www.taptobox.com Open in urlscan Pro
2606:4700::6812:b96 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.taptobox.com/
Effective URL:
https://www.taptobox.com/
Submission: On October 16 via api (October 16th 2023, 8:22:20 am UTC) from US — Scanned from DE

Summary HTTP 82 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 11 IPs in 3 countries across 10 domains to perform 82 HTTP transactions. The main IP is 2606:4700::6812:b96, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.taptobox.com.
TLS certificate: Issued by GTS CA 1P5 on September 30th 2023. Valid for: 3 months.

This is the only time www.taptobox.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700::68... 2606:4700::6812:a96	13335 (CLOUDFLAR...) (CLOUDFLARENET)
22	2606:4700::68... 2606:4700::6812:b96	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
3 12	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
8 15	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
4	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
6	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
82	11

1 2606:4700::6812:a96 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.taptobox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2606:4700::6812:b96 (United States)

ASN13335 (CLOUDFLARENET, US)

www.taptobox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a02:6b8::1:119 (Ulyanovsk, Russian Federation) 8 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	454 KB
23	taptobox.com 1 redirects www.taptobox.com	1 MB
12	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 45	93 KB
10	yandex.com 5 redirects mc.yandex.com — Cisco Umbrella Rank: 7957	3 KB
7	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1200 www.googleadservices.com — Cisco Umbrella Rank: 153	603 B
5	yandex.ru 3 redirects mc.yandex.ru — Cisco Umbrella Rank: 3539	71 KB
3	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 223	177 KB
1	gstatic.com www.gstatic.com	15 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49	2 KB
82	10

	Domain	Requested by
23	www.taptobox.com	1 redirects www.taptobox.com
18	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
13	pagead2.googlesyndication.com	www.taptobox.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
12	googleads.g.doubleclick.net	3 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
10	mc.yandex.com	5 redirects www.taptobox.com
6	www.googleadservices.com	www.taptobox.com
5	mc.yandex.ru	3 redirects www.taptobox.com
3	www.google.com	2 redirects tpc.googlesyndication.com
3	www.googletagservices.com	googleads.g.doubleclick.net
1	www.gstatic.com	googleads.g.doubleclick.net
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
82	12

This site contains links to these domains. Also see Links.

Domain
play.google.com

Subject Issuer	Validity	Valid
taptobox.com GTS CA 1P5	`2023-09-30` - `2023-12-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-08-14` - `2024-01-24`	5 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh

This page contains 13 frames:

Primary Page: https://www.taptobox.com/
Frame ID: B43FDF51F324580852B11811E2705949
Requests: 44 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/zrt_lookup.html
Frame ID: 16869DDD9E00580E365B349FC89CED7A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8248666120992444&output=html&adk=1812271804&adf=3025194257&lmt=1697436663&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x1080_l%7C500x1080_r&format=0x0&url=https%3A%2F%2Fwww.taptobox.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697444531716&bpp=4&bdt=663&idt=381&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7541418543798&frm=20&pv=2&ga_vid=816182746.1697444532&ga_sid=1697444532&ga_hid=2091648592&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C31078597%2C44805099%2C44805335&oid=2&pvsid=2963143419387992&tmod=662714453&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=404
Frame ID: C821F1D45B4FDCC2EEAE27352B47494F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Frame ID: 5A268F6D15FFA9B842EFE4595C440E3B
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Frame ID: 059A51A24FC5555E043F940AE5D2F74E
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Frame ID: BD6F349025A1FBAFAE693E9AAE2A47D2
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 0E9AF0D356DB0EA98F45FBF571C0C8C6
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E8746D67D06A5A457E8EB4BE78440097
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zvtDWUGYKMqjl3EmEyJPT9PZ9nqaRLgbjIcpa6W6ga4.js
Frame ID: E9B76F726596B77AD0DEE9497D8FBCD7
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zvtDWUGYKMqjl3EmEyJPT9PZ9nqaRLgbjIcpa6W6ga4.js
Frame ID: C676D1AE9113C909F2E0EF1B5A33ADE8
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zvtDWUGYKMqjl3EmEyJPT9PZ9nqaRLgbjIcpa6W6ga4.js
Frame ID: FEE15E1003CFC81FD17E7D766F68379D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 10F2043E6EDF9D9C0DFA926C05A59228
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 11B7BE55F65508E66A4D49FBE9A44702
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

TeleBox

Page URL History Show full URLs

http://www.taptobox.com/ HTTP 301
https://www.taptobox.com/ Page URL

Detected technologies

Ant Design (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]*class="ant-(?:btn|col|row|layout|breadcrumb|menu|pagination|steps|select|cascader|checkbox|calendar|form|input-number|input|mention|rate|radio|slider|switch|tree-select|time-picker|transfer|upload|avatar|badge|card|carousel|collapse|list|popover|tooltip|table|tabs|tag|timeline|tree|alert|modal|message|notification|progress|popconfirm|spin|anchor|back-top|divider|drawer)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

82
Requests

91 %
HTTPS

91 %
IPv6

10
Domains

12
Subdomains

11
IPs

3
Countries

2011 kB
Transfer

5786 kB
Size

21
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://play.google.com/store/apps/details?id=com.linkbox.plus.android&referrer=utm_source%3DOfficical%26utm_campaign%3Dgp

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.taptobox.com/ HTTP 301
https://www.taptobox.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10158.Ln51Mn5a95FED3zdf5nci6LwPLWByUucGt1Cl7nfr67EvmU793F1pE4h8O-lNi9H.KcA283eTXd0HgmM_3oBxjWItSjY%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10158.QU4zcEzPUgkjouPa4h3PXqtfdiVwznEGQuvkG2rhrQaZcIbSor67dmrf7NhtjHEgNxoFuctxx-HyIvbsU14tUXw4GNPNhhElrUAIozEDPmE%2C.WsqS0UcXFOiuQo4mtuZyvsyz5w4%2C

Request Chain 13

https://mc.yandex.com/watch/88583577?wmode=7&page-url=https%3A%2F%2Fwww.taptobox.com%2F&nohit=1&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1135%3Acn%3A1%3Adp%3A0%3Als%3A1424432733764%3Ahid%3A167662088%3Az%3A120%3Ai%3A20231016102212%3Aet%3A1697444532%3Ac%3A1%3Arn%3A1073013390%3Au%3A1697444532941284165%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1697444530563%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1697444533%3At%3ATeleBox&t=gdpr(14)clc(0-0-0)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/88583577/1?wmode=7&page-url=https%3A%2F%2Fwww.taptobox.com%2F&nohit=1&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1135%3Acn%3A1%3Adp%3A0%3Als%3A1424432733764%3Ahid%3A167662088%3Az%3A120%3Ai%3A20231016102212%3Aet%3A1697444532%3Ac%3A1%3Arn%3A1073013390%3Au%3A1697444532941284165%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1697444530563%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1697444533%3At%3ATeleBox&t=gdpr%2814%29clc%280-0-0%29aw%281%29ti%282%29&redirnss=1

Request Chain 14

https://mc.yandex.com/sync_cookie_image_check_secondary HTTP 302
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=10158.Re4q-k9RJ4aIpqM4U6Ejj-HQi0QcRp-Kw5icZRHsVdxUhKhSAPUguRKyLkpxlyJ5.YCIUZTPKpSDlh9nA4MIdZginVgQ%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10158.nNd_2ec0qUPDVYTbrlhciQJ7hkqPCTFaFzlkjW-O24GFcutIH_ZfppvzZCWKCZKyaxBebXnMB_eHK_FP4CYeOXXpGWQ0x384eBh8Kt2Zu7o%2C.N9f8Rdl6KL60_zR3vZofS2AvkJ0%2C

Request Chain 43

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 44

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 48

https://googleads.g.doubleclick.net/pagead/adview?ai=CEm6EtPIsZYzXCrOwiM0PsJ6tuAffoujIc7zhp8y3EvGH-sHfCxABILidpZQBYJXCpoKwB6AB397a4wPIAQmpAt71OhnkobE-qAMByAPLBKoE1wFP0NG8_Yj_kJOs7IRa6OnC5DMADiVrfeV08UtA1ezZC_aNwPcyyEzx826K6ZCwRPyIyI8eB7_Qx3NOM7k9oKuZeMOar4JNGO6hZsmwWV2mw8CpkayQ5_EExCS909OhSaMyjJrMewH0cnNDcphMTAN0r3Edi_G8sX0ajxbcaTCQkXo3fz_5kf3mfHfpQu9hWq4LSgo9WBXZSxJNUUI1D4Gb-dSfpe7NBH94oMw-RxmHIPb1tNq-jY3CXp1naDZMYUee1Xr5JaDaITWfiz7hKieJVTRgxVaorMAErveRr84EiAX4kt32TKAGLoAHiaGlHKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEENafGNIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCRpodHRwczovL3d3dy50ZXJyYWNhbmlzLmNvbYAKAcgLAdgTA4gUAtAVAZgWAYAXAbIXHAoaCAASFHB1Yi04MjQ4NjY2MTIwOTkyNDQ0GAA&sigh=dlcfcPyz9q4&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTADICaaNe05GzBQmZ88hrgMqNtV0hEAowTxBc3X9OI_2z87qDBwopm2I_P5m8oGAZW8ITYSXDdMZlTvyKt_RaW_R1Zq13oZgtyUdO8cYAQ&template_id=5000&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212034851983632277139%22,%22debug_reporting%22:true,%22destination%22:%22https://terracanis.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221014411103%22],%224%22:[%2210-16%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216989139612164038337%22}&andc=true

Request Chain 49

https://googleads.g.doubleclick.net/pagead/adview?ai=CDCaztPIsZYvXCrOwiM0PsJ6tuAfC6KKvc86MobiUENrZHhABILidpZQBYJXCpoKwB6AB1KfI6gPIAQKoAwHIA8kEqgTdAU_QGaG4r3yhKCPQP0FaFGKPkhfNvWwU44QYL_h-2PqkRYC8W61GPnWYAf6cOJd-I6oWObGpx49STHD_sZmFRFtLvdX6dp32ALhDRQ_6KSNBjBdrxNFmRpClOEWzYmpy30soKawDKTElR88upX3RMHelSjYKj8A-JIc4XAlJpydVNdNroiCdhMFsfUMwMcefdrf_7UdTOpU2DmbRqOyB8xRkGuqPuPwS3TjhB0qg28FDaSrhQGCYWfkv3l5yZAgXy5EIMpJtRLW0DKGll4AHN7iITg5a2Jwz1N5xU04IwATisPzDtAKIBbCck7IfkgUECAQYAZIFBAgFGASgBgKAB5TYtxWoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCWzSDSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6mgk3aHR0cHM6Ly93d3cuY2F0YWxlbnQuY29tL3JwLXNjaGVyZXItc29mdGdlbC10ZWNobm9sb2d5L4AKAcgLAdgTDNAVAYAXAbIXHAoaCAASFHB1Yi04MjQ4NjY2MTIwOTkyNDQ0GAA&sigh=8tYPn5OLJfs&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTADICaaNe05GzBQmZ88hrgMqNtV0hEAowTxBc3X9OI_2z87qDBwopm2I_P5m8oGAZW8ITYSXDdMZlTvyKt_RaW_R1Zq13oZgtyUdO8cYAQ&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222100202132270128200%22,%22debug_reporting%22:true,%22destination%22:%22https://catalent.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221028789204%22],%224%22:[%2210-16%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211907046266202484977%22}&andc=true

Request Chain 53

https://googleads.g.doubleclick.net/pagead/adview?ai=C8YgMtPIsZYrXCrOwiM0PsJ6tuAfC6KKvc86MobiUENrZHhABILidpZQBYJXCpoKwB6AB1KfI6gPIAQKoAwHIA8kEqgTdAU_Q35R0fCKc1cp8ExmSLHWN5_xGgz8mzNK6-BgDJivgXmhl9SnA_LvOZPWPSHYx99pEwB7zCjrIzNpdb86koEg5YcCQNUnVqGznrIqWGespun4mMxnc4-7q3hkrMATAEU6XTM8TiMHvJLesb8uMHoGAXGg9bX8CeXmyt6dAUuuSNIOjVaL4fpvYM5B4h3f_eh-fWPEQayNO3WuJt4-fGge6aiqOm89PrR5AgQFkidz8W6ITM1aunwhmmEkNlf4d_gZ6xQpZCeZUGnAOH1GDjYyEkSnnDQv3UkyZ6BQDwATisPzDtAKIBbCck7IfkgUECAQYAZIFBAgFGASgBgKAB5TYtxWoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBD01BPSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6mgk3aHR0cHM6Ly93d3cuY2F0YWxlbnQuY29tL3JwLXNjaGVyZXItc29mdGdlbC10ZWNobm9sb2d5L4AKAcgLAdgTDNAVAYAXAbIXHAoaCAASFHB1Yi04MjQ4NjY2MTIwOTkyNDQ0GAA&sigh=xQYxaW6pcFc&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTADICaaNe05GzBQmZ88hrgMqNtV0hEAowTxBc3X9OI_2z87qDBwopm2I_P5m8oGAZW8ITYSXDdMZlTvyKt_RaW_R1Zq13oZgtyUdO8cYAQ&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211786864064344208562%22,%22debug_reporting%22:true,%22destination%22:%22https://catalent.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221028789204%22],%224%22:[%2210-16%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226158607586658853617%22}&andc=true

Request Chain 83

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10158.m0fY3GRtRZ9CZgrNijB2nos_s3iTt-_lPHxzFfvzUmeVkYeRF8hPnsdEvHCDpbCA.ibiFEsn0dWxpX0e_L-vOaPZZ5GM%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10158.bUBbTRi2h6eJofevvJeBNxhpb1bpv3H8EO2cgY4WL0ofap7VW6ZrwGVros0q9h1DK5Oqce9x5qJT9MxFHnqoNhxx3mg77HTaWWatqClUQBU%2C.Zgh7_Z7m38x_KIT8VMdJHv3MrRc%2C HTTP 302
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10158.1zSIZp4-XWc4Kcs-z6NHVY7Bk2WPh1p8jSaP7sOVkziTBQg83GEYcR2XKFWtI_uFI1rXGY1a3qXBD4Ukr-WxfQc-b-ZGSkY3Qe3zVpb0utuehRIqHVmOUZlkFfJuYNl2b9ITdnG3vYCJhMn03gdmP0N1ICGeyfvYfY82zocYdexRHT_DF-8baKOtaU13kGRmkJ0XlDvL4k8qIp1AxMD2vQ%2C%2C.yOSDRr9b5oBl6qfzOLm5wRJw4MY%2C

82 HTTP transactions
13 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.taptobox.com/
Redirect Chain

http://www.taptobox.com/
https://www.taptobox.com/

3 KB
1 KB

135ms
49ms

Document
text/html

2606:4700::6812:b96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.taptobox.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 414a5017835420b63b0e8b88c430acf82320bf83322282f07d42d6dd05ca581c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 668
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 816ee47edfcc4d3a-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 16 Oct 2023 08:22:11 GMT
expires: Mon, 16 Oct 2023 09:22:11 GMT
last-modified: Mon, 16 Oct 2023 08:11:03 GMT
server: cloudflare
vary: Accept-Encoding

Redirect headers

CF-RAY: 816ee47dfdc83630-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Mon, 16 Oct 2023 08:22:10 GMT
Expires: Mon, 16 Oct 2023 09:22:10 GMT
Location: https://www.taptobox.com/
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 performance-sdk.js Show response
www.taptobox.com/lib/ 12 KB
4 KB 411ms
410ms Script
application/javascript 2606:4700::6812:b96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.taptobox.com/lib/performance-sdk.js
Requested by: Host: www.taptobox.com
URL: https://www.taptobox.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 175b28f718ff7884f1888724e41e572ce8dcfd4c92dea9e839e6fc88ee655689

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.taptobox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 08:22:11 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 12 Oct 2023 09:52:44 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600
cf-ray: 816ee47f38354d3a-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 16 Oct 2023 09:22:11 GMT

GET
H2 200 performance-init.js Show response
www.taptobox.com/lib/ 97 B
191 B 359ms
358ms Script
application/javascript 2606:4700::6812:b96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.taptobox.com/lib/performance-init.js
Requested by: Host: www.taptobox.com
URL: https://www.taptobox.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a239e950d8a4031a97e60456b411224e739d457f0372d5e3555d0b7b99737d8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.taptobox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 08:22:11 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 12 Oct 2023 09:52:44 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600
cf-ray: 816ee47f38364d3a-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 16 Oct 2023 09:22:11 GMT

GET
H2 200 collection-log.js Show response
www.taptobox.com/lib/ 14 KB
5 KB 400ms
399ms Script
application/javascript 2606:4700::6812:b96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.taptobox.com/lib/collection-log.js
Requested by: Host: www.taptobox.com
URL: https://www.taptobox.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a6a7c52a2a3ccf340a31c4d570fed3dd80861a5417e769d139ae02183bce06e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.taptobox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 08:22:11 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 12 Oct 2023 09:52:44 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600
cf-ray: 816ee47f38384d3a-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 16 Oct 2023 09:22:11 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
51 KB 172ms
85ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8248666120992444

Requested by

Host: www.taptobox.com
URL: https://www.taptobox.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4d91f74c858f64377d3773cb0f230e5f6bfe3bf2a96c864a42bfcab16484172

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.taptobox.com/
Origin: https://www.taptobox.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 08:22:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51413
x-xss-protection: 0
server: cafe
etag: 12330807357072613105
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 08:22:11 GMT

GET
H3 200 main.4938bf19.js Show response
www.taptobox.com/static/js/ 2 MB
538 KB 1622ms
1622ms Script
application/javascript 2606:4700::6812:b96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.taptobox.com/static/js/main.4938bf19.js
Requested by: Host: www.taptobox.com
URL: https://www.taptobox.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17b8b981a4a238e49a5d452b7ea8c316b202ade61b2bed9bba75be778f72bc50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.taptobox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 08:22:13 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 12 Oct 2023 09:52:44 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600
cf-ray: 816ee481c9563684-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 16 Oct 2023 09:22:11 GMT

GET
H2 200 main.851c34a3.css
www.taptobox.com/static/css/ 652 KB
88 KB 751ms
750ms Stylesheet
text/css 2606:4700::6812:b96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.taptobox.com/static/css/main.851c34a3.css
Requested by: Host: www.taptobox.com
URL: https://www.taptobox.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b58ba0eab72e9ba1b15bc09b6318479f18c7b2f0cef4952edacb246198f5e3ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.taptobox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 08:22:11 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 12 Oct 2023 09:52:44 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, max-age=3600
cf-ray: 816ee47f38344d3a-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 16 Oct 2023 09:22:11 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310100101/ 393 KB
133 KB 198ms
118ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8248666120992444&plah=www.taptobox.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8248666120992444

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

303348d0fbc86bab21a4c6b60c84e13a452faf5be8af124cddb46520f8c8a4d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.taptobox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 08:22:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 136613
x-xss-protection: 0
server: cafe
etag: 12467543590393443843
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 08:22:11 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/ Frame 1686 10 KB
5 KB 126ms
39ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231011/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8248666120992444

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.taptobox.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 82330
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 15 Oct 2023 09:30:01 GMT
etag: 2603938475786422795
expires: Sun, 29 Oct 2023 09:30:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 202 KB
70 KB 311ms
152ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: www.taptobox.com
URL: https://www.taptobox.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e9597987b6f5f6a1e2c0a9bb76f9728ad3bda5548c3b1341dac1e7708c18ee7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.taptobox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 08:22:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Fri, 06 Oct 2023 14:28:02 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "651fef42-11470"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 70768
expires: Mon, 16 Oct 2023 09:22:12 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 391 B
603 B 134ms
48ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.taptobox.com&callback=_gfp_s_&client=ca-pub-8248666120992444

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8248666120992444&plah=www.taptobox.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36777e72e1f6dffdfdff341f01b8a403c0899681ad084e58741d0247d552ef61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.taptobox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 08:22:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 252
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C821 425 KB
74 KB 635ms
634ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8248666120992444&output=html&adk=1812271804&adf=3025194257&lmt=1697436663&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x1080_l%7C500x1080_r&format=0x0&url=https%3A%2F%2Fwww.taptobox.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1697444531716&bpp=4&bdt=663&idt=381&shv=r20231011&mjsv=m202310100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7541418543798&frm=20&pv=2&ga_vid=816182746.1697444532&ga_sid=1697444532&ga_hid=2091648592&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759837%2C31078597%2C44805099%2C44805335&oid=2&pvsid=2963143419387992&tmod=662714453&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=404

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2eb5f8728931c27f638cc23d9ffb51aa39c74bd88a83a52879239137d83e117a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.taptobox.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 75759
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 16 Oct 2023 08:22:12 GMT
expires: Mon, 16 Oct 2023 08:22:12 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10158.Ln51Mn5a95FED3zdf5nci6LwPLWByUucGt1Cl7nfr67EvmU793F1pE4h8O-lNi9H.KcA283eTXd0HgmM_3oBxjWItSjY%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10158.QU4zcEzPUgkjouPa4h3PXqtfdiVwznEGQuvkG2rhrQaZcIbSor67dmrf7NhtjHEgNxoFuctxx-HyIvbsU14tUXw4GNPNhhElrUAIozEDPmE%2C.WsqS0UcXFOiuQo4mtuZyvsyz5w4%2C

43 B
67 B

84ms
84ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=10158.QU4zcEzPUgkjouPa4h3PXqtfdiVwznEGQuvkG2rhrQaZcIbSor67dmrf7NhtjHEgNxoFuctxx-HyIvbsU14tUXw4GNPNhhElrUAIozEDPmE%2C.WsqS0UcXFOiuQo4mtuZyvsyz5w4%2C

Requested by

Host: www.taptobox.com
URL: https://www.taptobox.com/

Protocol

Server

2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.taptobox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 08:22:12 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=10158.QU4zcEzPUgkjouPa4h3PXqtfdiVwznEGQuvkG2rhrQaZcIbSor67dmrf7NhtjHEgNxoFuctxx-HyIvbsU14tUXw4GNPNhhElrUAIozEDPmE%2C.WsqS0UcXFOiuQo4mtuZyvsyz5w4%2C
date: Mon, 16 Oct 2023 08:22:12 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
137 B 80ms
78ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: www.taptobox.com
URL: https://www.taptobox.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.taptobox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 08:22:12 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 06 Oct 2023 14:26:04 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "651feecc-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Mon, 16 Oct 2023 09:22:12 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/88583577/
Redirect Chain

https://mc.yandex.com/watch/88583577?wmode=7&page-url=https%3A%2F%2Fwww.taptobox.com%2F&nohit=1&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afu%3A0%3Aen%3Autf-8...
https://mc.yandex.com/watch/88583577/1?wmode=7&page-url=https%3A%2F%2Fwww.taptobox.com%2F&nohit=1&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afu%3A0%3Aen%3Autf...

435 B
545 B

83ms
83ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/88583577/1?wmode=7&page-url=https%3A%2F%2Fwww.taptobox.com%2F&nohit=1&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1135%3Acn%3A1%3Adp%3A0%3Als%3A1424432733764%3Ahid%3A167662088%3Az%3A120%3Ai%3A20231016102212%3Aet%3A1697444532%3Ac%3A1%3Arn%3A1073013390%3Au%3A1697444532941284165%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1697444530563%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1697444533%3At%3ATeleBox&t=gdpr%2814%29clc%280-0-0%29aw%281%29ti%282%29&redirnss=1

Requested by

Host: www.taptobox.com
URL: https://www.taptobox.com/

Protocol

Server

2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

95a200082c5836971b030c9732941ec5ab97b3986fc8909c4a0ec8338f9b9061

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.taptobox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Oct 2023 08:22:12 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Mon, 16-Oct-2023 08:22:12 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.taptobox.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 435
x-xss-protection: 1; mode=block
expires: Mon, 16-Oct-2023 08:22:12 GMT

Redirect headers

pragma: no-cache
date: Mon, 16 Oct 2023 08:22:12 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 16-Oct-2023 08:22:12 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/88583577/1?wmode=7&page-url=https%3A%2F%2Fwww.taptobox.com%2F&nohit=1&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1135%3Acn%3A1%3Adp%3A0%3Als%3A1424432733764%3Ahid%3A167662088%3Az%3A120%3Ai%3A20231016102212%3Aet%3A1697444532%3Ac%3A1%3Arn%3A1073013390%3Au%3A1697444532941284165%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1697444530563%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1697444533%3At%3ATeleBox&t=gdpr%2814%29clc%280-0-0%29aw%281%29ti%282%29&redirnss=1
access-control-allow-origin: https://www.taptobox.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Mon, 16-Oct-2023 08:22:12 GMT

GET
H2

200

sync_cookie_image_decide_secondary
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check_secondary
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=10158.Re4q-k9RJ4aIpqM4U6Ejj-HQi0QcRp-Kw5icZRHsVdxUhKhSAPUguRKyLkpxlyJ5.YCIUZTPKpSDlh9nA4MIdZginVgQ%2C
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10158.nNd_2ec0qUPDVYTbrlhciQJ7hkqPCTFaFzlkjW-O24GFcutIH_ZfppvzZCWKCZKyaxBebXnMB_eHK_FP4CYeOXXpGWQ0x384eBh8Kt2Zu7o%2C.N9f8Rdl6KL60_zR3v...

43 B
67 B

83ms
82ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10158.nNd_2ec0qUPDVYTbrlhciQJ7hkqPCTFaFzlkjW-O24GFcutIH_ZfppvzZCWKCZKyaxBebXnMB_eHK_FP4CYeOXXpGWQ0x384eBh8Kt2Zu7o%2C.N9f8Rdl6KL60_zR3vZofS2AvkJ0%2C

Requested by

Host: www.taptobox.com
URL: https://www.taptobox.com/

Protocol

Server

2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.taptobox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 08:22:12 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10158.nNd_2ec0qUPDVYTbrlhciQJ7hkqPCTFaFzlkjW-O24GFcutIH_ZfppvzZCWKCZKyaxBebXnMB_eHK_FP4CYeOXXpGWQ0x384eBh8Kt2Zu7o%2C.N9f8Rdl6KL60_zR3vZofS2AvkJ0%2C
date: Mon, 16 Oct 2023 08:22:12 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310100101/ 157 KB
53 KB 141ms
140ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310100101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3cdcb70645913df3dfa5e7041695366e7d1aab3fa8fef1aa3ef7c8a4c9174d4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.taptobox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 08:22:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54682
x-xss-protection: 0
server: cafe
etag: 12864122922417166143
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 16 Oct 2023 08:22:12 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/ Frame 5A26 10 KB
4 KB 41ms
40ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.taptobox.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 77012
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 15 Oct 2023 10:58:41 GMT
etag: 2603938475786422795
expires: Sun, 29 Oct 2023 10:58:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/ Frame 059A 10 KB
4 KB 41ms
41ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.taptobox.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 77012
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 15 Oct 2023 10:58:41 GMT
etag: 2603938475786422795
expires: Sun, 29 Oct 2023 10:58:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/ Frame BD6F 10 KB
4 KB 41ms
40ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.taptobox.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 77012
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 15 Oct 2023 10:58:41 GMT
etag: 2603938475786422795
expires: Sun, 29 Oct 2023 10:58:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame 5A26 23 KB
9 KB 254ms
148ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 13:36:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67526
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9151
x-xss-protection: 0
server: cafe
etag: 7930219084593097114
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 29 Oct 2023 13:36:47 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0E9A 143 B
166 B 66ms
39ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 835
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 16 Oct 2023 08:08:18 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 5A26 3 KB
1 KB 196ms
94ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 17:21:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54029
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 29 Oct 2023 17:21:44 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 5A26 20 KB
9 KB 146ms
44ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 13:33:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67713
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 29 Oct 2023 13:33:40 GMT

GET
H2 200 4503461031206246870
tpc.googlesyndication.com/simgad/ Frame 5A26 13 KB
13 KB 237ms
135ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4503461031206246870?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmuMWglCJprcqFaiYak8PLhNWLBew

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48cbd2307a888eca5a567917d9b58cd8e99ad57c51221f2c9be8780fd7756998

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 04:51:12 GMT
x-content-type-options: nosniff
age: 99061
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13639
x-xss-protection: 0
last-modified: Thu, 02 Jan 2020 01:27:47 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 14 Oct 2024 04:51:12 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5A26 187 KB
59 KB 268ms
125ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 08:22:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60003
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697024009209687"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 16 Oct 2023 08:22:13 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 5A26 36 KB
15 KB 218ms
116ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93340594a3f629999eacb6d03aac3d49a76ca9023c18a90bce7e7e8d3ef9a68c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 10:47:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77697
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14932
x-xss-protection: 0
server: cafe
etag: 14442377342001293717
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 29 Oct 2023 10:47:16 GMT

GET
H2 200 4503461031206246870
tpc.googlesyndication.com/simgad/ Frame 059A 13 KB
13 KB 217ms
144ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4503461031206246870?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmuMWglCJprcqFaiYak8PLhNWLBew

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48cbd2307a888eca5a567917d9b58cd8e99ad57c51221f2c9be8780fd7756998

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 04:51:12 GMT
x-content-type-options: nosniff
age: 99061
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13639
x-xss-protection: 0
last-modified: Thu, 02 Jan 2020 01:27:47 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 14 Oct 2024 04:51:12 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame 059A 23 KB
9 KB 165ms
93ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 13:36:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67526
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9151
x-xss-protection: 0
server: cafe
etag: 7930219084593097114
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 29 Oct 2023 13:36:47 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E874 143 B
166 B 40ms
39ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 835
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 16 Oct 2023 08:08:18 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 059A 3 KB
1 KB 213ms
144ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 17:21:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54029
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 29 Oct 2023 17:21:44 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 059A 20 KB
8 KB 160ms
91ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 13:33:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67713
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 29 Oct 2023 13:33:40 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 059A 187 KB
59 KB 169ms
61ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 08:22:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60003
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697024009209687"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 16 Oct 2023 08:22:13 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 059A 36 KB
15 KB 225ms
158ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93340594a3f629999eacb6d03aac3d49a76ca9023c18a90bce7e7e8d3ef9a68c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 10:47:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77697
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14932
x-xss-protection: 0
server: cafe
etag: 14442377342001293717
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 29 Oct 2023 10:47:16 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame BD6F 14 KB
2 KB 152ms
53ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 16 Oct 2023 08:22:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 16 Oct 2023 07:43:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 16 Oct 2023 08:22:13 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame BD6F 2 KB
973 B 227ms
176ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 13:38:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67439
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 29 Oct 2023 13:38:14 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame BD6F 23 KB
9 KB 203ms
154ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 13:36:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67526
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9151
x-xss-protection: 0
server: cafe
etag: 7930219084593097114
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 29 Oct 2023 13:36:47 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame BD6F 3 KB
1 KB 217ms
169ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 17:21:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54029
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 29 Oct 2023 17:21:44 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame BD6F 20 KB
8 KB 141ms
92ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Sun, 15 Oct 2023 13:33:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67713
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 29 Oct 2023 13:33:40 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BD6F 187 KB
59 KB 228ms
141ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 08:22:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60003
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1697024009209687"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 16 Oct 2023 08:22:13 GMT

GET
H2 200 ccbada329de78be299cbea1a52c9a584.js Show response
www.gstatic.com/mysidia/ Frame BD6F 35 KB
15 KB 152ms
41ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ccbada329de78be299cbea1a52c9a584.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

003fffcd4e614a4719da6f886bd221851da79915061393b248af55fe0ddf9476

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 21:16:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 558359
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14787
x-xss-protection: 0
last-modified: Mon, 09 Oct 2023 21:02:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 07 Jan 2024 21:16:14 GMT

GET
H2 200 13320557828428593358
tpc.googlesyndication.com/simgad/ Frame BD6F 22 KB
22 KB 141ms
96ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13320557828428593358?w=400&h=209&tw=1&q=75

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5089f7cf802f47dfb432c3a8cbe578b45780241e7acb982cb6034b38a407b881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 06:58:19 GMT
x-content-type-options: nosniff
age: 5034
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22364
x-xss-protection: 0
last-modified: Fri, 13 Oct 2023 10:15:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 15 Oct 2024 06:58:19 GMT

GET
DATA 200
OK truncated
/ Frame BD6F 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8624d08aebefc2a58d269c5b26d90d665f39328bca6528034c40d59e598a98c5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame BD6F 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0E9A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

56ms
55ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 16 Oct 2023 08:22:13 GMT
expires: Mon, 16 Oct 2023 08:22:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 16 Oct 2023 08:22:13 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E874
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

59ms
59ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 16 Oct 2023 08:22:13 GMT
expires: Mon, 16 Oct 2023 08:22:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 16 Oct 2023 08:22:13 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame BD6F 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f9eb19cd52554e001a7042ff52656614053acd91de492d83b64191ff87f28572

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 059A 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4433eb8e3ba6dea8c79d862507fa1b27157c9821da83b5ac777fecc1a6127d8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 zvtDWUGYKMqjl3EmEyJPT9PZ9nqaRLgbjIcpa6W6ga4.js Show response
pagead2.googlesyndication.com/bg/ Frame E9B7 38 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zvtDWUGYKMqjl3EmEyJPT9PZ9nqaRLgbjIcpa6W6ga4.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cefb4359419828caa397712613224f4fd3d9f67a9a44b81b8c87296ba5ba81ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 21:56:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 383119
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14821
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 07:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Oct 2024 21:56:54 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame BD6F
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CEm6EtPIsZYzXCrOwiM0PsJ6tuAffoujIc7zhp8y3EvGH-sHfCxABILidpZQBYJXCpoKwB6AB397a4wPIAQmpAt71OhnkobE-qAMByAPLBKoE1wFP0NG8_Yj_kJOs7IRa6OnC5DMADiVrfeV...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212034851983632277139%22,%22debug_reporting%22:true,%22destination%22:%22https://terracanis.com%22,%22event_report_window%2...

0
0

155ms
74ms

Fetch
text/css

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212034851983632277139%22,%22debug_reporting%22:true,%22destination%22:%22https://terracanis.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221014411103%22],%224%22:[%2210-16%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216989139612164038337%22}&andc=true

Requested by

Host: www.taptobox.com
URL: https://www.taptobox.com/

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 08:22:13 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"12034851983632277139","debug_reporting":true,"destination":"https://terracanis.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1014411103"],"4":["10-16"],"6":["true"]},"priority":"500","source_event_id":"16989139612164038337"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 16 Oct 2023 08:22:13 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 16 Oct 2023 08:22:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"12034851983632277139","debug_reporting":true,"destination":"https://terracanis.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1014411103"],"4":["10-16"],"6":["true"]},"priority":"500","source_event_id":"16989139612164038337"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 059A
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CDCaztPIsZYvXCrOwiM0PsJ6tuAfC6KKvc86MobiUENrZHhABILidpZQBYJXCpoKwB6AB1KfI6gPIAQKoAwHIA8kEqgTdAU_QGaG4r3yhKCPQP0FaFGKPkhfNvWwU44QYL_h-2PqkRYC8W61...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222100202132270128200%22,%22debug_reporting%22:true,%22destination%22:%22https://catalent.com%22,%22event_report_window%22:%...

0
0

154ms
73ms

Fetch
text/css

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222100202132270128200%22,%22debug_reporting%22:true,%22destination%22:%22https://catalent.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221028789204%22],%224%22:[%2210-16%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211907046266202484977%22}&andc=true

Requested by

Host: www.taptobox.com
URL: https://www.taptobox.com/

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 08:22:13 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"2100202132270128200","debug_reporting":true,"destination":"https://catalent.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1028789204"],"4":["10-16"],"6":["true"]},"priority":"500","source_event_id":"11907046266202484977"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 16 Oct 2023 08:22:13 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 16 Oct 2023 08:22:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"2100202132270128200","debug_reporting":true,"destination":"https://catalent.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1028789204"],"4":["10-16"],"6":["true"]},"priority":"500","source_event_id":"11907046266202484977"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 5A26 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7cd7e56cf64f43fe258d51287d8d3a66aa801216ca120e1b0f8d3d7c76765dca

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 zvtDWUGYKMqjl3EmEyJPT9PZ9nqaRLgbjIcpa6W6ga4.js Show response
pagead2.googlesyndication.com/bg/ Frame C676 38 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zvtDWUGYKMqjl3EmEyJPT9PZ9nqaRLgbjIcpa6W6ga4.js

Requested by

Host: www.taptobox.com
URL: https://www.taptobox.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cefb4359419828caa397712613224f4fd3d9f67a9a44b81b8c87296ba5ba81ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 21:56:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 383119
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14821
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 07:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Oct 2024 21:56:54 GMT

GET
H3 200 zvtDWUGYKMqjl3EmEyJPT9PZ9nqaRLgbjIcpa6W6ga4.js Show response
pagead2.googlesyndication.com/bg/ Frame FEE1 38 KB
14 KB 44ms
42ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zvtDWUGYKMqjl3EmEyJPT9PZ9nqaRLgbjIcpa6W6ga4.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cefb4359419828caa397712613224f4fd3d9f67a9a44b81b8c87296ba5ba81ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 21:56:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 383119
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14821
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 07:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Oct 2024 21:56:54 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 5A26
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C8YgMtPIsZYrXCrOwiM0PsJ6tuAfC6KKvc86MobiUENrZHhABILidpZQBYJXCpoKwB6AB1KfI6gPIAQKoAwHIA8kEqgTdAU_Q35R0fCKc1cp8ExmSLHWN5_xGgz8mzNK6-BgDJivgXmhl9Sn...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211786864064344208562%22,%22debug_reporting%22:true,%22destination%22:%22https://catalent.com%22,%22event_report_window%22:...

0
0

154ms
72ms

Fetch
text/css

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211786864064344208562%22,%22debug_reporting%22:true,%22destination%22:%22https://catalent.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221028789204%22],%224%22:[%2210-16%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226158607586658853617%22}&andc=true

Requested by

Host: www.taptobox.com
URL: https://www.taptobox.com/

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 08:22:13 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"11786864064344208562","debug_reporting":true,"destination":"https://catalent.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1028789204"],"4":["10-16"],"6":["true"]},"priority":"500","source_event_id":"6158607586658853617"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 16 Oct 2023 08:22:13 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 16 Oct 2023 08:22:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"11786864064344208562","debug_reporting":true,"destination":"https://catalent.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1028789204"],"4":["10-16"],"6":["true"]},"priority":"500","source_event_id":"6158607586658853617"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 177ms
73ms Preflight
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 16 Oct 2023 08:22:13 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 177ms
74ms Preflight
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 16 Oct 2023 08:22:13 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 176ms
73ms Preflight
text/html 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 16 Oct 2023 08:22:13 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BD6F 42 B
174 B 77ms
76ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu40A5Nt_uPTSsInOn1RqG1MmmR5Zuip_VBjJ7DNMU13RxOIJmwmZhYsS2qN6f09TPwyT5jeLMgIg_SuuNx12h0tHrkHRVKQvGwJ3PdRndiWQRHs788h3cuHKudDLLNb_4S6vlB53oJ7U7MN17WZO5zw8kaCXlcIAubFKdvuDCLB4xxYxrn2WGkjTWabxM165CgB77TPuqXpSPJImQ3Garp-UDRJWH2MC9--kYGOg8a8J66d7qKYiLmRxJo89ykp2VPGWoUVzp_7R6Ddc8icwctajFiFgOYO0zKbsUUTKL6f_I3xV4-LjjKYnY0XxFgDaycSE9XQjLZJsgg5T6E9pVeAeswvXwhJfLfg9QmSd0Kp0zg5BvbV1--dfNFUKd6jw7qH009w5QQSRFaTzNnH4VevuGCIXTVaSwcCZ7K6tkn5OJ1D8izt1786d6smHwpECPSR_06Qyi_URnDdAlxIXpbIapbT8kZrfO805smr-pbxUsgCDXZABoxE6nsDrf0zxEN1RqU-GEJf0EQrb_BtkrQDAjqfqzoczwN1tk07OOl0cv1TkkAs2JwBQvj7vxdE9w8kSg5oKsrsldHQ3P794veU8nCWSkNhKabrWIGtz7cHQzsTWla5aEp1Q7SizhLRaJ1_rYSuLHdII5y1_aUEOlQxRvJ9JGBc7Ql2W3hyhrBR7FKEkzFsLXk9kxbkM-vurPm0PleKE2nFVNy56FF9DEr5ijc1X8I4vJGYEI0esbkWQKx7VImJxPD0MWEMuHI_1ZLuSuLBVNFcgQIN6fbnSXffqKSEmWnbBo9w5UGWpB7MuCdJNDvmYkiaTMKaUx6hilo_BJhYFXROd_11D0fbjyKGWdBTrxIYrSwp0ejqyMGQWr9JqnREhHgHXw6So57jZPw5cuxq7dHx47KU35ta7Fd7505vit--QI7xXRUgy6ZKmuOaW8o39tPE9bUJrGO50Peu5M6bbxHHL2V9ohgaMYs9WjOJFb2fq6nGqWZiyy0gXFhnka8Jzfl94rUDLHaFklsWhL50xthug63Ourfx--HggMJmd9XAbzOjX5pJOMbiLhoOyLXhH94dIK491Z-sNaTg8aH1kN4&sai=AMfl-YSalfcxa6C3WyARs2NP6gGYVf_xOgm4te-voJhvH8yBvU6tcgzEVS0nX1z2IOpNHfSxjahYlRr6E3Nze4u9djXYyeSu5zzP_V4qNIl7J1eP_0KVonsbEBorFDDSJmBdnkqjsYm5IXWqHRIbENlN5nWD1-hpIabmmTU&sig=Cg0ArKJSzFGBzoYQDj0HEAE&cid=CAQSTADICaaNe05GzBQmZ88hrgMqNtV0hEAowTxBc3X9OI_2z87qDBwopm2I_P5m8oGAZW8ITYSXDdMZlTvyKt_RaW_R1Zq13oZgtyUdO8cYAQ&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=209,849,1000,1000,1000&tos=209,640,151,0,0&v=20231011&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697444533027&rpt=500&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Oct 2023 08:22:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 059A 42 B
108 B 76ms
76ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssTXjv_ZUjXzntwGA-Ml7CK5j2lTwIyfIiyHHO57Ce9T86jecpVjXrX2PYCz0EXxLRnGbreEfnbgXOX-dwN144RwJfFCb2sk5JR5rZZz4gWYJobiKD6QfZ5TzOFdqz0uyJ75ZsHt9oyTerW&sai=AMfl-YQ64BuaKT8Ag83WDb-YXwP0RGy1Koa1AfKuJnLUhbRIjJ-STFzDu4EyZONhZOVjAyGE8DnrmDrou05IXcenQ1iaRYlEBgXInTorrul188FElKePW14mjDE-DemOeY2GdpzZQ-KZQNwZJ2eHMg&sig=Cg0ArKJSzGYBR2rw89rFEAE&cid=CAQSTADICaaNe05GzBQmZ88hrgMqNtV0hEAowTxBc3X9OI_2z87qDBwopm2I_P5m8oGAZW8ITYSXDdMZlTvyKt_RaW_R1Zq13oZgtyUdO8cYAQ&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231011&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697444533024&rpt=381&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Oct 2023 08:22:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5A26 42 B
108 B 77ms
76ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvFgOLD-Ll60oZkNq2AJOKbXcDLwedY6VsjnvKCS_GDIxOCOp435P1gpUWRBwjlGXC6zgkswiCUyRvTgyPJQ604jjLVNSdzGUd1MTb4oxZzWW-alp4lNAWr4rUUnwxboWCJoQNN0uh0VPaN&sai=AMfl-YSOQNW4e3D2Yyx5WxiFsRqaN86PPIuZ0s4TJmoqBOtMEiFEEUc3w0yO5EPK-lcXy1qvUfWmwIazbwDwnE8N8iVMOtH1ZTKoqSEwC6lD9gSQXKl5uq2ilPUPhXA6fK1GtvT7DNHuCk-_5bkbnQ&sig=Cg0ArKJSzMAyTVzqdpYZEAE&cid=CAQSTADICaaNe05GzBQmZ88hrgMqNtV0hEAowTxBc3X9OI_2z87qDBwopm2I_P5m8oGAZW8ITYSXDdMZlTvyKt_RaW_R1Zq13oZgtyUdO8cYAQ&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231011&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1697444533021&rpt=466&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Oct 2023 08:22:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1220.b3cd2300.chunk.js Show response
www.taptobox.com/static/js/ 58 KB
18 KB 565ms
564ms Script
application/javascript 2606:4700::6812:b96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.taptobox.com/static/js/1220.b3cd2300.chunk.js
Requested by: Host: www.taptobox.com
URL: https://www.taptobox.com/static/js/main.4938bf19.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dedaaf36fcc069f97351032cd7d04ef07a5a117e1af8f74dd5e36d21d02a15fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.taptobox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 08:22:16 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 12 Oct 2023 09:52:45 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600
cf-ray: 816ee49c0f2a3684-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 16 Oct 2023 09:22:16 GMT

GET
H3 200 4763.82f25004.chunk.js Show response
www.taptobox.com/static/js/ 33 KB
25 KB 572ms
570ms Script
application/javascript 2606:4700::6812:b96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.taptobox.com/static/js/4763.82f25004.chunk.js
Requested by: Host: www.taptobox.com
URL: https://www.taptobox.com/static/js/main.4938bf19.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5276ce765b43635355a6f015488309ce0f6ecebea882b8b9c7f894ae3587a2e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.taptobox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 08:22:16 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 12 Oct 2023 09:52:44 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600
cf-ray: 816ee49c0f303684-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 16 Oct 2023 09:22:16 GMT

GET
H3 200 4158.ef917c72.chunk.js Show response
www.taptobox.com/static/js/ 168 KB
112 KB 1430ms
1429ms Script
application/javascript 2606:4700::6812:b96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.taptobox.com/static/js/4158.ef917c72.chunk.js
Requested by: Host: www.taptobox.com
URL: https://www.taptobox.com/static/js/main.4938bf19.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 656a87350bed0a276e388d71efed78fdd15b8dd630183d87e480a7e2cec0522e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.taptobox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 08:22:17 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 12 Oct 2023 09:52:44 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600
cf-ray: 816ee49c0f343684-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 16 Oct 2023 09:22:16 GMT

GET
H3 200 9406.1b140539.chunk.css
www.taptobox.com/static/css/ 25 KB
4 KB 377ms
376ms Stylesheet
text/css 2606:4700::6812:b96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.taptobox.com/static/css/9406.1b140539.chunk.css
Requested by: Host: www.taptobox.com
URL: https://www.taptobox.com/static/js/main.4938bf19.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8b76cdbd5c450aaeb5021871a253873092e8eadb245e18b65273174dcaabfce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.taptobox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 08:22:16 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 12 Oct 2023 09:52:44 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, max-age=3600
cf-ray: 816ee49c0f353684-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 16 Oct 2023 09:22:16 GMT

GET
H3 200 9406.26afd840.chunk.js Show response
www.taptobox.com/static/js/ 35 KB
18 KB 379ms
378ms Script
application/javascript 2606:4700::6812:b96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.taptobox.com/static/js/9406.26afd840.chunk.js
Requested by: Host: www.taptobox.com
URL: https://www.taptobox.com/static/js/main.4938bf19.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2e4a3b4a7ecff1074eeba038bb34343bc07d1adac4244b99d0a44b1e93c4d2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.taptobox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 08:22:16 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 12 Oct 2023 09:52:45 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600
cf-ray: 816ee49c0f373684-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 16 Oct 2023 09:22:15 GMT

GET
H3 200 9284.317ba076.chunk.js Show response
www.taptobox.com/static/js/ 28 KB
21 KB 570ms
569ms Script
application/javascript 2606:4700::6812:b96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.taptobox.com/static/js/9284.317ba076.chunk.js
Requested by: Host: www.taptobox.com
URL: https://www.taptobox.com/static/js/main.4938bf19.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d4234a564c1c16938d2e6245e65c2763069b3c490e7bbab4b5fe8d3170b3f65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.taptobox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 08:22:16 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 12 Oct 2023 09:52:44 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600
cf-ray: 816ee49c0f3b3684-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 16 Oct 2023 09:22:16 GMT

GET
H3 200 6407.618f6871.chunk.css
www.taptobox.com/static/css/ 27 KB
11 KB 401ms
400ms Stylesheet
text/css 2606:4700::6812:b96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.taptobox.com/static/css/6407.618f6871.chunk.css
Requested by: Host: www.taptobox.com
URL: https://www.taptobox.com/static/js/main.4938bf19.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e86f944f6d1727d45c38428ad057fd54f77c4fd18f2b75278e7d59273c8a79cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.taptobox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 08:22:16 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 12 Oct 2023 09:52:45 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, max-age=3600
cf-ray: 816ee49c0f3d3684-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 16 Oct 2023 09:22:16 GMT

GET
H3 200 6407.d45197e5.chunk.js Show response
www.taptobox.com/static/js/ 45 KB
27 KB 524ms
523ms Script
application/javascript 2606:4700::6812:b96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.taptobox.com/static/js/6407.d45197e5.chunk.js
Requested by: Host: www.taptobox.com
URL: https://www.taptobox.com/static/js/main.4938bf19.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98b06c157528224f221ae0bb21ba09c841eeb5d045c43e2bb6397ff53e57aa3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.taptobox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 08:22:16 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 12 Oct 2023 09:52:44 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600
cf-ray: 816ee49c0f3e3684-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 16 Oct 2023 09:22:16 GMT

GET
H3 200 info Show response
www.taptobox.com/api/user/ 40 B
173 B 367ms
367ms Fetch
application/json 2606:4700::6812:b96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.taptobox.com/api/user/info?token=null
Requested by: Host: www.taptobox.com
URL: https://www.taptobox.com/lib/performance-sdk.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e8cd5d44ff898a4b1c2af1d9ad23acaa88356265a25e1420b0fc6786995cfa8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.taptobox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 08:22:16 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 816ee49c3f793684-FRA
alt-svc: h3=":443"; ma=86400
content-length: 40
content-type: application/json; charset=utf-8

GET
H3 200 get-country Show response
www.taptobox.com/api/ 27 B
160 B 204ms
204ms Fetch
application/json 2606:4700::6812:b96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.taptobox.com/api/get-country
Requested by: Host: www.taptobox.com
URL: https://www.taptobox.com/lib/performance-sdk.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5405d087f0e134349eef8db3be7a1a3f27eab65bbd0e3e3d5d41f72cff7110aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.taptobox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 08:22:16 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 816ee49e8a223684-FRA
alt-svc: h3=":443"; ma=86400
content-length: 27
content-type: application/json; charset=utf-8

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ffb7bfb84afcc682549e04af5054b939857c41ff32f58cde2832d95f3a0a7935

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.taptobox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c21240fb81d6d995dd3024f6bdf399c6d35c85edd9b730a77d531036ad0cd739

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.taptobox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 en-pc.ce44de94a22312d06bfa.png
www.taptobox.com/static/media/ 138 KB
138 KB 737ms
736ms Image
image/png 2606:4700::6812:b96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.taptobox.com/static/media/en-pc.ce44de94a22312d06bfa.png
Requested by: Host: www.taptobox.com
URL: https://www.taptobox.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38cbf50e3a1eec659a5287bcb47e8db8a2a80f784496aa2494ee933f1661d185

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.taptobox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 08:22:18 GMT
cf-cache-status: MISS
last-modified: Thu, 12 Oct 2023 09:52:45 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=3600
accept-ranges: bytes
cf-ray: 816ee4a63aae3684-FRA
alt-svc: h3=":443"; ma=86400
content-length: 141193
expires: Mon, 16 Oct 2023 09:22:17 GMT

GET
H3 200 bg-pc-2.363bed208799c372415d.png
www.taptobox.com/static/media/ 84 KB
84 KB 514ms
513ms Image
image/png 2606:4700::6812:b96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.taptobox.com/static/media/bg-pc-2.363bed208799c372415d.png
Requested by: Host: www.taptobox.com
URL: https://www.taptobox.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3f9e47f2b9ee04a1710d0b2d2fbc266162ad47135f730440a5821ce8e40fab2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.taptobox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 08:22:17 GMT
cf-cache-status: MISS
last-modified: Thu, 12 Oct 2023 09:52:44 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=3600
accept-ranges: bytes
cf-ray: 816ee4a63aaf3684-FRA
alt-svc: h3=":443"; ma=86400
content-length: 85667
expires: Mon, 16 Oct 2023 09:22:17 GMT

GET
H3 200 pic-pc-1.249057dd40e56ccd3948.png
www.taptobox.com/static/media/ 36 KB
36 KB 739ms
738ms Image
image/png 2606:4700::6812:b96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.taptobox.com/static/media/pic-pc-1.249057dd40e56ccd3948.png
Requested by: Host: www.taptobox.com
URL: https://www.taptobox.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3bb23881ec6ff46c9df6f2ab3d597c7f1b96a01de413481f737b203efc98a90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.taptobox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 08:22:18 GMT
cf-cache-status: MISS
last-modified: Thu, 12 Oct 2023 09:52:44 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=3600
accept-ranges: bytes
cf-ray: 816ee4a63ab03684-FRA
alt-svc: h3=":443"; ma=86400
content-length: 37014
expires: Mon, 16 Oct 2023 09:22:17 GMT

GET
H3 200 pic-pc-2.4c787a7849ca7a39a7dc.png
www.taptobox.com/static/media/ 31 KB
31 KB 514ms
513ms Image
image/png 2606:4700::6812:b96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.taptobox.com/static/media/pic-pc-2.4c787a7849ca7a39a7dc.png
Requested by: Host: www.taptobox.com
URL: https://www.taptobox.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da8503d5ed322531bfa3dddb117d87233145af1c8961aa3e39a32ead3d69c419

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.taptobox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 08:22:17 GMT
cf-cache-status: MISS
last-modified: Thu, 12 Oct 2023 09:52:44 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=3600
accept-ranges: bytes
cf-ray: 816ee4a63ab13684-FRA
alt-svc: h3=":443"; ma=86400
content-length: 31613
expires: Mon, 16 Oct 2023 09:22:17 GMT

GET
H3 200 pic-pc-4.49b952bc4a30e9723d41.png
www.taptobox.com/static/media/ 34 KB
35 KB 734ms
734ms Image
image/png 2606:4700::6812:b96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.taptobox.com/static/media/pic-pc-4.49b952bc4a30e9723d41.png
Requested by: Host: www.taptobox.com
URL: https://www.taptobox.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0db77254dade537228f98e00df62833936d2879ad917b7f6b76c0f59cc7e9e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.taptobox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 08:22:18 GMT
cf-cache-status: MISS
last-modified: Thu, 12 Oct 2023 09:52:45 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=3600
accept-ranges: bytes
cf-ray: 816ee4a63ab33684-FRA
alt-svc: h3=":443"; ma=86400
content-length: 35286
expires: Mon, 16 Oct 2023 09:22:17 GMT

GET
DATA 200
OK truncated
/ 8 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 93236cdc468127565a6e950d2311bdc9ddae0ce7d9fba547f9496e7c976ae6c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.taptobox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0c5216d8a41cd8c0b0ffd2c02e66329e2c14bf946e33abc4483a137215adef59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.taptobox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 8 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 316871a0d339f8dcc554ea7fbdda4f5be679362e9ddeea9454f427cac5c69ad6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.taptobox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d75e5502fdaa229764faa1a46d664449b136c2a1337998128d80aca7194120d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.taptobox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e1b93258acbb3cb163301dce5fe9576d8143704a46f3acc206cb5dda5ab52fea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.taptobox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1760e4811565b6ecf850b4aa9f0d8e73b297c53052e171031f591b5a65d079c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.taptobox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10158.m0fY3GRtRZ9CZgrNijB2nos_s3iTt-_lPHxzFfvzUmeVkYeRF8hPnsdEvHCDpbCA.ibiFEsn0dWxpX0e_L-vOaPZZ5GM%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10158.bUBbTRi2h6eJofevvJeBNxhpb1bpv3H8EO2cgY4WL0ofap7VW6ZrwGVros0q9h1DK5Oqce9x5qJT9MxFHnqoNhxx3mg77HTaWWatqClUQBU%2C.Zgh7_Z7m38x_KIT8VMdJHv3MrRc%2C
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10158.1zSIZp4-XWc4Kcs-z6NHVY7Bk2WPh1p8jSaP7sOVkziTBQg83GEYcR2XKFWtI_uFI1rXGY1a3qXBD4Ukr-WxfQc-b-ZGSkY3Qe3zVpb0utueh...

43 B
404 B

78ms
78ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10158.1zSIZp4-XWc4Kcs-z6NHVY7Bk2WPh1p8jSaP7sOVkziTBQg83GEYcR2XKFWtI_uFI1rXGY1a3qXBD4Ukr-WxfQc-b-ZGSkY3Qe3zVpb0utuehRIqHVmOUZlkFfJuYNl2b9ITdnG3vYCJhMn03gdmP0N1ICGeyfvYfY82zocYdexRHT_DF-8baKOtaU13kGRmkJ0XlDvL4k8qIp1AxMD2vQ%2C%2C.yOSDRr9b5oBl6qfzOLm5wRJw4MY%2C

Requested by

Host: www.taptobox.com
URL: https://www.taptobox.com/

Protocol

Server

2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.taptobox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 08:22:17 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10158.1zSIZp4-XWc4Kcs-z6NHVY7Bk2WPh1p8jSaP7sOVkziTBQg83GEYcR2XKFWtI_uFI1rXGY1a3qXBD4Ukr-WxfQc-b-ZGSkY3Qe3zVpb0utuehRIqHVmOUZlkFfJuYNl2b9ITdnG3vYCJhMn03gdmP0N1ICGeyfvYfY82zocYdexRHT_DF-8baKOtaU13kGRmkJ0XlDvL4k8qIp1AxMD2vQ%2C%2C.yOSDRr9b5oBl6qfzOLm5wRJw4MY%2C
date: Mon, 16 Oct 2023 08:22:17 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 88583577 Show response
mc.yandex.com/watch/ 43 B
381 B 79ms
79ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/88583577?page-url=https%3A%2F%2Fwww.taptobox.com%2F&charset=utf-8&hittoken=1697444532_a24af43405be186c5f347cee85ed0dac5cb3037ad9c39e7309c6ad02545533b5&browser-info=pv%3A1%3Aar%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afp%3A2489%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1135%3Acn%3A1%3Adp%3A1%3Als%3A1424432733764%3Ahid%3A167662088%3Az%3A120%3Ai%3A20231016102217%3Aet%3A1697444537%3Ac%3A1%3Arn%3A110149703%3Arqn%3A1%3Au%3A1697444532941284165%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C84%2C50%2C1%2C353%2C0%2C%2C827%2C0%2C%2C%2C%2C5112%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1697444530563%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1697444538%3At%3ATeleBox&t=gdpr(14)clc(0-0-0)rqnt(1)lt(8200)aw(1)ti(2)

Requested by

Host: www.taptobox.com
URL: https://www.taptobox.com/lib/performance-sdk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Ulyanovsk, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.taptobox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 16 Oct 2023 08:22:17 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 16-Oct-2023 08:22:17 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://www.taptobox.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 16-Oct-2023 08:22:17 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 88ms
88ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231011&st=env

Requested by

Host: www.taptobox.com
URL: https://www.taptobox.com/lib/performance-sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0b174f7ec310b7857cbc9cbb707660407cd053c36943b048717812ae7717d3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.taptobox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 08:22:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12116
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.taptobox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 08:22:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 16 Oct 2023 08:22:19 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 10F2 13 KB
5 KB 42ms
39ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.taptobox.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1023
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 16 Oct 2023 08:05:16 GMT
expires: Tue, 15 Oct 2024 08:05:16 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 11B7 829 B
999 B 53ms
51ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1ed7041e0ac3859ced5f51a2128d4f7b4b5b7245a5b7c1775ded35669553e574

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-VM0TYv7YkrfIhMUwuQ10UQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.taptobox.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-VM0TYv7YkrfIhMUwuQ10UQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 16 Oct 2023 08:22:19 GMT
expires: Mon, 16 Oct 2023 08:22:19 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H3 200 performance Show response
www.taptobox.com/api/ 11 B
144 B 204ms
204ms Fetch
application/json 2606:4700::6812:b96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.taptobox.com/api/performance
Requested by: Host: www.taptobox.com
URL: https://www.taptobox.com/lib/performance-sdk.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a491a7b7a24b52ae6dd7dbcb4ac13b6f5f6ff714d69c021c269b065a6a2e1f3e

Request headers

Referer: https://www.taptobox.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 16 Oct 2023 08:22:19 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 816ee4b338fb3684-FRA
alt-svc: h3=":443"; ma=86400
content-length: 11
content-type: application/json; charset=utf-8

GET
H3 200 4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js Show response
pagead2.googlesyndication.com/bg/ Frame 10F2 37 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 08:01:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1249
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14648
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 07:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 15 Oct 2024 08:01:30 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 11B7 0
0 72ms
72ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231011&jk=2963143419387992&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 10F2 0
10 B 39ms
39ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?mIdMzA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 08:22:19 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 79ms
77ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231011&jk=2963143419387992&bg=!EhGlEV7NAAbFpEfJ5aQ7ADQBe5WfOC_H7ttvStLW2sRNhM5CmuAjrh_q4m28C_SuaSt9gckfR6oBArOcnuFf57KvX81DAgAAAJZSAAAAC2gBB5kC7xmfR5koEuwyh-3zQb9hiJgpIcP2TvNvQM1BImHM6EIheIRVYZugBcj9v9xeCnYuyXoz9zA2P5F2tOflJX8JEjceH6YF-Cp5lxVaR5jTVJpZo2STp9K1ieVQ6ZqwBS59cZH0tCqnmIztGEKhbwAQ9NuMf8nnhHDnUojUFJ_XUjE8WUL4gZr6GBshSwjAxShbhpfokGb5FbBAzW-rNfWCDlgCdKXQCSqsUAtvg-EETmlRxRb6aJ834mSPmh2zfo0EUGzeJABOCpqj9nn6D1iecVfsInsDqVfz3WK9uFn4dlsqbI_DEFfrDejtNJPUlT0-ynbA4mHnGZdU7CY3IZLcw8AhikQssuqelhtYhKfQxNV6Fyw_uYemzTiMUcg_DCKTn3tZv_4A6hItDOBtUuBges-4oPGyJFa626gpc9MZZQhmLghoLQEWzEydrRlk-gGqFlr8P0XMH4pez86HwQ28nMOBEzUZYVKjrGsHIIV_7479DIBwBkn3Tz4KwO7UHv1REsa56N4PTCt5cvxS-UDsDNWrVL2LSxRK8BlsNCybt5ljtAZqC7Xz6-jlKl9ixRLFI61gibpxXjYQIbwMcFl_9CAY4QpoQiGP74wq5MWU-_VuKK7DiL4oINnLs4hZ1Oap6FmV3y-uML4VzCFG_qSX9at5gQ6YKb_F4XcKkIxR_z2ucI1lGWdsJXYxN9hSc_VXj-VOOL2m4MmOlnsa56ZHgAhujrL5MmYbDkPhl5kYwi_GbQNXucDR27FhieXpR3ueD_3c_migHPMhZJ9MhgYmpbuK79w6N3uzyOgzbZ9ua2hMcGYYqIyXFN_-HkdLQIkT1DgdKMktUqAdhPFx9WgbSWsRFaPYpzZby-wF4-X9Mjk-Ie2wP_d1Np0rgVGgQCtALkvpId7XKM0nxebyssKHxC-N6yG6rLha2ny3rZi_d9PSBoRP57y0CkWhHdjTV1pbmoqPjY5YxIYsQUQaqFrFMFvxCxnq3ksZe7S7w5FoBgc
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.taptobox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.taptobox.com/	1970-01-20 15:40:49	Name: uid Value: d879cdf-e8ba4f1c-ae178f54-a0481e18%3D1697444531469
.taptobox.com/	1970-01-21 00:16:20	Name: _ym_uid Value: 1697444532941284165
.taptobox.com/	1970-01-21 00:16:20	Name: _ym_d Value: 1697444532
.taptobox.com/	1970-01-20 15:31:56	Name: _ym_isad Value: 2
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 2407426531697444532
.yandex.com/	1970-01-21 01:06:44	Name: i Value: gY00Clxo1IQc9sVVqeJ1XkN2I3WQdPtA8Z+NX8dkKSkpTl5GR+vBaTmiehLYNnEKhQ21I1CaoVFeZKN1H1+51fqPxZU=
.yandex.com/	1970-01-21 01:06:44	Name: yandexuid Value: 3144852551697444532
.yandex.com/	1970-01-21 00:16:20	Name: yuidss Value: 3144852551697444532
.yandex.com/	1970-01-21 00:16:20	Name: ymex Value: 1728980532.yrts.1697444532#1728980532.yrtsi.1697444532
.yandex.com/	1970-01-21 00:16:20	Name: bh Value: KgI/MA==
.taptobox.com/	1970-01-21 00:52:20	Name: __gads Value: ID=f721fe4a561c4dea:T=1697444532:RT=1697444532:S=ALNI_MYHd7A2c_rfPPmd-n9olWmT4A3csQ
.taptobox.com/	1970-01-21 00:52:20	Name: __gpi Value: UID=00000c99fcf8020f:T=1697444532:RT=1697444532:S=ALNI_Mb4ydR-4pMRtYd3KMKih7ok1NgTUw
.doubleclick.net/	1970-01-20 15:30:48	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-21 00:52:20	Name: IDE Value: AHWqTUkoY8OvTb5lOlaGJTnJqnd6ExWSpVLfNuXNo048Da9cvEIx6fOUCR2-W7YBw2I
.googleadservices.com/	1970-01-20 17:40:20	Name: ar_debug Value: 1
.mc.yandex.com/	1970-01-20 15:30:45	Name: sync_cookie_csrf Value: 4046256077fake
.mc.yandex.ru/	1970-01-20 15:30:45	Name: sync_cookie_csrf Value: 2829736783fake
.mc.yandex.com/	1970-01-20 15:32:10	Name: sync_cookie_ok Value: synced
.yandex.ru/	1970-01-21 01:06:44	Name: yandexuid Value: 3144852551697444532
.yandex.ru/	1970-01-21 01:06:44	Name: yuidss Value: 3144852551697444532
.yandex.ru/	1970-01-21 01:06:44	Name: i Value: gY00Clxo1IQc9sVVqeJ1XkN2I3WQdPtA8Z+NX8dkKSkpTl5GR+vBaTmiehLYNnEKhQ21I1CaoVFeZKN1H1+51fqPxZU=

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20231011/r20110914/zrt_lookup.html?fsb=1#RS-3-&adk=1812271801&client=ca-pub-8248666120992444&fa=1&ifi=4&uci=a!4&btvi=1&xpc=gBYcYaWAFR&p=https%3A//www.taptobox.com Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
googleads.g.doubleclick.net
mc.yandex.com
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
www.taptobox.com
172.217.18.98
2606:4700::6812:a96
2606:4700::6812:b96
2a00:1450:4001:808::2003
2a00:1450:4001:80b::2002
2a00:1450:4001:81c::200a
2a00:1450:4001:827::2004
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a02:6b8::1:119
003fffcd4e614a4719da6f886bd221851da79915061393b248af55fe0ddf9476
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
0c5216d8a41cd8c0b0ffd2c02e66329e2c14bf946e33abc4483a137215adef59
175b28f718ff7884f1888724e41e572ce8dcfd4c92dea9e839e6fc88ee655689
17b8b981a4a238e49a5d452b7ea8c316b202ade61b2bed9bba75be778f72bc50
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1ed7041e0ac3859ced5f51a2128d4f7b4b5b7245a5b7c1775ded35669553e574
2eb5f8728931c27f638cc23d9ffb51aa39c74bd88a83a52879239137d83e117a
303348d0fbc86bab21a4c6b60c84e13a452faf5be8af124cddb46520f8c8a4d1
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
316871a0d339f8dcc554ea7fbdda4f5be679362e9ddeea9454f427cac5c69ad6
36777e72e1f6dffdfdff341f01b8a403c0899681ad084e58741d0247d552ef61
38cbf50e3a1eec659a5287bcb47e8db8a2a80f784496aa2494ee933f1661d185
3a6a7c52a2a3ccf340a31c4d570fed3dd80861a5417e769d139ae02183bce06e
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3cdcb70645913df3dfa5e7041695366e7d1aab3fa8fef1aa3ef7c8a4c9174d4f
414a5017835420b63b0e8b88c430acf82320bf83322282f07d42d6dd05ca581c
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
48cbd2307a888eca5a567917d9b58cd8e99ad57c51221f2c9be8780fd7756998
4e8cd5d44ff898a4b1c2af1d9ad23acaa88356265a25e1420b0fc6786995cfa8
5089f7cf802f47dfb432c3a8cbe578b45780241e7acb982cb6034b38a407b881
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
5276ce765b43635355a6f015488309ce0f6ecebea882b8b9c7f894ae3587a2e2
5405d087f0e134349eef8db3be7a1a3f27eab65bbd0e3e3d5d41f72cff7110aa
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5d4234a564c1c16938d2e6245e65c2763069b3c490e7bbab4b5fe8d3170b3f65
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
656a87350bed0a276e388d71efed78fdd15b8dd630183d87e480a7e2cec0522e
7cd7e56cf64f43fe258d51287d8d3a66aa801216ca120e1b0f8d3d7c76765dca
7e633b623c0a583bfd0faa2e8ddbedf076e711868262bc8122ef486d7ace2e85
8624d08aebefc2a58d269c5b26d90d665f39328bca6528034c40d59e598a98c5
93236cdc468127565a6e950d2311bdc9ddae0ce7d9fba547f9496e7c976ae6c8
93340594a3f629999eacb6d03aac3d49a76ca9023c18a90bce7e7e8d3ef9a68c
95a200082c5836971b030c9732941ec5ab97b3986fc8909c4a0ec8338f9b9061
98b06c157528224f221ae0bb21ba09c841eeb5d045c43e2bb6397ff53e57aa3d
a239e950d8a4031a97e60456b411224e739d457f0372d5e3555d0b7b99737d8a
a491a7b7a24b52ae6dd7dbcb4ac13b6f5f6ff714d69c021c269b065a6a2e1f3e
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
b1760e4811565b6ecf850b4aa9f0d8e73b297c53052e171031f591b5a65d079c
b2e4a3b4a7ecff1074eeba038bb34343bc07d1adac4244b99d0a44b1e93c4d2d
b58ba0eab72e9ba1b15bc09b6318479f18c7b2f0cef4952edacb246198f5e3ef
b8b76cdbd5c450aaeb5021871a253873092e8eadb245e18b65273174dcaabfce
c0db77254dade537228f98e00df62833936d2879ad917b7f6b76c0f59cc7e9e2
c21240fb81d6d995dd3024f6bdf399c6d35c85edd9b730a77d531036ad0cd739
c3bb23881ec6ff46c9df6f2ab3d597c7f1b96a01de413481f737b203efc98a90
c4d91f74c858f64377d3773cb0f230e5f6bfe3bf2a96c864a42bfcab16484172
cefb4359419828caa397712613224f4fd3d9f67a9a44b81b8c87296ba5ba81ae
d4433eb8e3ba6dea8c79d862507fa1b27157c9821da83b5ac777fecc1a6127d8
d75e5502fdaa229764faa1a46d664449b136c2a1337998128d80aca7194120d4
da8503d5ed322531bfa3dddb117d87233145af1c8961aa3e39a32ead3d69c419
dedaaf36fcc069f97351032cd7d04ef07a5a117e1af8f74dd5e36d21d02a15fa
e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20
e0b174f7ec310b7857cbc9cbb707660407cd053c36943b048717812ae7717d3f
e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013
e1b93258acbb3cb163301dce5fe9576d8143704a46f3acc206cb5dda5ab52fea
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f9e47f2b9ee04a1710d0b2d2fbc266162ad47135f730440a5821ce8e40fab2
e86f944f6d1727d45c38428ad057fd54f77c4fd18f2b75278e7d59273c8a79cf
e9597987b6f5f6a1e2c0a9bb76f9728ad3bda5548c3b1341dac1e7708c18ee7e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f9eb19cd52554e001a7042ff52656614053acd91de492d83b64191ff87f28572
ffb7bfb84afcc682549e04af5054b939857c41ff32f58cde2832d95f3a0a7935

www.taptobox.com Open in urlscan Pro 2606:4700::6812:b96 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

82 Requests

91 %HTTPS

91 %IPv6

10 Domains

12 Subdomains

11 IPs

3 Countries

2011 kBTransfer

5786 kBSize

21 Cookies

1 Outgoing links

Page URL History

Redirected requests

82 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 13 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.taptobox.com Open in urlscan Pro
2606:4700::6812:b96 Public Scan

Screenshot
Live screenshot

Full Image

82
Requests

91 %
HTTPS

91 %
IPv6

10
Domains

12
Subdomains

11
IPs

3
Countries

2011 kB
Transfer

5786 kB
Size

21
Cookies

82 HTTP transactions
13 data transactions