HRwdA-mZImbz22JXHa9Wf1qA_eXLOocCoRBeEx35QbusMWPXkrj8%26cry%3D1%26dbm_d%3DAKAmf-D7O5o_d5PX4Zx7wuClqZ0EZcZB2EA3dJmvl22QZ7zhs6m1bTg3FAhE2fvEqRFnN0prA28QcE0XF_oYllOg47gUGY7BybaynJmJe00CTSfrg3yNKJGQkBoVPIZMUeNBtY29eN5CoIHQOkHmN_6WHX1FQsOLrh-K_zwbZ2b7owdZbWhXvlqnt-6SSLtNVzjtgiFgMIPaVCNO9a0uA6XH58UqRhPBMLY2tHq-WhhWtijWg9_lQgTIZFo0HMuurvhRPqNMBuwrJriCZZjq0IDzxw2prqgLO4E-IUuWBzgcZx9EHPqIPrwl4A1i5T6sV9xHp12maB_a7rJDm8fj2u0uohvMd6bgYQ3yzP6bfwSxVS-KSR7dM-k0XeGuVRx_W8G9mdGHP4lRZr2Q86GCIj1ExZohByQgufBzKsBnZaxhMB31xJgOYfr_TUYX9V0V3NiD2OlopkbId1c69gr3KeMJCJFTxrl60Jgll5ydC3DsCRdkGhIRILDxaasRYz_PrCoQqLisLurjBrkxSXCCFRNeXBuR37OuHS64_01t2uSI3W5U2jYiE89X5o0Q4Aog6g6DV4aBfL3m%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-7514551766154384%26output%3Dhtml%26h%3D280%26slotname%3D2254100345%26adk%3D1753697443%26adf%3D1266304483%26pi%3Dt.ma~as.2254100345%26w%3D549%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1701436764%26rafmt%3D1%26format%3D549x280%26url%3Dhttps%253A%252F%252Fcettest.org%252Fcomerica-bank-login%252F%26ea%3D0%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1701788842542%26bpp%3D1%26bdt%3D452%26idt%3D436%26shv%3Dr20231130%26mjsv%3Dm202311300101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C1200x280%252C816x280%26nras%3D1%26correlator%3D5316508558607%26frm%3D20%26pv%3D1%26ga_vid%3D2029513641.1701788842%26ga_sid%3D1701788843%26ga_hid%3D1531119087%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D326%26ady%3D1203%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C31079929%252C44807753%252C44807764%252C44808148%252C44808285%252C44809071%252C95320229%26oid%3D2%26pvsid%3D1389099523732639%26tmod%3D648729593%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CeEbr%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D4%26uci%3Da!4%26btvi%3D1%26fsb%3D1%26dtd%3D440&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fcettest.org&random=5117799607512&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7514551766154384&output=html&h=280&slotname=2254100345&adk=1753697443&adf=1266304483&pi=t.ma~as.2254100345&w=549&fwrn=4&fwrnh=100&lmt=1701436764&rafmt=1&format=549x280&url=https%3A%2F%2Fcettest.org%2Fcomerica-bank-login%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701788842542&bpp=1&bdt=452&idt=436&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C816x280&nras=1&correlator=5316508558607&frm=20&pv=1&ga_vid=2029513641.1701788842&ga_sid=1701788843&ga_hid=1531119087&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=326&ady=1203&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079929%2C44807753%2C44807764%2C44808148%2C44808285%2C44809071%2C95320229&oid=2&pvsid=1389099523732639&tmod=648729593&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=440
Protocol: HTTP/1.1
Server: 138.201.63.149 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.149.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: d827e8ca80b79d42121fce6ca1281db45d00e445ac29bc08b7f5709edfa85783

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 05 Dec 2023 15:07:25 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 74828600138097904444994012529009
Connection: close
Content-Length: 1369
Expires: Tue, 05 Dec 2023 15:07:25 +0100

Redirect headers

Pragma: no-cache
Date: Tue, 05 Dec 2023 15:07:25 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=6eaddb6ee0&subid=&uid=4fe51a5f706f9e4b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCVX3-qzxvZf3zCNaavcAPgfKzIKblvaBpvZOcp8kP8C4QASDC6OJ7YJWCgICUB8gBCakCuJjczsErsj6oAwHIA5sEqgSVAk_Qdwlr2XX99OBzZzjCDzPygllhMJSP-DVyCVsB_ltzUQdbtxbkXjOOyt19OgZ8Xcq1-kEKe2ukoqFWrFZWCWMhVCdVWkJjTDE13qD4aYYMYW2C3zlCw3YjF2W6Xj50IjQL_a_hv2fXaEnWjtNwO7JMcsAuTheRLYbXs_qXI9tSk50bQohtFBx1Ap7Y8dwNtUW6OqNep-_ew1HCmuGkFaO-Dl8AFjoqaqp-J2jI2btu3uZVCnk8CXzdouMJFUY8DyHEChZpmQlrVS-fPoQcbnjGN4WfZSrmtZhgI7Skv3Vya5-lHtloskM6TqTkHhrZ1XSGVD2aYY7UHAJr6DvGO2EcpgR4m3bRa0PHwvBJJ8MKoNpw59PABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY-ujhu8n4ggOACgGYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNxFApLX_pwqOGmwFG42Fvz7jf9uKUJ2HWWX7vNWexZeuAquhLQBwKXmwS63-bKtLiyCpLAE1HtHOmmeM9Smc0LrID2p8twU7hDxgB%26sig%3DAOD64_3-1hASw1_3JXDMUP9DU7s4yWJ3SQ%26client%3Dca-pub-7514551766154384%26dbm_c%3DAKAmf-AdPz01zhkQbBDylIPpGFF2xcX43-fHVAPKhg-nek5x176g3R3bm2xTKTA9XIgDL_66zWP8kksaguDRw8az6rOppYx0K3nNrF5Kye9dxWvjLi5jIxm9dQysaQCHMT0HRwdA-mZImbz22JXHa9Wf1qA_eXLOocCoRBeEx35QbusMWPXkrj8%26cry%3D1%26dbm_d%3DAKAmf-D7O5o_d5PX4Zx7wuClqZ0EZcZB2EA3dJmvl22QZ7zhs6m1bTg3FAhE2fvEqRFnN0prA28QcE0XF_oYllOg47gUGY7BybaynJmJe00CTSfrg3yNKJGQkBoVPIZMUeNBtY29eN5CoIHQOkHmN_6WHX1FQsOLrh-K_zwbZ2b7owdZbWhXvlqnt-6SSLtNVzjtgiFgMIPaVCNO9a0uA6XH58UqRhPBMLY2tHq-WhhWtijWg9_lQgTIZFo0HMuurvhRPqNMBuwrJriCZZjq0IDzxw2prqgLO4E-IUuWBzgcZx9EHPqIPrwl4A1i5T6sV9xHp12maB_a7rJDm8fj2u0uohvMd6bgYQ3yzP6bfwSxVS-KSR7dM-k0XeGuVRx_W8G9mdGHP4lRZr2Q86GCIj1ExZohByQgufBzKsBnZaxhMB31xJgOYfr_TUYX9V0V3NiD2OlopkbId1c69gr3KeMJCJFTxrl60Jgll5ydC3DsCRdkGhIRILDxaasRYz_PrCoQqLisLurjBrkxSXCCFRNeXBuR37OuHS64_01t2uSI3W5U2jYiE89X5o0Q4Aog6g6DV4aBfL3m%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-7514551766154384%26output%3Dhtml%26h%3D280%26slotname%3D2254100345%26adk%3D1753697443%26adf%3D1266304483%26pi%3Dt.ma~as.2254100345%26w%3D549%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1701436764%26rafmt%3D1%26format%3D549x280%26url%3Dhttps%253A%252F%252Fcettest.org%252Fcomerica-bank-login%252F%26ea%3D0%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1701788842542%26bpp%3D1%26bdt%3D452%26idt%3D436%26shv%3Dr20231130%26mjsv%3Dm202311300101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C1200x280%252C816x280%26nras%3D1%26correlator%3D5316508558607%26frm%3D20%26pv%3D1%26ga_vid%3D2029513641.1701788842%26ga_sid%3D1701788843%26ga_hid%3D1531119087%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D326%26ady%3D1203%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C31079929%252C44807753%252C44807764%252C44808148%252C44808285%252C44809071%252C95320229%26oid%3D2%26pvsid%3D1389099523732639%26tmod%3D648729593%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CeEbr%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D4%26uci%3Da!4%26btvi%3D1%26fsb%3D1%26dtd%3D440&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fcettest.org&random=5117799607512&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Tue, 05 Dec 2023 15:07:25 +0100

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame CCFB 39 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 00:33:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52413
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Dec 2024 00:33:52 GMT

GET
H3 200 1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js Show response
pagead2.googlesyndication.com/bg/ Frame F3C7 51 KB
19 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7fee07b08f21a5a9c385220b8e279007527e8bfb32434d53da04727600362ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 13:53:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 90840
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19719
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 03 Dec 2024 13:53:25 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CCFB 0
20 B 78ms
78ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B2pgSrDxvZafEG_iYjuwPmKOkqAsAAAAAOAHgBAI&bg=!ODulO3TNAAY3kmNgF5I7ADQBe5WfOBn_Gmyu4OxEeVxZzqlmA64bUws4vWJ9fNId1KWP9ajbBAT8W5Rn6vVudQspi_UlAgAAAJ9SAAAABGgBBwoAjmf5DsSllR-Ni3iEWSZIXRu_nJnBDgsToxA-UAS8UbLGif3pCnTHQ5quIE4u8qzn2rAVUlNzrv4qLrh4-Vctsx68SbfVJdnwCKcGk3emy5grkYl3o2HUI5LfeqWIldLmGkCVskgSE6ZALOt7RH6sKkIs9As6hHefsR3M9j1C4Zonwjc2ZqWnSMp0bLfTrA2ZAvsYsALkkA5Bdhp-lFOM7EguyKigDDRyB-Nsa-ZNo7NZCLOq4mm62baTPyDoAisN10jhTIVAs02nmQXwnjPxTH_m8uY5-jgRNxvjMUTLcs9vYGnKVaKNqaea3HgNDYTNu-eXZZDH4As4Sc1fKHd_A4yvXRnVzOKRNZ5GhIOcEZz58PVk-SdDVzukxBJaIV6dOKOL1yRJnug0DEPXb3PWJiHJUuLg9sZS7pB5i7Z2Z7CFaKBCXD7hGRbKiiBESnUi1YjCGNSwl4mtuDrjxDRvLv2EsbZDAZyWyjEY2a6THVcSBml4Cj2_FUCgy4FmAnb3AmDFod1T5ZNlZ2NRUL80nkj0nYi0WT5vv5E-bLN-zXYEpdRxi0yHSQDTmvbvNcTGZmqpgrV_6INU1XWinQv6GZSNysd4gzI6vKDfT3AJ5abSi0c8mQQL7__6ow81SFnprpThOI-j_s_tEZAocsfPbebpoNKb0eeGNVdipRnzi8T34DHhGd5sjLrKhx__TzlxvLRsgU2IeulBvFNMxNB_DPxT3rVsd_FN4OsDvFFnoJZ1HPiR4vHt9hZ_eVJW98IGb4keLOo5Ml4fTNsqJgy_cTgAf5nLDm_OPSV7OSSj8OPzT0tQQvc-D1EgrV7RSR5o0PbQgcn2jC9y-BoEIbfW-b5z3BKwCuRGktX7cI5W7wN5_Vb1BOHL1RND6ffTVFRfS4YKLT4p-lZiduFKtePMYjQO-BzZ9Xayc8-cNuLsM-HDsvvEALo8hNNtDs2dT4E73kqz220zBJPkb9qDefxVXPI4Pos9glQxVhTgKYHwdC5187JxpKJicPtlY8-Ex2sXqa-4j8Rna80uOB_66yNvuFCNBSDFUwRTsb8lWsdPuJrYUegoYbZKjMPWzDwXkNCCMuFClN9cI6xWEYN2UbZtu9HR4gUKMQozYmj4cOuMUun05RV80AKB7L09FZ4RW7t9ZFdtalvmUJBbYDTaLMPhVkanqPzHWfXfsMLSEU46EeJckQ-jMNvN8ztFtr5p

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7514551766154384&output=html&h=280&slotname=2254100345&adk=1753697443&adf=1266304483&pi=t.ma~as.2254100345&w=549&fwrn=4&fwrnh=100&lmt=1701436764&rafmt=1&format=549x280&url=https%3A%2F%2Fcettest.org%2Fcomerica-bank-login%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701788842542&bpp=1&bdt=452&idt=436&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C816x280&nras=1&correlator=5316508558607&frm=20&pv=1&ga_vid=2029513641.1701788842&ga_sid=1701788843&ga_hid=1531119087&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=326&ady=1203&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079929%2C44807753%2C44807764%2C44808148%2C44808285%2C44809071%2C95320229&oid=2&pvsid=1389099523732639&tmod=648729593&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=440

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 15:07:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 e99aace94e6e58733936cdd965d03e75 Show response
pv.medialead.de/trck/epv/ Frame BF1E 0
327 B 69ms
60ms Document
application/javascript 91.121.248.44
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=74828600138097904444994012529009&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by: Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=6eaddb6ee0&subid=&uid=4fe51a5f706f9e4b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCVX3-qzxvZf3zCNaavcAPgfKzIKblvaBpvZOcp8kP8C4QASDC6OJ7YJWCgICUB8gBCakCuJjczsErsj6oAwHIA5sEqgSVAk_Qdwlr2XX99OBzZzjCDzPygllhMJSP-DVyCVsB_ltzUQdbtxbkXjOOyt19OgZ8Xcq1-kEKe2ukoqFWrFZWCWMhVCdVWkJjTDE13qD4aYYMYW2C3zlCw3YjF2W6Xj50IjQL_a_hv2fXaEnWjtNwO7JMcsAuTheRLYbXs_qXI9tSk50bQohtFBx1Ap7Y8dwNtUW6OqNep-_ew1HCmuGkFaO-Dl8AFjoqaqp-J2jI2btu3uZVCnk8CXzdouMJFUY8DyHEChZpmQlrVS-fPoQcbnjGN4WfZSrmtZhgI7Skv3Vya5-lHtloskM6TqTkHhrZ1XSGVD2aYY7UHAJr6DvGO2EcpgR4m3bRa0PHwvBJJ8MKoNpw59PABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY-ujhu8n4ggOACgGYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNxFApLX_pwqOGmwFG42Fvz7jf9uKUJ2HWWX7vNWexZeuAquhLQBwKXmwS63-bKtLiyCpLAE1HtHOmmeM9Smc0LrID2p8twU7hDxgB%26sig%3DAOD64_3-1hASw1_3JXDMUP9DU7s4yWJ3SQ%26client%3Dca-pub-7514551766154384%26dbm_c%3DAKAmf-AdPz01zhkQbBDylIPpGFF2xcX43-fHVAPKhg-nek5x176g3R3bm2xTKTA9XIgDL_66zWP8kksaguDRw8az6rOppYx0K3nNrF5Kye9dxWvjLi5jIxm9dQysaQCHMT0HRwdA-mZImbz22JXHa9Wf1qA_eXLOocCoRBeEx35QbusMWPXkrj8%26cry%3D1%26dbm_d%3DAKAmf-D7O5o_d5PX4Zx7wuClqZ0EZcZB2EA3dJmvl22QZ7zhs6m1bTg3FAhE2fvEqRFnN0prA28QcE0XF_oYllOg47gUGY7BybaynJmJe00CTSfrg3yNKJGQkBoVPIZMUeNBtY29eN5CoIHQOkHmN_6WHX1FQsOLrh-K_zwbZ2b7owdZbWhXvlqnt-6SSLtNVzjtgiFgMIPaVCNO9a0uA6XH58UqRhPBMLY2tHq-WhhWtijWg9_lQgTIZFo0HMuurvhRPqNMBuwrJriCZZjq0IDzxw2prqgLO4E-IUuWBzgcZx9EHPqIPrwl4A1i5T6sV9xHp12maB_a7rJDm8fj2u0uohvMd6bgYQ3yzP6bfwSxVS-KSR7dM-k0XeGuVRx_W8G9mdGHP4lRZr2Q86GCIj1ExZohByQgufBzKsBnZaxhMB31xJgOYfr_TUYX9V0V3NiD2OlopkbId1c69gr3KeMJCJFTxrl60Jgll5ydC3DsCRdkGhIRILDxaasRYz_PrCoQqLisLurjBrkxSXCCFRNeXBuR37OuHS64_01t2uSI3W5U2jYiE89X5o0Q4Aog6g6DV4aBfL3m%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-7514551766154384%26output%3Dhtml%26h%3D280%26slotname%3D2254100345%26adk%3D1753697443%26adf%3D1266304483%26pi%3Dt.ma~as.2254100345%26w%3D549%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1701436764%26rafmt%3D1%26format%3D549x280%26url%3Dhttps%253A%252F%252Fcettest.org%252Fcomerica-bank-login%252F%26ea%3D0%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1701788842542%26bpp%3D1%26bdt%3D452%26idt%3D436%26shv%3Dr20231130%26mjsv%3Dm202311300101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C1200x280%252C816x280%26nras%3D1%26correlator%3D5316508558607%26frm%3D20%26pv%3D1%26ga_vid%3D2029513641.1701788842%26ga_sid%3D1701788843%26ga_hid%3D1531119087%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D326%26ady%3D1203%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C31079929%252C44807753%252C44807764%252C44808148%252C44808285%252C44809071%252C95320229%26oid%3D2%26pvsid%3D1389099523732639%26tmod%3D648729593%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CeEbr%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D4%26uci%3Da!4%26btvi%3D1%26fsb%3D1%26dtd%3D440&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fcettest.org&random=5117799607512&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS: ip44.ip-91-121-248.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
attribution-reporting-register-source: {"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length: 0
content-type: application/javascript; charset=utf-8
date: Tue, 05 Dec 2023 15:07:25 GMT
host: pv.medialead.de
proxy-host: pv.medialead.de
server: nginx
vary: Origin

GET
H2 200 / Show response
adv.office-partner.de/ Frame 55AE 930 B
923 B 186ms
42ms Document
text/html 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=6eaddb6ee0&subid=&uid=4fe51a5f706f9e4b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCVX3-qzxvZf3zCNaavcAPgfKzIKblvaBpvZOcp8kP8C4QASDC6OJ7YJWCgICUB8gBCakCuJjczsErsj6oAwHIA5sEqgSVAk_Qdwlr2XX99OBzZzjCDzPygllhMJSP-DVyCVsB_ltzUQdbtxbkXjOOyt19OgZ8Xcq1-kEKe2ukoqFWrFZWCWMhVCdVWkJjTDE13qD4aYYMYW2C3zlCw3YjF2W6Xj50IjQL_a_hv2fXaEnWjtNwO7JMcsAuTheRLYbXs_qXI9tSk50bQohtFBx1Ap7Y8dwNtUW6OqNep-_ew1HCmuGkFaO-Dl8AFjoqaqp-J2jI2btu3uZVCnk8CXzdouMJFUY8DyHEChZpmQlrVS-fPoQcbnjGN4WfZSrmtZhgI7Skv3Vya5-lHtloskM6TqTkHhrZ1XSGVD2aYY7UHAJr6DvGO2EcpgR4m3bRa0PHwvBJJ8MKoNpw59PABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY-ujhu8n4ggOACgGYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNxFApLX_pwqOGmwFG42Fvz7jf9uKUJ2HWWX7vNWexZeuAquhLQBwKXmwS63-bKtLiyCpLAE1HtHOmmeM9Smc0LrID2p8twU7hDxgB%26sig%3DAOD64_3-1hASw1_3JXDMUP9DU7s4yWJ3SQ%26client%3Dca-pub-7514551766154384%26dbm_c%3DAKAmf-AdPz01zhkQbBDylIPpGFF2xcX43-fHVAPKhg-nek5x176g3R3bm2xTKTA9XIgDL_66zWP8kksaguDRw8az6rOppYx0K3nNrF5Kye9dxWvjLi5jIxm9dQysaQCHMT0HRwdA-mZImbz22JXHa9Wf1qA_eXLOocCoRBeEx35QbusMWPXkrj8%26cry%3D1%26dbm_d%3DAKAmf-D7O5o_d5PX4Zx7wuClqZ0EZcZB2EA3dJmvl22QZ7zhs6m1bTg3FAhE2fvEqRFnN0prA28QcE0XF_oYllOg47gUGY7BybaynJmJe00CTSfrg3yNKJGQkBoVPIZMUeNBtY29eN5CoIHQOkHmN_6WHX1FQsOLrh-K_zwbZ2b7owdZbWhXvlqnt-6SSLtNVzjtgiFgMIPaVCNO9a0uA6XH58UqRhPBMLY2tHq-WhhWtijWg9_lQgTIZFo0HMuurvhRPqNMBuwrJriCZZjq0IDzxw2prqgLO4E-IUuWBzgcZx9EHPqIPrwl4A1i5T6sV9xHp12maB_a7rJDm8fj2u0uohvMd6bgYQ3yzP6bfwSxVS-KSR7dM-k0XeGuVRx_W8G9mdGHP4lRZr2Q86GCIj1ExZohByQgufBzKsBnZaxhMB31xJgOYfr_TUYX9V0V3NiD2OlopkbId1c69gr3KeMJCJFTxrl60Jgll5ydC3DsCRdkGhIRILDxaasRYz_PrCoQqLisLurjBrkxSXCCFRNeXBuR37OuHS64_01t2uSI3W5U2jYiE89X5o0Q4Aog6g6DV4aBfL3m%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-7514551766154384%26output%3Dhtml%26h%3D280%26slotname%3D2254100345%26adk%3D1753697443%26adf%3D1266304483%26pi%3Dt.ma~as.2254100345%26w%3D549%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1701436764%26rafmt%3D1%26format%3D549x280%26url%3Dhttps%253A%252F%252Fcettest.org%252Fcomerica-bank-login%252F%26ea%3D0%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1701788842542%26bpp%3D1%26bdt%3D452%26idt%3D436%26shv%3Dr20231130%26mjsv%3Dm202311300101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C1200x280%252C816x280%26nras%3D1%26correlator%3D5316508558607%26frm%3D20%26pv%3D1%26ga_vid%3D2029513641.1701788842%26ga_sid%3D1701788843%26ga_hid%3D1531119087%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D326%26ady%3D1203%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C31079929%252C44807753%252C44807764%252C44808148%252C44808285%252C44809071%252C95320229%26oid%3D2%26pvsid%3D1389099523732639%26tmod%3D648729593%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CeEbr%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D4%26uci%3Da!4%26btvi%3D1%26fsb%3D1%26dtd%3D440&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fcettest.org&random=5117799607512&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Tue, 05 Dec 2023 15:07:25 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Tue, 12 Dec 2023 15:07:25 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H2

200

htlp Show response
futalis.de/ Frame 99A4
Redirect Chain

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=74828600138097904444994012529009&ra_cnt_active=1&ra_cnt=1
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3365337772

350 B
401 B

152ms
44ms

Document
text/html

167.233.14.134
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3365337772
Requested by: Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=6eaddb6ee0&subid=&uid=4fe51a5f706f9e4b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCVX3-qzxvZf3zCNaavcAPgfKzIKblvaBpvZOcp8kP8C4QASDC6OJ7YJWCgICUB8gBCakCuJjczsErsj6oAwHIA5sEqgSVAk_Qdwlr2XX99OBzZzjCDzPygllhMJSP-DVyCVsB_ltzUQdbtxbkXjOOyt19OgZ8Xcq1-kEKe2ukoqFWrFZWCWMhVCdVWkJjTDE13qD4aYYMYW2C3zlCw3YjF2W6Xj50IjQL_a_hv2fXaEnWjtNwO7JMcsAuTheRLYbXs_qXI9tSk50bQohtFBx1Ap7Y8dwNtUW6OqNep-_ew1HCmuGkFaO-Dl8AFjoqaqp-J2jI2btu3uZVCnk8CXzdouMJFUY8DyHEChZpmQlrVS-fPoQcbnjGN4WfZSrmtZhgI7Skv3Vya5-lHtloskM6TqTkHhrZ1XSGVD2aYY7UHAJr6DvGO2EcpgR4m3bRa0PHwvBJJ8MKoNpw59PABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY-ujhu8n4ggOACgGYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNxFApLX_pwqOGmwFG42Fvz7jf9uKUJ2HWWX7vNWexZeuAquhLQBwKXmwS63-bKtLiyCpLAE1HtHOmmeM9Smc0LrID2p8twU7hDxgB%26sig%3DAOD64_3-1hASw1_3JXDMUP9DU7s4yWJ3SQ%26client%3Dca-pub-7514551766154384%26dbm_c%3DAKAmf-AdPz01zhkQbBDylIPpGFF2xcX43-fHVAPKhg-nek5x176g3R3bm2xTKTA9XIgDL_66zWP8kksaguDRw8az6rOppYx0K3nNrF5Kye9dxWvjLi5jIxm9dQysaQCHMT0HRwdA-mZImbz22JXHa9Wf1qA_eXLOocCoRBeEx35QbusMWPXkrj8%26cry%3D1%26dbm_d%3DAKAmf-D7O5o_d5PX4Zx7wuClqZ0EZcZB2EA3dJmvl22QZ7zhs6m1bTg3FAhE2fvEqRFnN0prA28QcE0XF_oYllOg47gUGY7BybaynJmJe00CTSfrg3yNKJGQkBoVPIZMUeNBtY29eN5CoIHQOkHmN_6WHX1FQsOLrh-K_zwbZ2b7owdZbWhXvlqnt-6SSLtNVzjtgiFgMIPaVCNO9a0uA6XH58UqRhPBMLY2tHq-WhhWtijWg9_lQgTIZFo0HMuurvhRPqNMBuwrJriCZZjq0IDzxw2prqgLO4E-IUuWBzgcZx9EHPqIPrwl4A1i5T6sV9xHp12maB_a7rJDm8fj2u0uohvMd6bgYQ3yzP6bfwSxVS-KSR7dM-k0XeGuVRx_W8G9mdGHP4lRZr2Q86GCIj1ExZohByQgufBzKsBnZaxhMB31xJgOYfr_TUYX9V0V3NiD2OlopkbId1c69gr3KeMJCJFTxrl60Jgll5ydC3DsCRdkGhIRILDxaasRYz_PrCoQqLisLurjBrkxSXCCFRNeXBuR37OuHS64_01t2uSI3W5U2jYiE89X5o0Q4Aog6g6DV4aBfL3m%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-7514551766154384%26output%3Dhtml%26h%3D280%26slotname%3D2254100345%26adk%3D1753697443%26adf%3D1266304483%26pi%3Dt.ma~as.2254100345%26w%3D549%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1701436764%26rafmt%3D1%26format%3D549x280%26url%3Dhttps%253A%252F%252Fcettest.org%252Fcomerica-bank-login%252F%26ea%3D0%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1701788842542%26bpp%3D1%26bdt%3D452%26idt%3D436%26shv%3Dr20231130%26mjsv%3Dm202311300101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C1200x280%252C816x280%26nras%3D1%26correlator%3D5316508558607%26frm%3D20%26pv%3D1%26ga_vid%3D2029513641.1701788842%26ga_sid%3D1701788843%26ga_hid%3D1531119087%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D326%26ady%3D1203%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C31079929%252C44807753%252C44807764%252C44808148%252C44808285%252C44809071%252C95320229%26oid%3D2%26pvsid%3D1389099523732639%26tmod%3D648729593%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CeEbr%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D4%26uci%3Da!4%26btvi%3D1%26fsb%3D1%26dtd%3D440&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fcettest.org&random=5117799607512&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.233.14.134 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb-2.futalis.de
Software: /
Resource Hash: 582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 350
content-type: text/html; charset=utf-8

Redirect headers

content-length: 0
content-type: text/html; charset=utf-8
date: Tue, 05 Dec 2023 15:07:25 GMT
location: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3365337772
p3p: policyref="https://www.retailads.net/w3c/p3p.xml",CP="NOI CUR OUR STP"
server: Apache
xphp81: true

GET
H2 200 e99aace94e6e58733936cdd965d03e75 Show response
pv.medialead.de/trck/epv/ Frame B5CF 0
326 B 347ms
64ms Script
application/javascript 91.121.248.44
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=74828600138097904444994012529009&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by: Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=6eaddb6ee0&subid=&uid=4fe51a5f706f9e4b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCVX3-qzxvZf3zCNaavcAPgfKzIKblvaBpvZOcp8kP8C4QASDC6OJ7YJWCgICUB8gBCakCuJjczsErsj6oAwHIA5sEqgSVAk_Qdwlr2XX99OBzZzjCDzPygllhMJSP-DVyCVsB_ltzUQdbtxbkXjOOyt19OgZ8Xcq1-kEKe2ukoqFWrFZWCWMhVCdVWkJjTDE13qD4aYYMYW2C3zlCw3YjF2W6Xj50IjQL_a_hv2fXaEnWjtNwO7JMcsAuTheRLYbXs_qXI9tSk50bQohtFBx1Ap7Y8dwNtUW6OqNep-_ew1HCmuGkFaO-Dl8AFjoqaqp-J2jI2btu3uZVCnk8CXzdouMJFUY8DyHEChZpmQlrVS-fPoQcbnjGN4WfZSrmtZhgI7Skv3Vya5-lHtloskM6TqTkHhrZ1XSGVD2aYY7UHAJr6DvGO2EcpgR4m3bRa0PHwvBJJ8MKoNpw59PABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY-ujhu8n4ggOACgGYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNxFApLX_pwqOGmwFG42Fvz7jf9uKUJ2HWWX7vNWexZeuAquhLQBwKXmwS63-bKtLiyCpLAE1HtHOmmeM9Smc0LrID2p8twU7hDxgB%26sig%3DAOD64_3-1hASw1_3JXDMUP9DU7s4yWJ3SQ%26client%3Dca-pub-7514551766154384%26dbm_c%3DAKAmf-AdPz01zhkQbBDylIPpGFF2xcX43-fHVAPKhg-nek5x176g3R3bm2xTKTA9XIgDL_66zWP8kksaguDRw8az6rOppYx0K3nNrF5Kye9dxWvjLi5jIxm9dQysaQCHMT0HRwdA-mZImbz22JXHa9Wf1qA_eXLOocCoRBeEx35QbusMWPXkrj8%26cry%3D1%26dbm_d%3DAKAmf-D7O5o_d5PX4Zx7wuClqZ0EZcZB2EA3dJmvl22QZ7zhs6m1bTg3FAhE2fvEqRFnN0prA28QcE0XF_oYllOg47gUGY7BybaynJmJe00CTSfrg3yNKJGQkBoVPIZMUeNBtY29eN5CoIHQOkHmN_6WHX1FQsOLrh-K_zwbZ2b7owdZbWhXvlqnt-6SSLtNVzjtgiFgMIPaVCNO9a0uA6XH58UqRhPBMLY2tHq-WhhWtijWg9_lQgTIZFo0HMuurvhRPqNMBuwrJriCZZjq0IDzxw2prqgLO4E-IUuWBzgcZx9EHPqIPrwl4A1i5T6sV9xHp12maB_a7rJDm8fj2u0uohvMd6bgYQ3yzP6bfwSxVS-KSR7dM-k0XeGuVRx_W8G9mdGHP4lRZr2Q86GCIj1ExZohByQgufBzKsBnZaxhMB31xJgOYfr_TUYX9V0V3NiD2OlopkbId1c69gr3KeMJCJFTxrl60Jgll5ydC3DsCRdkGhIRILDxaasRYz_PrCoQqLisLurjBrkxSXCCFRNeXBuR37OuHS64_01t2uSI3W5U2jYiE89X5o0Q4Aog6g6DV4aBfL3m%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-7514551766154384%26output%3Dhtml%26h%3D280%26slotname%3D2254100345%26adk%3D1753697443%26adf%3D1266304483%26pi%3Dt.ma~as.2254100345%26w%3D549%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1701436764%26rafmt%3D1%26format%3D549x280%26url%3Dhttps%253A%252F%252Fcettest.org%252Fcomerica-bank-login%252F%26ea%3D0%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1701788842542%26bpp%3D1%26bdt%3D452%26idt%3D436%26shv%3Dr20231130%26mjsv%3Dm202311300101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C1200x280%252C816x280%26nras%3D1%26correlator%3D5316508558607%26frm%3D20%26pv%3D1%26ga_vid%3D2029513641.1701788842%26ga_sid%3D1701788843%26ga_hid%3D1531119087%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D326%26ady%3D1203%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C31079929%252C44807753%252C44807764%252C44808148%252C44808285%252C44809071%252C95320229%26oid%3D2%26pvsid%3D1389099523732639%26tmod%3D648729593%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CeEbr%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D4%26uci%3Da!4%26btvi%3D1%26fsb%3D1%26dtd%3D440&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fcettest.org&random=5117799607512&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS: ip44.ip-91-121-248.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:07:25 GMT
attribution-reporting-register-source: {"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx
host: pv.medialead.de
vary: Origin
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
content-length: 0
proxy-host: pv.medialead.de

GET
H2 200 e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/eview/ Frame B5CF 43 B
360 B 344ms
62ms Image
image/gif 91.121.248.44
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pv.medialead.de/trck/eview/e99aace94e6e58733936cdd965d03e75?subid=74828600138097904444994012529009&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by: Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=6eaddb6ee0&subid=&uid=4fe51a5f706f9e4b&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCVX3-qzxvZf3zCNaavcAPgfKzIKblvaBpvZOcp8kP8C4QASDC6OJ7YJWCgICUB8gBCakCuJjczsErsj6oAwHIA5sEqgSVAk_Qdwlr2XX99OBzZzjCDzPygllhMJSP-DVyCVsB_ltzUQdbtxbkXjOOyt19OgZ8Xcq1-kEKe2ukoqFWrFZWCWMhVCdVWkJjTDE13qD4aYYMYW2C3zlCw3YjF2W6Xj50IjQL_a_hv2fXaEnWjtNwO7JMcsAuTheRLYbXs_qXI9tSk50bQohtFBx1Ap7Y8dwNtUW6OqNep-_ew1HCmuGkFaO-Dl8AFjoqaqp-J2jI2btu3uZVCnk8CXzdouMJFUY8DyHEChZpmQlrVS-fPoQcbnjGN4WfZSrmtZhgI7Skv3Vya5-lHtloskM6TqTkHhrZ1XSGVD2aYY7UHAJr6DvGO2EcpgR4m3bRa0PHwvBJJ8MKoNpw59PABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY-ujhu8n4ggOACgGYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNxFApLX_pwqOGmwFG42Fvz7jf9uKUJ2HWWX7vNWexZeuAquhLQBwKXmwS63-bKtLiyCpLAE1HtHOmmeM9Smc0LrID2p8twU7hDxgB%26sig%3DAOD64_3-1hASw1_3JXDMUP9DU7s4yWJ3SQ%26client%3Dca-pub-7514551766154384%26dbm_c%3DAKAmf-AdPz01zhkQbBDylIPpGFF2xcX43-fHVAPKhg-nek5x176g3R3bm2xTKTA9XIgDL_66zWP8kksaguDRw8az6rOppYx0K3nNrF5Kye9dxWvjLi5jIxm9dQysaQCHMT0HRwdA-mZImbz22JXHa9Wf1qA_eXLOocCoRBeEx35QbusMWPXkrj8%26cry%3D1%26dbm_d%3DAKAmf-D7O5o_d5PX4Zx7wuClqZ0EZcZB2EA3dJmvl22QZ7zhs6m1bTg3FAhE2fvEqRFnN0prA28QcE0XF_oYllOg47gUGY7BybaynJmJe00CTSfrg3yNKJGQkBoVPIZMUeNBtY29eN5CoIHQOkHmN_6WHX1FQsOLrh-K_zwbZ2b7owdZbWhXvlqnt-6SSLtNVzjtgiFgMIPaVCNO9a0uA6XH58UqRhPBMLY2tHq-WhhWtijWg9_lQgTIZFo0HMuurvhRPqNMBuwrJriCZZjq0IDzxw2prqgLO4E-IUuWBzgcZx9EHPqIPrwl4A1i5T6sV9xHp12maB_a7rJDm8fj2u0uohvMd6bgYQ3yzP6bfwSxVS-KSR7dM-k0XeGuVRx_W8G9mdGHP4lRZr2Q86GCIj1ExZohByQgufBzKsBnZaxhMB31xJgOYfr_TUYX9V0V3NiD2OlopkbId1c69gr3KeMJCJFTxrl60Jgll5ydC3DsCRdkGhIRILDxaasRYz_PrCoQqLisLurjBrkxSXCCFRNeXBuR37OuHS64_01t2uSI3W5U2jYiE89X5o0Q4Aog6g6DV4aBfL3m%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-7514551766154384%26output%3Dhtml%26h%3D280%26slotname%3D2254100345%26adk%3D1753697443%26adf%3D1266304483%26pi%3Dt.ma~as.2254100345%26w%3D549%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1701436764%26rafmt%3D1%26format%3D549x280%26url%3Dhttps%253A%252F%252Fcettest.org%252Fcomerica-bank-login%252F%26ea%3D0%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1701788842542%26bpp%3D1%26bdt%3D452%26idt%3D436%26shv%3Dr20231130%26mjsv%3Dm202311300101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C1200x280%252C816x280%26nras%3D1%26correlator%3D5316508558607%26frm%3D20%26pv%3D1%26ga_vid%3D2029513641.1701788842%26ga_sid%3D1701788843%26ga_hid%3D1531119087%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D326%26ady%3D1203%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C31079929%252C44807753%252C44807764%252C44808148%252C44808285%252C44809071%252C95320229%26oid%3D2%26pvsid%3D1389099523732639%26tmod%3D648729593%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CeEbr%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D4%26uci%3Da!4%26btvi%3D1%26fsb%3D1%26dtd%3D440&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fcettest.org&random=5117799607512&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS: ip44.ip-91-121-248.eu
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:07:25 GMT
attribution-reporting-register-source: {"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx
host: pv.medialead.de
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
content-length: 43
proxy-host: pv.medialead.de

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 032E 42 B
174 B 158ms
157ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstEOdrYsY42fBrZ0w812WTo0c1z6lJhyQSQOvGr5KQ4tL_zEqLo3GIXXVfgKWr1CI0XAwqDWG8jtOudVZwOzV7n-MzAP397d4hZA-XkmDjoMBFLri6XymzAdrTHekVeCBoF8KcEXKiDyz4R&sai=AMfl-YTB3Gd4zTnqMOUYBtMyB6DhnQC6C9MbJoIaikCZNd4VZU_swubwhg3zc0wcSBNvN7yNCMLZoYoN4APvFLwRSsrMHj-6tSAKxqLbva1kQQR3SuwYuygiwH21btbgBmVOQdC1ioTMCREs-3Oan5j8ftbiQtvO0FGBQQXb&sig=Cg0ArKJSzCHyB1h1fnEJEAE&cid=CAQSTwDICaaN5Vayy8-S0kP2NpzmA9eArJS9P6KxNSW0xdTrwpSkvZNfotxtS_GYuoPVWxEsjlPvG96j02dgrxH5HEWBJXpSMgNxLTtbyuN6SrMYAQ&id=lidar2&mcvt=1000&p=0,198,280,618&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231204&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=2067144678&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701788842941&rpt=1441&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 15:07:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FCCA 42 B
64 B 168ms
167ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssuOJBVpGrWm_A1Rs4yLDIEo3nWioZF6_ENryEls-RaaTQGXK-8jbLdPMS_NVv06zK-gxU86wJdSSBgo0PN9ocHrAAs5EutHbGBikg9v-oNh8NZtl7aO1_dE6ZAK8srVDi6N55d6bBnWIxH&sai=AMfl-YQgEZDK8f1pSJCaTQYBtT_le134WyQ-v8XJu5Hz_udssv8gqFmp-pmTrssdxgCLX50UCIeyzfcgWdSHmf55lv5EwVYEP3fPnmUGuAb-wBmonFGDUP8hnzM31zY2qDCR1iSZw-rtrt1HfKwbesPYOdFpmGbPs-EqoCbp&sig=Cg0ArKJSzJ9i2S7KhN4REAE&cid=CAQSTwDICaaNHuQa2jQmRiis-VwiGinE_rakanHxAMxhEjLPdgf_9r3doPLT2D8GQ1igAmdITPA2Jdj_g4y250zBk0T9gS4uGb77KOaG5Qrk_bsYAQ&id=lidar2&mcvt=1002&p=0,0,280,1200&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20231204&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3504406088&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701788842931&rpt=1632&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 15:07:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 link.html Show response
track.webgains.com/ Frame B5CF 2 KB
2 KB 246ms
120ms Script
text/html 3.11.198.160

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=74828600138097904444994012529009&nw=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7514551766154384&output=html&h=280&slotname=2254100345&adk=1753697443&adf=1266304483&pi=t.ma~as.2254100345&w=549&fwrn=4&fwrnh=100&lmt=1701436764&rafmt=1&format=549x280&url=https%3A%2F%2Fcettest.org%2Fcomerica-bank-login%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701788842542&bpp=1&bdt=452&idt=436&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C816x280&nras=1&correlator=5316508558607&frm=20&pv=1&ga_vid=2029513641.1701788842&ga_sid=1701788843&ga_hid=1531119087&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=326&ady=1203&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079929%2C44807753%2C44807764%2C44808148%2C44808285%2C44809071%2C95320229&oid=2&pvsid=1389099523732639&tmod=648729593&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=440
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.11.198.160 -, , ASN (),
Reverse DNS
Software: nginx / PHP/7.4.26
Resource Hash: bb2225aac736f5cfd0aeaf3f61b319d18482ac5d101d3af51694827cefafe104

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:07:25 GMT
last-modified: Tue, 05 Dec 2023 15:07:25 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Tue, 05 Dec 2023 15:08:25 GMT

GET
H2

200

activityi;dc_pre=CIywlb3J-IIDFccPogMdjE4HcQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6296575581204.36 Show response
5994599.fls.doubleclick.net/ Frame A03A
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6296575581204.36?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CIywlb3J-IIDFccPogMdjE4HcQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6296575581204.36?

390 B
325 B

83ms
82ms

Document
text/html

142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CIywlb3J-IIDFccPogMdjE4HcQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6296575581204.36?

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7514551766154384&output=html&h=280&slotname=2254100345&adk=1753697443&adf=1266304483&pi=t.ma~as.2254100345&w=549&fwrn=4&fwrnh=100&lmt=1701436764&rafmt=1&format=549x280&url=https%3A%2F%2Fcettest.org%2Fcomerica-bank-login%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701788842542&bpp=1&bdt=452&idt=436&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C816x280&nras=1&correlator=5316508558607&frm=20&pv=1&ga_vid=2029513641.1701788842&ga_sid=1701788843&ga_hid=1531119087&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=326&ady=1203&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079929%2C44807753%2C44807764%2C44808148%2C44808285%2C44809071%2C95320229&oid=2&pvsid=1389099523732639&tmod=648729593&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=440

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

832426721f5fd4b8ded7418636bcd3c405f34132eec59c7581ee087d69f4d540

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 216
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 15:07:26 GMT
expires: Tue, 05 Dec 2023 15:07:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 15:07:25 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CIywlb3J-IIDFccPogMdjE4HcQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6296575581204.36?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal90009.redintelligence.net/ Frame 7E36 7 KB
2 KB 128ms
44ms Document
text/html 138.201.63.149
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90009.redintelligence.net/request_content.php?s=74828600138097904444994012529009&a=7e10b066
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7514551766154384&output=html&h=280&slotname=2254100345&adk=1753697443&adf=1266304483&pi=t.ma~as.2254100345&w=549&fwrn=4&fwrnh=100&lmt=1701436764&rafmt=1&format=549x280&url=https%3A%2F%2Fcettest.org%2Fcomerica-bank-login%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701788842542&bpp=1&bdt=452&idt=436&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C816x280&nras=1&correlator=5316508558607&frm=20&pv=1&ga_vid=2029513641.1701788842&ga_sid=1701788843&ga_hid=1531119087&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=326&ady=1203&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079929%2C44807753%2C44807764%2C44808148%2C44808285%2C44809071%2C95320229&oid=2&pvsid=1389099523732639&tmod=648729593&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=440
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.149 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.149.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 39df0dc4487ecd53dd755cde07dbdc1a3aab0b20960457d0641b7754b5942890

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2123
Content-Type: text/html; charset=utf-8
Date: Tue, 05 Dec 2023 15:07:25 GMT
Expires: Tue, 05 Dec 2023 15:07:25 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame B5CF 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7f42875d32926d38598ede13e4d56ab9feb1347515e5448cf45a640f80288203

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6F0A 42 B
64 B 160ms
160ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssAAD10-k-wX4yPclid854nZOi-H1RlgeuXEBYsx2sq1j68P8Jff6U8buLIX3958mSE4GzvNbykVi6ZOWvfCEDVN5gTownQfaksFG7qMLcVM33-UXmCEqhz2oH0ZBYrlHNwNSAXxC9E0iGC&sai=AMfl-YRnF_ynHtcal-N0xqUYIecfufC5VziDzZL-wkKsJC0hL3TRQDOpcM4mIODYHOrp8TOehune9534tNnK_nIy96sBiOdhU48X8Pcmydfb1WrIFjmqYiYUzopi1b5J2b0iLLyvPTboEQElqR_zs1hP3gVjfS1T1rb5XvQ&sig=Cg0ArKJSzO-tqtazSa7zEAE&cid=CAQSTgDICaaNVnxV2snz5bAlfSDiEiYpZk6Bnd3Av4bMyZMeeAnhqGrEuK_L8L4DyLDeA2GrGCC52rZFyqPwAfbuF2EzLTaETLMbiGHL3qVMFRgB&id=lidar2&mcvt=1001&p=0,0,124,1005&mtos=104,792,1001,1030,1030&tos=104,688,209,29,0&v=20231204&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701788844460&rpt=352&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 15:07:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 55AE 175 KB
63 KB 49ms
48ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9b328d831b112c1505a892a225cc9a0fb223620a8eee293e92bd4850e302bb94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:07:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 64119
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 05 Dec 2023 15:07:25 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 7E36 5 KB
682 B 49ms
48ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request_content.php?s=74828600138097904444994012529009&a=7e10b066

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90009.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 05 Dec 2023 15:07:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 05 Dec 2023 13:53:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 05 Dec 2023 15:07:25 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 7E36 17 KB
17 KB 140ms
55ms Image
image/png 138.201.84.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-1200x627.jpg
Requested by: Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request_content.php?s=74828600138097904444994012529009&a=7e10b066
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.244.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e9e614e3e2274b9b8ee1325f93e663283d2471317e656a5c1fa434ab9e899c17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90009.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 15:07:26 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16982
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 7E36 16 KB
16 KB 138ms
54ms Image
image/png 138.201.84.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request_content.php?s=74828600138097904444994012529009&a=7e10b066
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.244.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: b56ce7661c47c946a1fa893fd3b5ff9fd37cf6afde0ddb44731e5d44462d3057

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90009.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 15:07:26 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16512
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 7E36 13 KB
13 KB 139ms
55ms Image
image/png 138.201.84.244
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/1200x627.jpg
Requested by: Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request_content.php?s=74828600138097904444994012529009&a=7e10b066
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.84.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.244.84.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 5cab8734a0dede586fbf6128fdac19e68a021ca0093c2ac336d04ff08bfa68d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90009.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 15:07:26 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 12997
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK viewability Show response
hal90009.redintelligence.net/ Frame 7E36 0
150 B 133ms
40ms Script
text/html 138.201.63.149
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90009.redintelligence.net/viewability?s=74828600138097904444994012529009&a=2502c525&vb=m
Requested by: Host: hal90009.redintelligence.net
URL: https://hal90009.redintelligence.net/request_content.php?s=74828600138097904444994012529009&a=7e10b066
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.149 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.149.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90009.redintelligence.net/request_content.php?s=74828600138097904444994012529009&a=7e10b066
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Tue, 05 Dec 2023 15:07:26 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 7E36 14 KB
15 KB 56ms
54ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal90009.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 14:41:12 GMT
x-content-type-options: nosniff
age: 87973
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Dec 2024 14:41:12 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 7E36 15 KB
15 KB 42ms
41ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal90009.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 08:54:24 GMT
x-content-type-options: nosniff
age: 22381
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Dec 2024 08:54:24 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 55AE 274 KB
91 KB 62ms
49ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1770967bb50d02afb34c7bc985bef2d369318f696198c7609dbc98f7f955e036

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:07:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93059
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 05 Dec 2023 15:07:26 GMT

GET
H2 200 ts.js Show response
cdn.retailads.net/ Frame 99A4 5 KB
5 KB 39ms
37ms Script
application/javascript 2a01:4f8:d0a:2321::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.retailads.net/ts.js
Requested by: Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3365337772
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2321::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: 525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://futalis.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:07:26 GMT
last-modified: Wed, 05 Apr 2023 20:14:46 GMT
server: Apache
etag: "1416-5f89c717cdc2f"
content-type: application/javascript
xphp81: true
accept-ranges: bytes
content-length: 5142

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame B5CF 53 KB
19 KB 199ms
45ms Script
application/javascript 18.66.147.120

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=74828600138097904444994012529009&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.120 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fbc6bed540723f219a878e5735ae8cb1c05aa9f7012bf21870cd79e41af25bcd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 12:36:08 GMT
content-encoding: gzip
via: 1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront)
last-modified: Thu, 23 Nov 2023 16:26:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 47321
x-amz-server-side-encryption: AES256
etag: W/"1180a1bfee0aad979766ecd6180b923e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: We9-_4wnoD-JSXmYYgmlSiWiAjUmH_nT6P1PwJBtXDRmlWC-0omelA==

GET
H2 200 1x1.gif
cdn.track.production.webgains.team/7121/ Frame B5CF 85 B
447 B 208ms
55ms Image
image/gif 52.84.45.58

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1.gif?Expires=1701789145&Signature=IPBFQWsMMtnrYIy13Yw2A6cEWOXlccQ6fUHjcy9-VdtSRIxf00F1mK18XGaiR3JUfzqIEy1juih-PGNxyUd93qXdoqgh80MaUL7iNnZIrumu9Wfj7cj6uYe0sX7jGhmTBTA5KH90kIUvxSJFAbf4mEDjda2ySUJVsIib64RZ9iUhiBhs-QJ~5pzTQxj4g2q~BvBkX71DNMuYxyHoY4nJDvT7gTkn1gLAkeaXgoBZlFYj1D9vJFBg6SJHYN1oCkI9Qv4yfmlzXUE9z1i0arMKFHfD0sUIuTdnRp2lleiHnwjimHBPajMAKfCCBFWy1Dmn3U2r7kK9B3Q3pLVcFE1ovw__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7514551766154384&output=html&h=280&slotname=2254100345&adk=1753697443&adf=1266304483&pi=t.ma~as.2254100345&w=549&fwrn=4&fwrnh=100&lmt=1701436764&rafmt=1&format=549x280&url=https%3A%2F%2Fcettest.org%2Fcomerica-bank-login%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701788842542&bpp=1&bdt=452&idt=436&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C816x280&nras=1&correlator=5316508558607&frm=20&pv=1&ga_vid=2029513641.1701788842&ga_sid=1701788843&ga_hid=1531119087&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=326&ady=1203&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079929%2C44807753%2C44807764%2C44808148%2C44808285%2C44809071%2C95320229&oid=2&pvsid=1389099523732639&tmod=648729593&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=440
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.45.58 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: null
date: Tue, 05 Dec 2023 14:20:51 GMT
via: 1.1 e79b73e5f9ad915693bd9b6946372e82.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: MRS52-P1
age: 17944
etag: "70af33d70b6810475aae19743c8c435b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 85
x-amz-cf-id: c96sWOiQe0LGXRTaDBt_GGjXZlil_rDCu3te1DzPUYV5KFFU3q9RDg==

GET
H2 200 dc_pre=CIywlb3J-IIDFccPogMdjE4HcQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6296575581204.36
adservice.google.com/ddm/fls/z/ Frame A03A 42 B
401 B 174ms
77ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CIywlb3J-IIDFccPogMdjE4HcQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6296575581204.36

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CIywlb3J-IIDFccPogMdjE4HcQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=6296575581204.36?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Dec 2023 15:07:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 88ms
87ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231130&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78af2fa3cde6db6e855812c8d221c6162fdbf9ff2709f38ce2be4d59d461faec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cettest.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:07:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12202
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 65ms
65ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cettest.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:07:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 05 Dec 2023 15:07:26 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1C27 13 KB
5 KB 45ms
39ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cettest.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 16554
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 10:31:32 GMT
expires: Wed, 04 Dec 2024 10:31:32 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 34D6 829 B
561 B 55ms
50ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6d0ebc9e1f849ec71666cc74833af16613e9e5f887c475a1ae546dc74cc291e9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GqfmPIRk_OZVGeCIp9r22Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cettest.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-GqfmPIRk_OZVGeCIp9r22Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 05 Dec 2023 15:07:26 GMT
expires: Tue, 05 Dec 2023 15:07:26 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame B5CF 16 B
209 B 105ms
104ms Fetch
application/json 35.176.121.206

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.176.121.206 -, , ASN (),

Reverse DNS

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 05 Dec 2023 15:07:27 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 185ms
45ms Preflight 35.176.121.206

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.176.121.206 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Tue, 05 Dec 2023 15:07:27 GMT
server: nginx

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 34D6 0
0 109ms
108ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231130&jk=1389099523732639&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 1C27 39 KB
15 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 00:33:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52415
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Dec 2024 00:33:52 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1C27 0
10 B 39ms
39ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?CRHW3A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 15:07:27 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Verdicts & Comments Add Verdict or Comment

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.cettest.org/	1970-01-21 02:19:08	Name: _ga Value: GA1.2.2029513641.1701788842
.cettest.org/	1970-01-20 16:44:35	Name: _gid Value: GA1.2.1573115588.1701788843
.cettest.org/	1970-01-20 16:43:08	Name: _gat_gtag_UA_205472659_1 Value: 1
.cettest.org/	1970-01-21 02:04:44	Name: __gads Value: ID=32a4c756c012f505:T=1701788843:RT=1701788843:S=ALNI_MZFl5nP-tDkgeL3VM-MdQubyMqmcQ
.cettest.org/	1970-01-21 02:04:44	Name: __gpi Value: UID=00000d0b24463e92:T=1701788843:RT=1701788843:S=ALNI_MYiydFmTAFivVFjN1M95V2XqqX1gA
.doubleclick.net/	1970-01-21 02:04:44	Name: IDE Value: AHWqTUllUmJT595Gb4kAySCcdndLbc8WgyjXEteWGCC0br35aT52r8SUR2FdKNvH
.adnxs.com/	1970-01-20 18:52:44	Name: uuid2 Value: 987896614834664688
.adnxs.com/	1970-01-20 18:52:44	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E?`j)Hjq!]tbPl1M>e)ZlrFUfJ+tGXxp?HMh#xb8.cEJ+pLEAb5TBErj(M_K?u%L[MMI3If)y3KL9D3I?-3cdf=Z
.doubleclick.net/	1970-01-20 16:43:12	Name: DSID Value: NO_DATA
.casalemedia.com/	1970-01-20 18:52:44	Name: CMPS Value: 3228
.casalemedia.com/	1970-01-21 01:28:44	Name: CMID Value: ZW88rDBRlOp2xE6BUoleqwAA
.casalemedia.com/	1970-01-20 18:52:44	Name: CMPRO Value: 3228
.doubleclick.net/	1970-01-20 21:02:20	Name: APC Value: AfxxVi5O4XWHjTpCc2Ma9sh1a7nT_0XKdexF4KW8xXzT0wozp2R3aw
.googleadservices.com/	1970-01-20 18:52:44	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-20 17:26:20	Name: ar_debug Value: 1
.redintelligence.net/	1970-01-20 18:52:44	Name: 8lcfmzhxc8d6_uid Value: 4c0bcad93baa1a32
.cettest.org/	1970-01-21 02:19:08	Name: _ga_L99XHQ6BNW Value: GS1.1.1701788842.1.0.1701788845.0.0.0
.retailads.net/	1970-01-20 17:26:20	Name: ppb2172 Value: 3365337772
.office-partner.de/	1970-01-21 02:19:08	Name: source Value: {"webgains_webgains":{"timestamp":1701788846051,"clickCookie":false}}
.futalis.de/	1970-01-20 18:09:32	Name: raSIDb Value: 3365337772

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5994599.fls.doubleclick.net
ad.doubleclick.net
adservice.google.com
adv.office-partner.de
analytics.webgains.io
api.webgains.io
bankguide.net
cdn.retailads.net
cdn.statically.io
cdn.track.production.webgains.team
cettest.org
cm.g.doubleclick.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
futalis.de
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal90009.redintelligence.net
ib.adnxs.com
notix.io
pagead2.googlesyndication.com
pv.medialead.de
region1.google-analytics.com
s.w.org
tpc.googlesyndication.com
track.webgains.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
104.18.36.155
138.201.63.149
138.201.84.244
139.45.240.92
142.250.185.230
142.250.186.70
167.233.14.134
172.217.16.194
172.217.18.98
18.66.147.120
192.0.77.48
2001:4860:4802:34::36
2606:4700:3035::6815:3987
2606:4700:3035::ac43:a412
2a00:1450:4001:802::2002
2a00:1450:4001:802::2008
2a00:1450:4001:809::2003
2a00:1450:4001:80b::200a
2a00:1450:4001:81c::2002
2a00:1450:4001:829::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2004
2a01:4f8:d0a:2321::2
2a04:4e42:600::347
2a06:98c1:3121::3
2a0b:4d07:101::1
3.11.198.160
35.176.121.206
37.252.171.52
52.84.45.58
91.121.248.44
01d81bf26970ab7af66656de74f82e1e61a3013481d5550942f3cbe79af8f9d3
03518a17675981ba84025c17cc038638110c38bc1bca86561529d117fc07172e
0468af8d74ba377eec707308168b6bfcd146fe0a2669a11a9af0128ad85b3bc2
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185
09a743ee0c32ca57c9be64b13b29c396310d1dd309cb4d7d3be722e47db95f27
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
13759c4f299262320974e86d2cc7481b2a235547aa4121acf8a0226d377605d0
16f0033ba7c6c6edbd5dcc9385edc162f3cab91504496918326925c67c092577
174066535cb768d1715ae34808cd4e83f16f23715524bfff79db8860e8c03296
1770967bb50d02afb34c7bc985bef2d369318f696198c7609dbc98f7f955e036
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
240ed2cf95df9fa682cc2a820a6681e8faa474dcd678ffbe844351ccbda9bb6e
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
286ae8f6f3b40c865c819e95b49093e542333386e1c9a5d3563e14939f6fba15
2ca1bb1de7d7b50df141e9117e0c1f867d5dcbbb16ca7cea94516a8240802f7b
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
330f05a0465e6632bec75cbd4202a8d05a78796fe1ea28b2c5424ea57081e3bc
35c857ea06fd8c7641bd212a1a0e363859ed869614806ffadc75808a380db4a2
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
39df0dc4487ecd53dd755cde07dbdc1a3aab0b20960457d0641b7754b5942890
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d0717c62eadf5412a2c5c634b11e147b7bc3bccad7c4390a04eee5bed115ebc
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4dce4158779dce6da3ede11337029f817a03f45c9559b1f91d8a7c5ac130f38c
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
50a7b1c8d19c1d74836d2aaaaaf1fb2bde2a42708f6d4bb4c9168d7609503fbc
525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57c11d8cca51e027c6015a5e4adc90133407f15e240727846ff0fa34b68e33f2
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5cab8734a0dede586fbf6128fdac19e68a021ca0093c2ac336d04ff08bfa68d0
5eaec56527975af57c1e4abf97d2d35cce00666e2ae547048c6bf271bb9ebc75
61af24b5c9f2ee879adfadbe3789e9f1866717e1389949d9dec17b26bc18dd71
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d0ebc9e1f849ec71666cc74833af16613e9e5f887c475a1ae546dc74cc291e9
6e3e3fc8cdf8924500e7972820c834a71917633559f5deb528ea3091959130ed
78af2fa3cde6db6e855812c8d221c6162fdbf9ff2709f38ce2be4d59d461faec
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7f42875d32926d38598ede13e4d56ab9feb1347515e5448cf45a640f80288203
7ff7882c19a951c8a371370543c425df8aed798bedf7b7f600bda144ecc996c3
81cbe79005ad7179f8bdce2a04db0232dc44731b2e2b09efdc78bf3cec2a10d8
832426721f5fd4b8ded7418636bcd3c405f34132eec59c7581ee087d69f4d540
90a82d38c851758d27264c3808c81e7e52e4b04e03f5adb29e0e5df5021fa4b1
949b3cde1a46caf4f55bb496f58a44af641a4b9fed64f95057bb5eeff142170b
9845e218b4040e5f30aecab78cdc0289e0b56f89a9642c0f3f527f61fb83cc7e
98f7d52de022e3c8a9d411824f21d1c8975bc9feeba8f86afce2730d76b0669f
9b328d831b112c1505a892a225cc9a0fb223620a8eee293e92bd4850e302bb94
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a6df8215439f8c1a4f31e4407a93cdb72cfc12b525cc378678ad717f8451325d
a88ba0b09a4416c080044dc095eabf66ca59e4d12a1d6201457b693687be85d3
a8ca49249ca90a131bba14405671cb243da2849145a3d8074b0b5c232c2b57d1
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
add0c25eb062a0021a5bb58e9f60e1145cf85b3783128cf6899a79336b6bcdc1
addece7e66c89300368ec28cd45deb53eea9a3370121cbf3b7609c3373bb66d9
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b56ce7661c47c946a1fa893fd3b5ff9fd37cf6afde0ddb44731e5d44462d3057
b6738331b4ac9f5a9c6c2cad8fa28ea9a6834d28bdc5ebcb545ec7a4acd6795e
ba5bd891cb35fd1e79b5520650ab0805ef73bb9a3c8f0b56244bd5b27ae4476a
bb2225aac736f5cfd0aeaf3f61b319d18482ac5d101d3af51694827cefafe104
c1e8df27eefed0250a8e2785a341a5d35d838d8136f4ffde3168c57e9137aa2b
c7308904efc8da3847aab82f9ab35918e8faccef6a04a6c657251759f30a8fb5
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
ce3955925daf4b2d81fbcdd1836817253885eb91a176e672a44932f64ade2741
d5d086ab8dd7703a41e01c913e225fafdc942be3bbd121dbd3c615f33091875f
d7fee07b08f21a5a9c385220b8e279007527e8bfb32434d53da04727600362ba
d827e8ca80b79d42121fce6ca1281db45d00e445ac29bc08b7f5709edfa85783
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e1d529afcbb911c99bb039ba39c7fb6716275b97650ae816a90fc03f256542bb
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e563ed223752468401426e5468529384a27d0f8b43c45151f817b8191164e1c8
e6b4122b94b82886e32952c07c78d342647b3a38a2834f4489e0922308a95eab
e9e614e3e2274b9b8ee1325f93e663283d2471317e656a5c1fa434ab9e899c17
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
eb89bea8a270c5940b9e1a4c6cdba30d609f8010f72c43ced4531582c95cd952
edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0661b34bdd99c850e7c1c3fb40188743848c2353682e600dc0fa009ced29f9d
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
fbc6bed540723f219a878e5735ae8cb1c05aa9f7012bf21870cd79e41af25bcd
ff830edc4d163e56eb21869c7c57f79c5814df443f8dfc8a1e921975c8beead6

cettest.org Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

149 Requests

93 %HTTPS

52 %IPv6

24 Domains

33 Subdomains

31 IPs

6 Countries

2107 kBTransfer

5340 kBSize

20 Cookies

31 Outgoing links

Page URL History

Redirected requests

149 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

cettest.org Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

149
Requests

93 %
HTTPS

52 %
IPv6

24
Domains

33
Subdomains

31
IPs

6
Countries

2107 kB
Transfer

5340 kB
Size

20
Cookies

149 HTTP transactions
4 data transactions