a3.a3erf.com Open in urlscan Pro
2606:4700:3033::6815:4f2b Public Scan

Go To Rescan
Add Verdict Report

URL:
http://a3.a3erf.com/
Submission: On January 31 via manual (January 31st 2023, 6:30:11 am UTC) from KR — Scanned from DE

Summary HTTP 161 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 18 IPs in 7 countries across 23 domains to perform 161 HTTP transactions. The main IP is 2606:4700:3033::6815:4f2b, located in United States and belongs to CLOUDFLARENET, US. The main domain is a3.a3erf.com.

This is the only time a3.a3erf.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6 28	2606:4700:303... 2606:4700:3033::6815:4f2b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
4	2606:4700:303... 2606:4700:3037::ac43:8ded	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	2a00:1450:400... 2a00:1450:400d:80d::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400d:807::2002	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1 35	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:400d:802::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:802::2006	15169 (GOOGLE) (GOOGLE)
3 6	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
12	142.251.208.98 142.251.208.98	15169 (GOOGLE) (GOOGLE)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
3 3	18.196.150.104 18.196.150.104	16509 (AMAZON-02) (AMAZON-02)
2 2	35.210.53.219 35.210.53.219	19527 (GOOGLE-2) (GOOGLE-2)
4 4	37.157.5.141 37.157.5.141	198622 (ADFORM) (ADFORM)
2 2	52.57.33.86 52.57.33.86	16509 (AMAZON-02) (AMAZON-02)
2	185.86.139.93 185.86.139.93	201081 (SMARTADSE...) (SMARTADSERVER)
1 1	185.29.132.245 185.29.132.245	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	2600:9000:223... 2600:9000:223f:6800:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
3 3	213.19.147.44 213.19.147.44	3356 (LEVEL3) (LEVEL3)
2 2	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
2 2	185.89.210.212 185.89.210.212	29990 (ASN-APPNEX) (ASN-APPNEX)
161	18

28 2606:4700:3033::6815:4f2b (United States) 6 redirects

ASN13335 (CLOUDFLARENET, US)

a3.a3erf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a3erf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3037::ac43:8ded (United States)

ASN13335 (CLOUDFLARENET, US)

a3.a3erf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:400d:80d::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:807::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:400d:802::2002 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:802::2006 (Ireland)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.251.208.98 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s41-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.196.150.104 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-150-104.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.210.53.219 (Brussels, Belgium) 2 redirects

ASN19527 (GOOGLE-2, US)
PTR: 219.53.210.35.bc.googleusercontent.com

pool.admedo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.5.141 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.57.33.86 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-33-86.eu-central-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.139.93 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.245 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:6800:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.44 (United Kingdom) 3 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.212 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
55	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	524 KB
34	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 29 static.doubleclick.net — Cisco Umbrella Rank: 214 cm.g.doubleclick.net — Cisco Umbrella Rank: 211	451 KB
32	a3erf.com 6 redirects a3.a3erf.com a3erf.com	967 KB
20	gstatic.com fonts.gstatic.com www.gstatic.com	276 KB
8	google.com 3 redirects adservice.google.com — Cisco Umbrella Rank: 70 www.google.com — Cisco Umbrella Rank: 2	1 KB
8	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 34	7 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 186	337 KB
4	adform.net 4 redirects c1.adform.net — Cisco Umbrella Rank: 568	2 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 281	2 KB
2	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 409	2 KB
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 329	955 B
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 507	2 KB
2	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 782	89 B
2	360yield.com 2 redirects match.360yield.com — Cisco Umbrella Rank: 2166	790 B
2	admedo.com 2 redirects pool.admedo.com — Cisco Umbrella Rank: 4461	745 B
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 726 s.tribalfusion.com — Cisco Umbrella Rank: 1733	1 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8741	696 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 905	576 B
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 685	444 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 453	863 B
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 596	98 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 556	545 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 858	601 B
161	23

	Domain	Requested by
35	tpc.googlesyndication.com	1 redirects googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
26	a3.a3erf.com	a3.a3erf.com
20	pagead2.googlesyndication.com	a3.a3erf.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
19	googleads.g.doubleclick.net	pagead2.googlesyndication.com a3.a3erf.com googleads.g.doubleclick.net
13	www.gstatic.com	googleads.g.doubleclick.net
12	cm.g.doubleclick.net	googleads.g.doubleclick.net a3.a3erf.com
8	fonts.googleapis.com	a3.a3erf.com googleads.g.doubleclick.net
7	www.googletagservices.com	googleads.g.doubleclick.net
7	fonts.gstatic.com	fonts.googleapis.com
6	www.google.com	3 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
6	a3erf.com	6 redirects
4	c1.adform.net	4 redirects
3	x.bidswitch.net	3 redirects
3	static.doubleclick.net	googleads.g.doubleclick.net
2	secure.adnxs.com	2 redirects
2	eb2.3lift.com	2 redirects
2	sync.1rx.io	2 redirects
2	ssbsync.smartadserver.com	googleads.g.doubleclick.net
2	match.360yield.com	2 redirects
2	pool.admedo.com	2 redirects
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
1	sync.targeting.unrulymedia.com	1 redirects
1	s.ad.smaato.net	1 redirects
1	sync.mathtag.com	1 redirects
1	id.rlcdn.com	googleads.g.doubleclick.net
1	sync-tm.everesttech.net	1 redirects
1	s.tribalfusion.com	googleads.g.doubleclick.net
1	a.tribalfusion.com	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
161	30

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
instagram.com
t.me
a3erf.com

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-04-13` - `2023-04-12`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh

This page contains 24 frames:

Primary Page: http://a3.a3erf.com/
Frame ID: 2A7D86656C262BD199F5A68DB880CAB7
Requests: 46 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230125/r20190131/zrt_lookup.html
Frame ID: 660C425069299871E219845F2A1CB06C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7909474700583821&output=html&adk=1812271804&adf=3025194257&lmt=1675146606&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=188x540_l%7C188x540_r&format=0x0&url=http%3A%2F%2Fa3.a3erf.com%2F&ea=0&pra=5&wgl=1&dt=1675146606244&bpp=13&bdt=437&idt=243&shv=r20230125&mjsv=m202301250201&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6359631033286&frm=20&pv=2&ga_vid=961463959.1675146607&ga_sid=1675146607&ga_hid=535878897&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071789%2C31071927%2C44779793&oid=2&pvsid=3767187551863985&tmod=2143684316&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=269
Frame ID: 595DE342B7B77D37EFC8EC3DD1E29714
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7909474700583821&output=html&h=280&adk=866474670&adf=1949928142&pi=t.aa~a.433145973~rp.4&w=1150&fwrn=4&fwrnh=100&lmt=1675146606&rafmt=1&to=qs&pwprc=2234414854&format=1150x280&url=http%3A%2F%2Fa3.a3erf.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675146606257&bpp=1&bdt=450&idt=259&shv=r20230125&mjsv=m202301250201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6359631033286&frm=20&pv=1&ga_vid=961463959.1675146607&ga_sid=1675146607&ga_hid=535878897&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=225&ady=182&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071789%2C31071927%2C44779793&oid=2&pvsid=3767187551863985&tmod=2143684316&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Li8sNa0A7x&p=http%3A//a3.a3erf.com&dtd=261
Frame ID: D018C1B5D2B35E8287AE1E247FF10699
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7909474700583821&output=html&h=280&adk=3088186576&adf=1706824535&pi=t.aa~a.1697495260~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1675146607&rafmt=1&to=qs&pwprc=2234414854&format=1200x280&url=http%3A%2F%2Fa3.a3erf.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675146607477&bpp=1&bdt=1669&idt=-M&shv=r20230125&mjsv=m202301250201&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd9d07d0e05288ba2-22a2d4c27bdb00c0%3AT%3D1675146606%3ART%3D1675146606%3AS%3DALNI_Mb2QYVxdfH-Z9WzUo8baZAqUa3ubg&gpic=UID%3D0000099948bdf7a6%3AT%3D1675146606%3ART%3D1675146606%3AS%3DALNI_MannawUGVH_sZv_3uATujNHK8EdSQ&prev_fmts=0x0%2C1150x280&nras=3&correlator=6359631033286&frm=20&pv=1&ga_vid=961463959.1675146607&ga_sid=1675146607&ga_hid=535878897&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2744&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071789%2C31071927%2C44779793&oid=2&pvsid=3767187551863985&tmod=2143684316&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=us5zgUuxJs&p=http%3A//a3.a3erf.com&dtd=9
Frame ID: 8C008FA7BFE7677BEC7D2CEBDECFFDD3
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7909474700583821&output=html&h=280&adk=3375793728&adf=3109382988&pi=t.aa~a.1574040237~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1675146607&rafmt=1&to=qs&pwprc=2234414854&format=1200x280&url=http%3A%2F%2Fa3.a3erf.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675146607477&bpp=1&bdt=1669&idt=1&shv=r20230125&mjsv=m202301250201&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd9d07d0e05288ba2-22a2d4c27bdb00c0%3AT%3D1675146606%3ART%3D1675146606%3AS%3DALNI_Mb2QYVxdfH-Z9WzUo8baZAqUa3ubg&gpic=UID%3D0000099948bdf7a6%3AT%3D1675146606%3ART%3D1675146606%3AS%3DALNI_MannawUGVH_sZv_3uATujNHK8EdSQ&prev_fmts=0x0%2C1150x280%2C1200x280&nras=4&correlator=6359631033286&frm=20&pv=1&ga_vid=961463959.1675146607&ga_sid=1675146607&ga_hid=535878897&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=3034&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071789%2C31071927%2C44779793&oid=2&pvsid=3767187551863985&tmod=2143684316&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=TAKKL51qpw&p=http%3A//a3.a3erf.com&dtd=13
Frame ID: 33FE9E13D5E60E48007F94C64A3E5C09
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/zrt_lookup.html?fsb=1
Frame ID: 3843FA369A993DFAF2EE31E279F8DF2E
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/zrt_lookup.html?fsb=1
Frame ID: 842D8A3EC53FE09A383A839370387577
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/zrt_lookup.html?fsb=1
Frame ID: 5349DACA0924034B191D98E50074C631
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/zrt_lookup.html?fsb=1
Frame ID: 9CC70F5C79D8903EAEC2010747654EDF
Requests: 15 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 8EDF563F81219EC7CB23C62C53AC7C35
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: AECC43874C245FC099D72045B1CF8660
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: CD4BC106D84A6D51F898422543FC503C
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1Uo-GdYM8jmzkTe9Iw9agpx9XEOhCewo_y8ZrL7aHhw.js
Frame ID: 2491224D1E05586E0B10C1640F8D65B0
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1Uo-GdYM8jmzkTe9Iw9agpx9XEOhCewo_y8ZrL7aHhw.js
Frame ID: 11F8E6EF34C5185C8CB31AC443AB8CDD
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1Uo-GdYM8jmzkTe9Iw9agpx9XEOhCewo_y8ZrL7aHhw.js
Frame ID: 2F6BB71326B90F1BA8EB67EE1A92CEB4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C07ED6140EB8B236C461DAE674C7E0CC
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: AADEF8C8A57B0046A8F9A279A9C3D0F8
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 942ABFE67F4988D3BF19BFA17CE4C68A
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1Uo-GdYM8jmzkTe9Iw9agpx9XEOhCewo_y8ZrL7aHhw.js
Frame ID: F8A1C67A9B00F8BEFA713FDBE3C806DC
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1Uo-GdYM8jmzkTe9Iw9agpx9XEOhCewo_y8ZrL7aHhw.js
Frame ID: C9CE94E46FFE0ABD5B610AA9E0D07A2A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1Uo-GdYM8jmzkTe9Iw9agpx9XEOhCewo_y8ZrL7aHhw.js
Frame ID: 70749093C4470E9F00943B16A863CF43
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CE0CFFE7154C9B5D6445B2BBCB157B86
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 10CFDBF0F1D5BFE3FF528A88E760C6EC
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

اعرف

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

161
Requests

79 %
HTTPS

56 %
IPv6

23
Domains

30
Subdomains

18
IPs

7
Countries

2563 kB
Transfer

6152 kB
Size

22
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/a3erfcom

Search URL Search Domain Scan URL

URL: https://twitter.com/a3erfcom

Search URL Search Domain Scan URL

URL: https://instagram.com/a3erf

Search URL Search Domain Scan URL

URL: https://t.me/a3erf

Search URL Search Domain Scan URL

URL: https://a3erf.com/
Title: الرئيسية

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://a3erf.com/wp-content/uploads/2021/10/l.jpg HTTP 301
https://a3.a3erf.com/wp-content/uploads/2021/10/l.jpg

Request Chain 10

https://a3erf.com/wp-content/uploads/2021/10/l-1.jpg HTTP 301
https://a3.a3erf.com/wp-content/uploads/2021/10/l-1.jpg

Request Chain 25

https://a3erf.com/wp-content/uploads/2021/08/%D8%A7%D8%B9%D8%A7%D8%AF%D8%A9-%D8%AA%D8%B4%D8%BA%D9%8A%D9%84-%D8%A7%D9%84%D9%87%D8%A7%D8%AA%D9%81-1.jpg HTTP 301
https://a3.a3erf.com/wp-content/uploads/2021/08/%D8%A7%D8%B9%D8%A7%D8%AF%D8%A9-%D8%AA%D8%B4%D8%BA%D9%8A%D9%84-%D8%A7%D9%84%D9%87%D8%A7%D8%AA%D9%81-1.jpg

Request Chain 26

https://a3erf.com/wp-content/uploads/2021/11/Screenshot_%D9%A2%D9%A0%D9%A2%D9%A1-%D9%A1%D9%A1-%D9%A2%D9%A1-%D9%A2%D9%A3-%D9%A4%D9%A8-%D9%A5%D9%A5-%D9%A2%D9%A9%D9%A9_io.va_.exposed64-144x300.jpg HTTP 301
https://a3.a3erf.com/wp-content/uploads/2021/11/Screenshot_%D9%A2%D9%A0%D9%A2%D9%A1-%D9%A1%D9%A1-%D9%A2%D9%A1-%D9%A2%D9%A3-%D9%A4%D9%A8-%D9%A5%D9%A5-%D9%A2%D9%A9%D9%A9_io.va_.exposed64-144x300.jpg

Request Chain 27

https://a3erf.com/wp-content/uploads/2021/11/FingerSecurity-300x150.jpg HTTP 301
https://a3.a3erf.com/wp-content/uploads/2021/11/FingerSecurity-300x150.jpg

Request Chain 28

https://a3erf.com/wp-content/uploads/2021/11/Screenshot_%D9%A2%D9%A0%D9%A2%D9%A1-%D9%A1%D9%A1-%D9%A0%D9%A1-%D9%A1%D9%A4-%D9%A0%D9%A8-%D9%A2%D9%A4-%D9%A1%D9%A2%D9%A8_com.android.vending.jpg HTTP 301
https://a3.a3erf.com/wp-content/uploads/2021/11/Screenshot_%D9%A2%D9%A0%D9%A2%D9%A1-%D9%A1%D9%A1-%D9%A0%D9%A1-%D9%A1%D9%A4-%D9%A0%D9%A8-%D9%A2%D9%A4-%D9%A1%D9%A2%D9%A8_com.android.vending.jpg

Request Chain 79

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr3ZqF_gEQgAgYgAgyCFFyRh2Ouq9r HTTP 301
https://tpc.googlesyndication.com/simgad/624907996767536446

Request Chain 89

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 112

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 133

https://a.tribalfusion.com/i.match?p=b6&u=CAESEAJzNAXSNdhoTAHpXftJA8I&google_cver=1&google_push=Aa02lx_Mf4LuOdjjYskpsia6mwrf_HZ8du963qHiDx3phbwyfx7lVlo7wU8kEhoBF776jbWHKGZdYRQ9Dcy4lmTLi_jrsONvz_b4UQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx_Mf4LuOdjjYskpsia6mwrf_HZ8du963qHiDx3phbwyfx7lVlo7wU8kEhoBF776jbWHKGZdYRQ9Dcy4lmTLi_jrsONvz_b4UQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEAJzNAXSNdhoTAHpXftJA8I&google_cver=1&google_push=Aa02lx_Mf4LuOdjjYskpsia6mwrf_HZ8du963qHiDx3phbwyfx7lVlo7wU8kEhoBF776jbWHKGZdYRQ9Dcy4lmTLi_jrsONvz_b4UQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx_Mf4LuOdjjYskpsia6mwrf_HZ8du963qHiDx3phbwyfx7lVlo7wU8kEhoBF776jbWHKGZdYRQ9Dcy4lmTLi_jrsONvz_b4UQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 134

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESENydwGCQwxgR4i51_3LXcXQ&google_cver=1&google_push=Aa02lx9pvmzRRsMEGBC3K-349BzZvmyMi-Vt1nsNvQyFtTTv7Bi2tgKXnL9UG-VrVf8CUgBtBWN8XUHFZCgnT-l-_twhlStvrK_Qrw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENydwGCQwxgR4i51_3LXcXQ&google_push=Aa02lx9pvmzRRsMEGBC3K-349BzZvmyMi-Vt1nsNvQyFtTTv7Bi2tgKXnL9UG-VrVf8CUgBtBWN8XUHFZCgnT-l-_twhlStvrK_Qrw

Request Chain 136

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEPs_S82rU5LMveS91O4yBoo&google_cver=1&google_push=Aa02lx9agZ4-Itxle46cqLeZoNODk6EAXZ9Szao1qOjUh5CV6fqh4Za7X7Ip9q0DMfN9V57D4FGb0aqkiyVEGj8s0bqnQDYBruYohPA HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEPs_S82rU5LMveS91O4yBoo&google_cver=1&google_push=Aa02lx9agZ4-Itxle46cqLeZoNODk6EAXZ9Szao1qOjUh5CV6fqh4Za7X7Ip9q0DMfN9V57D4FGb0aqkiyVEGj8s0bqnQDYBruYohPA HTTP 302
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=e1776874-5349-44c1-bd52-41e8983e51f3 HTTP 302
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=e1776874-5349-44c1-bd52-41e8983e51f3 HTTP 302
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=3b10442f-7df4-44c0-8520-be0311322f53&user_group=1&ssp=google&bsw_param=e1776874-5349-44c1-bd52-41e8983e51f3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx9agZ4-Itxle46cqLeZoNODk6EAXZ9Szao1qOjUh5CV6fqh4Za7X7Ip9q0DMfN9V57D4FGb0aqkiyVEGj8s0bqnQDYBruYohPA&google_hm=4XdodFNJRMG9UkHomD5R8w==

Request Chain 137

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMqW4IAS8ZYaoX4gMfNJUxo&google_cver=1&google_push=Aa02lx-jtyhLzkU5gCVY2djIO1W_eQrbEOyZsE9aKiu3HmC2lDIb4VewwFjBueadlSbqY1LxjnYzAPNKkF_7NLQGUztMzvgd00bVLgk HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMqW4IAS8ZYaoX4gMfNJUxo&google_cver=1&google_push=Aa02lx-jtyhLzkU5gCVY2djIO1W_eQrbEOyZsE9aKiu3HmC2lDIb4VewwFjBueadlSbqY1LxjnYzAPNKkF_7NLQGUztMzvgd00bVLgk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTQwNDIwNDk4NjM5ODMwODc3NQ&google_push=Aa02lx-jtyhLzkU5gCVY2djIO1W_eQrbEOyZsE9aKiu3HmC2lDIb4VewwFjBueadlSbqY1LxjnYzAPNKkF_7NLQGUztMzvgd00bVLgk

Request Chain 138

https://match.360yield.com/match/ebda?google_gid=CAESEJUJkOzs5Fdz0b3olp-XgkU&google_cver=1&google_push=Aa02lx9F_Q3Y7678OfQDxbUP4pQcdNG1iMp6eynqLNnXCLBnNmUo7lre_IFdR-Tdw280bcIidSyPlizpL7x36CO3SXj8xDdcKxRgjQ HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEJUJkOzs5Fdz0b3olp-XgkU&google_cver=1&google_push=Aa02lx9F_Q3Y7678OfQDxbUP4pQcdNG1iMp6eynqLNnXCLBnNmUo7lre_IFdR-Tdw280bcIidSyPlizpL7x36CO3SXj8xDdcKxRgjQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=ARy6rc8-SSyfeLRjfBvtfw&google_push=Aa02lx9F_Q3Y7678OfQDxbUP4pQcdNG1iMp6eynqLNnXCLBnNmUo7lre_IFdR-Tdw280bcIidSyPlizpL7x36CO3SXj8xDdcKxRgjQ

Request Chain 143

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 146

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEGBM0ZaQj1-HrzoU6Z2lAw0&google_cver=1&google_push=Aa02lx-LSSPBvEdfPpUQeTnL2duGBsLpg8ccyTMMuuc0NY3m_k1s1ewWRIB_Ts3UZ8sFNpjgydZqJgCtqv07z8s5R2bEyB7r18famdY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx-LSSPBvEdfPpUQeTnL2duGBsLpg8ccyTMMuuc0NY3m_k1s1ewWRIB_Ts3UZ8sFNpjgydZqJgCtqv07z8s5R2bEyB7r18famdY

Request Chain 147

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEACh_No3pndjTvSHTbizQ-w&google_cver=1&google_push=Aa02lx88qtYWHBYhHPXPHgtFXlf5Zvx2Gl12vii6cCLG9ktsytUOcjctPGRYhFasNhL0DxctfSBD7HGKeyD8G_oXCQEWFNNYThisxg HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEACh_No3pndjTvSHTbizQ-w&google_cver=1&google_push=Aa02lx88qtYWHBYhHPXPHgtFXlf5Zvx2Gl12vii6cCLG9ktsytUOcjctPGRYhFasNhL0DxctfSBD7HGKeyD8G_oXCQEWFNNYThisxg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njk4NjUyNTQ3NzIxNDg1MDcyNA&google_push=Aa02lx88qtYWHBYhHPXPHgtFXlf5Zvx2Gl12vii6cCLG9ktsytUOcjctPGRYhFasNhL0DxctfSBD7HGKeyD8G_oXCQEWFNNYThisxg

Request Chain 148

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEDEWAtGz3ah5bXlU13u_TE0&google_cver=1&google_push=Aa02lx9SmKKsjukS4pOpWyfO_pqQ4AeylsS5wS3nGGd_Qr8V3dEhaRF8uZZlmXRfLh8XISscWG9yazNibygE1XMsMRCdNubbvzW_onU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx9SmKKsjukS4pOpWyfO_pqQ4AeylsS5wS3nGGd_Qr8V3dEhaRF8uZZlmXRfLh8XISscWG9yazNibygE1XMsMRCdNubbvzW_onU

Request Chain 149

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEKuh3jGSTjg6Sv_kvMHCoxo&google_cver=1&google_push=Aa02lx_RJJ1GkUTp9DHxvEgmI_Zn7_molNgBYgCXUEIhP7EjLPUuTz0U-MIdYO0D_1E_s0Y5xk_xS4XtnNfjecSZo6erUoq5Lc_ijg HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=Aa02lx_RJJ1GkUTp9DHxvEgmI_Zn7_molNgBYgCXUEIhP7EjLPUuTz0U-MIdYO0D_1E_s0Y5xk_xS4XtnNfjecSZo6erUoq5Lc_ijg&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1675146608501 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-1c0c9864-270b-4507-b484-a5a85dea53c9-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAa02lx_RJJ1GkUTp9DHxvEgmI_Zn7_molNgBYgCXUEIhP7EjLPUuTz0U-MIdYO0D_1E_s0Y5xk_xS4XtnNfjecSZo6erUoq5Lc_ijg%26google_hm%3DAxwMmGQnC0UHtISlqF3qU8k HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx_RJJ1GkUTp9DHxvEgmI_Zn7_molNgBYgCXUEIhP7EjLPUuTz0U-MIdYO0D_1E_s0Y5xk_xS4XtnNfjecSZo6erUoq5Lc_ijg&google_hm=AxwMmGQnC0UHtISlqF3qU8k

Request Chain 150

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEPpPmN5k5OVTlQUni1EBiaA&google_cver=1&google_push=Aa02lx-qJkTwc0IjIXcoq7jUhj5zM43b55h3pagv1coWoyGWQJBiH5fuuLTfKB90hr7_2X_AjrBBefxzNOyIFpL6sT9E0QzpQ2nk9A HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx-qJkTwc0IjIXcoq7jUhj5zM43b55h3pagv1coWoyGWQJBiH5fuuLTfKB90hr7_2X_AjrBBefxzNOyIFpL6sT9E0QzpQ2nk9A&google_gid=CAESEPpPmN5k5OVTlQUni1EBiaA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTQ4OTE5NDUxNzgwODg1OTYyNTAwNg%3D%3D&google_push=Aa02lx-qJkTwc0IjIXcoq7jUhj5zM43b55h3pagv1coWoyGWQJBiH5fuuLTfKB90hr7_2X_AjrBBefxzNOyIFpL6sT9E0QzpQ2nk9A

Request Chain 152

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEBROBOqgdXgy4ZtZRR4w8k0&google_cver=1&google_push=Aa02lx-46_JdD9sXpITWYnwRd2mj-xMws9E4jSMlSujlWiJSyJFco61k2XMpf0DkcpVJ57wdaG182Y7wiCBrqK_anPZ10MDGkOrYXryd HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEBROBOqgdXgy4ZtZRR4w8k0%26google_cver%3D1%26google_push%3DAa02lx-46_JdD9sXpITWYnwRd2mj-xMws9E4jSMlSujlWiJSyJFco61k2XMpf0DkcpVJ57wdaG182Y7wiCBrqK_anPZ10MDGkOrYXryd HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTQ3NjE0ODgyMjg4ODIwNDMxMQ%3D%3D&google_gid=CAESEBROBOqgdXgy4ZtZRR4w8k0&google_cver=1&google_push=Aa02lx-46_JdD9sXpITWYnwRd2mj-xMws9E4jSMlSujlWiJSyJFco61k2XMpf0DkcpVJ57wdaG182Y7wiCBrqK_anPZ10MDGkOrYXryd

161 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
a3.a3erf.com/ 79 KB
15 KB 512ms
479ms Document
text/html 2606:4700:3033::6815:4f2b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://a3.a3erf.com/
Protocol: HTTP/1.1
Server: 2606:4700:3033::6815:4f2b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a402898a85d2a7c7fe6f7f182ebd8a89bb0d71af64b59a1bdd86a2831b5bbb68

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 7920658b3c712baf-FRA
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Tue, 31 Jan 2023 06:30:05 GMT
Link: <https://a3.a3erf.com/wp-json/>; rel="https://api.w.org/"
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6bDAwBdhJGfjob%2F1N3DT7BmVUmbta3Zwd392ksvqPTh1FETQFd%2BKunJQScW4%2FhQjnkIw4gjjXCw7ABWronFYbtlnkQuGDe5CXkETUbl35a8hUhK91cw9OKxMX6WxVdqgUAtxCoH%2FvNuok%2BY%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK style-rtl.min.css
a3.a3erf.com/wp-includes/css/dist/block-library/ 93 KB
13 KB 46ms
45ms Stylesheet
text/css 2606:4700:3033::6815:4f2b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://a3.a3erf.com/wp-includes/css/dist/block-library/style-rtl.min.css?ver=6.1.1
Requested by: Host: a3.a3erf.com
URL: http://a3.a3erf.com/
Protocol: HTTP/1.1
Server: 2606:4700:3033::6815:4f2b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05d33bce3fc1753bcb9f94f51a7536cb621411492720236a663a7d28e2731359

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://a3.a3erf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 31 Jan 2023 06:30:05 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 12483
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 16 Nov 2022 05:01:57 GMT
Server: cloudflare
ETag: "17226-5ed8f5f3e7134-gzip"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bf3GzyM1F2%2B76E6CxWdH34XaeZrFqeE92FI152BZyydcfKjLD4kLQwlwG6yNN0HVR48DlmAxL7YXxAmjNZrpl95STrJpG1uUg5Uu31xPi5L5SENW36WXdf4BKd9A%2Fy3lTBdDPhm1H%2Fg22cI%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 7920658e58fa2baf-FRA
Expires: Wed, 31 Jan 2024 06:30:05 GMT

GET
H/1.1 200
OK classic-themes.min.css
a3.a3erf.com/wp-includes/css/ 217 B
1 KB 50ms
38ms Stylesheet
text/css 2606:4700:3033::6815:4f2b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://a3.a3erf.com/wp-includes/css/classic-themes.min.css?ver=1
Requested by: Host: a3.a3erf.com
URL: http://a3.a3erf.com/
Protocol: HTTP/1.1
Server: 2606:4700:3033::6815:4f2b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://a3.a3erf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 31 Jan 2023 06:30:05 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 189
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 02 Nov 2022 05:02:12 GMT
Server: cloudflare
ETag: "d9-5ec75be559b74-gzip"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dbJrrrnthSgq7J47aTr4Y5wN0w%2BRMIZPkn6maNT2hYaoLh0eYg%2BNVVSOoF62VuMiPBRcvbYyBr7hN7F40Cb4Skm%2B6MGhG%2Ft%2Fgc%2Fq1Ad2Pofyv0QeGz8fM60BcCjWa5B9%2FTBnNRZ9cl5xSwA%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 7920658e6e392c4d-FRA
Expires: Wed, 31 Jan 2024 06:30:05 GMT

GET
H/1.1 200
OK styles.css
a3.a3erf.com/wp-content/plugins/contact-form-7/includes/css/ 3 KB
2 KB 48ms
36ms Stylesheet
text/css 2606:4700:3033::6815:4f2b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://a3.a3erf.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6
Requested by: Host: a3.a3erf.com
URL: http://a3.a3erf.com/
Protocol: HTTP/1.1
Server: 2606:4700:3033::6815:4f2b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://a3.a3erf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 31 Jan 2023 06:30:05 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 972
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 14 Jun 2022 15:29:01 GMT
Server: cloudflare
ETag: "aab-5e16a106754f8-gzip"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t1gZYdr6vZMJegDuURV5Y4KBVyWmk4Uqa3DThOsqn5vVw6fW%2BBJtj6dB%2B9VrkpVHPdQMB2SSSS54k8W14aRY7YTLPeWugZPg%2BNSJT%2FqERW6C5KZ6dyU5eUiHWGNvwGgGOejwZ%2FXPyi6pP14%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 7920658e6c0c994e-FRA
Expires: Wed, 31 Jan 2024 06:30:05 GMT

GET
H/1.1 200
OK styles-rtl.css
a3.a3erf.com/wp-content/plugins/contact-form-7/includes/css/ 152 B
985 B 51ms
33ms Stylesheet
text/css 2606:4700:3033::6815:4f2b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://a3.a3erf.com/wp-content/plugins/contact-form-7/includes/css/styles-rtl.css?ver=5.5.6
Requested by: Host: a3.a3erf.com
URL: http://a3.a3erf.com/
Protocol: HTTP/1.1
Server: 2606:4700:3033::6815:4f2b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 076956289c202e94f3657469ef81a4d47dc69d2441d088de292918d6b07d30c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://a3.a3erf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 31 Jan 2023 06:30:05 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 38144
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 121
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 14 Jun 2022 15:29:01 GMT
Server: cloudflare
ETag: "98-5e16a106754f8-gzip"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZG1xBOkCqAoUw2sSq7%2FrPsKSng5nYm5sERWG7MH3ozUOg3j43QT6mymoIAPFfvJppy79A5w%2B2Tm8d3AWk1LtqbIHaE8xhTKWwm6CorzewwD8oSwJmaXPywB7poB%2FYYhOLu1BjqHevFZ5J1Q%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 7920658e78ff9223-FRA
Expires: Tue, 30 Jan 2024 19:54:21 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 143ms
48ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700%7CRoboto:400,500,400italic&display=swap

Requested by

Host: a3.a3erf.com
URL: http://a3.a3erf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d6be6985f0e1cb05ef87c81102a3c1de6a4074912b8bc83e90a0bf75a1ce90f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://a3.a3erf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 31 Jan 2023 06:30:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 06:13:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 31 Jan 2023 06:30:05 GMT

GET
H/1.1 200
OK jquery.min.js Show response
a3.a3erf.com/wp-includes/js/jquery/ 88 KB
31 KB 99ms
54ms Script
application/x-javascript 2606:4700:3033::6815:4f2b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://a3.a3erf.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by: Host: a3.a3erf.com
URL: http://a3.a3erf.com/
Protocol: HTTP/1.1
Server: 2606:4700:3033::6815:4f2b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://a3.a3erf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 31 Jan 2023 06:30:05 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 30995
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 02 Nov 2022 05:02:12 GMT
Server: cloudflare
ETag: "15e54-5ec75be562fe3-gzip"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1H8PmvCg%2BgoN5L7Vj7VAZ17A2BNf6ROUnzQirfeqCVN8VyeGQmLUSSNlJBy%2FUXMfPoqDXt3QQbwaNh4evabahX1ZKt%2BtmiLNKRRi%2BeUwYq%2FadHG7LctMYtY74KacKMYuS3fxDJiUV8eCTU0%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 7920658ea95f2baf-FRA
Expires: Wed, 31 Jan 2024 06:30:05 GMT

GET
H/1.1 200
OK jquery-migrate.min.js Show response
a3.a3erf.com/wp-includes/js/jquery/ 11 KB
5 KB 90ms
46ms Script
application/x-javascript 2606:4700:3033::6815:4f2b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://a3.a3erf.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: a3.a3erf.com
URL: http://a3.a3erf.com/
Protocol: HTTP/1.1
Server: 2606:4700:3033::6815:4f2b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://a3.a3erf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 31 Jan 2023 06:30:05 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 4169
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 14 Jun 2022 15:29:08 GMT
Server: cloudflare
ETag: "2bd8-5e16a10d5bdc0-gzip"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cMCyCkHfqjlNEeFk5li3eSmjtNCGGcMVoDMBs4YAYNW14Qc5lwA3TtVMy555Qw90LBH%2BYtZzWH7ZehR6h%2FbAFr85egR29EEFFiEOuA19HkRJ5nWZExWAifD5fzgouINWevi2JLlPTJOxQuw%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 7920658ea8fabbec-FRA
Expires: Wed, 31 Jan 2024 06:30:05 GMT

GET
H/1.1 200
OK cb183017d8f08e4730ec87740f0e2075.css
a3.a3erf.com/wp-content/bs-booster-cache/ 881 KB
123 KB 43ms
27ms Stylesheet
text/css 2606:4700:3033::6815:4f2b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://a3.a3erf.com/wp-content/bs-booster-cache/cb183017d8f08e4730ec87740f0e2075.css
Requested by: Host: a3.a3erf.com
URL: http://a3.a3erf.com/
Protocol: HTTP/1.1
Server: 2606:4700:3033::6815:4f2b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61abc4682c2f4636b1619f45b4941ddcbf41ff8c467e49380641f4cafc3132d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://a3.a3erf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 31 Jan 2023 06:30:05 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 14819
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Sun, 08 Jan 2023 08:34:50 GMT
Server: cloudflare
ETag: "dc415-5f1bc862e0578-gzip"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NNHBrFIevV13qeyPrrklbL9sf4foelCLvosaLdW22iTGOYoTpt9D9PFydXwLv5jGUqwOxBFrHmcHismwfgiHWK4sI0oRjhJpV8gTkyUfPDDnykd5fGPqimTUn6czk0tLo%2FOCS1F5r%2FJDWqk%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=31536000
CF-RAY: 7920658e7d1f90af-FRA
Expires: Wed, 31 Jan 2024 02:23:06 GMT

GET
H/1.1 200
OK cc5d2dd63b97ce75a87d28f663ff8591.css
a3.a3erf.com/wp-content/bs-booster-cache/ 43 KB
7 KB 41ms
26ms Stylesheet
text/css 2606:4700:3033::6815:4f2b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://a3.a3erf.com/wp-content/bs-booster-cache/cc5d2dd63b97ce75a87d28f663ff8591.css
Requested by: Host: a3.a3erf.com
URL: http://a3.a3erf.com/
Protocol: HTTP/1.1
Server: 2606:4700:3033::6815:4f2b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6e3fbb7605b3e090d7e156c449a305a472f725335d861c94d6237ad49966f21

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://a3.a3erf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 31 Jan 2023 06:30:05 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age: 14819
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 6164
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 15 Nov 2022 10:47:25 GMT
Server: cloudflare
ETag: "aa26-5ed8014e786ac-gzip"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GAJHuBtoOwn0nVXR1Vs5HaT7mYjsHhbul8ayYHo4ieqjvnMyNo5Tv6qERu6WXuCP%2FR0ddV6BGQ38msifN9KWuSmxK13WHjS4UB8FASOEK%2Bg27iGON%2BqF77IsqssbTYwDLFYRQ0J2jImkN%2B4%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: text/css
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 7920658e78bfbbec-FRA
Expires: Wed, 31 Jan 2024 02:23:06 GMT

GET
H2

200

l.jpg
a3.a3erf.com/wp-content/uploads/2021/10/
Redirect Chain

https://a3erf.com/wp-content/uploads/2021/10/l.jpg
https://a3.a3erf.com/wp-content/uploads/2021/10/l.jpg

36 KB
36 KB

24ms
23ms

Image
image/jpeg

2606:4700:3033::6815:4f2b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a3.a3erf.com/wp-content/uploads/2021/10/l.jpg
Requested by: Host: a3.a3erf.com
URL: http://a3.a3erf.com/
Protocol: H2
Server: 2606:4700:3033::6815:4f2b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f1efaaac110c6b7b9b9a6d3224c0c9e169bd6a77049fef0d3e30c479659882c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://a3.a3erf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 06:30:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1977439
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36418
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 14 Jun 2022 15:29:05 GMT
server: cloudflare
etag: "8e42-5e16a109e336c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XGiFjy2okErhIM8DkD31rE2xGT5yGL3wN5mKJ61BaghwACqDvJyoOYyUCyLUCQOVO13a7Kxud5unZIanzLTKVAEQ4LVC3SjccPyyb19%2Fxqjq0v3GTBoR2YH2Af2qo%2F6OkzvdN7XqC9%2BCUsY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 792065900b9f2bc6-FRA
expires: Mon, 08 Jan 2024 09:12:47 GMT

Redirect headers

date: Tue, 31 Jan 2023 06:30:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NXFGEv4Afo1AyMS%2BeSMwbaMtjliJqAGzvV8AiUmLmV27XKMAL%2BlqHFQxtTlZJSnrA4Ivwbe9GzEVsDLboHSw%2F3tlXlLDNz36yhFBpp1OWsRMR8zPOvCzfm8t3asKxWLxcOSoawoNIaE%3D"}],"group":"cf-nel","max_age":604800}
location: https://a3.a3erf.com/wp-content/uploads/2021/10/l.jpg
cache-control: max-age=3600
cf-ray: 7920658fdb5f2bc6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 31 Jan 2023 07:30:06 GMT

GET
H2

200

l-1.jpg
a3.a3erf.com/wp-content/uploads/2021/10/
Redirect Chain

https://a3erf.com/wp-content/uploads/2021/10/l-1.jpg
https://a3.a3erf.com/wp-content/uploads/2021/10/l-1.jpg

36 KB
36 KB

22ms
22ms

Image
image/jpeg

2606:4700:3033::6815:4f2b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a3.a3erf.com/wp-content/uploads/2021/10/l-1.jpg
Requested by: Host: a3.a3erf.com
URL: http://a3.a3erf.com/
Protocol: H2
Server: 2606:4700:3033::6815:4f2b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f1efaaac110c6b7b9b9a6d3224c0c9e169bd6a77049fef0d3e30c479659882c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://a3.a3erf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 06:30:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1977439
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36418
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 14 Jun 2022 15:29:05 GMT
server: cloudflare
etag: "8e42-5e16a109ec7db"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P7WcOvRBpTfCAi%2FEbG0uFTpdCaQWBCAssGPO3CiLUO4Usf3Q8i8eaZ3mOaDvT7ZX1qnxBBfr%2FnXQo3EMv5GsXfTG%2Bn1OrrGM8JHGM1POcNEQ9p5pDTDaBDzPGtu6NRkh8s5Su0OBTOxjeBE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 792065900ba12bc6-FRA
expires: Mon, 08 Jan 2024 09:12:47 GMT

Redirect headers

date: Tue, 31 Jan 2023 06:30:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KChwptWG2SHfVunzWv%2Fvh%2B7B6QW6BIEMlQANUgBLZa%2FKZylL17ghkPLCwQxEpKIPlaLDErEZOrYU62FlIfB0eZ7%2Fx2LfSvtyzQtHuJ4L9SHXBdkdggMf78Fmj67QeVNcOOxYYk2RLp4%3D"}],"group":"cf-nel","max_age":604800}
location: https://a3.a3erf.com/wp-content/uploads/2021/10/l-1.jpg
cache-control: max-age=3600
cf-ray: 7920658fdb612bc6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 31 Jan 2023 07:30:06 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
49 KB 151ms
64ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7909474700583821

Requested by

Host: a3.a3erf.com
URL: http://a3.a3erf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

158d215666b3cec1bed39f25d4c0bc5b48ca549352c8162f9dab1e412e5caaea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://a3.a3erf.com/
Origin: http://a3.a3erf.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 06:30:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50022
x-xss-protection: 0
server: cafe
etag: 14601288772638119342
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 31 Jan 2023 06:30:06 GMT

GET
H/1.1 200
OK regenerator-runtime.min.js Show response
a3.a3erf.com/wp-includes/js/dist/vendor/ 6 KB
3 KB 41ms
41ms Script
application/x-javascript 2606:4700:3033::6815:4f2b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://a3.a3erf.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
Requested by: Host: a3.a3erf.com
URL: http://a3.a3erf.com/
Protocol: HTTP/1.1
Server: 2606:4700:3033::6815:4f2b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://a3.a3erf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 31 Jan 2023 06:30:05 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 2457
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 14 Jun 2022 15:29:09 GMT
Server: cloudflare
ETag: "194b-5e16a10de221f-gzip"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mf4EsO%2BVnb8pebIVcxiHjYcr5Yb9lysmOVrnfCiEDEzmb4qLNqWxEqwoJdRbJHDA%2BHB9%2FDohlT0zGj07qKjVq9o4KCpo%2FmVnlxzQlebSG6y2TUvPhC3ykogKkn3IWZR0QjdGX0iaCoKf%2FwA%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 7920658f09e22baf-FRA
Expires: Wed, 31 Jan 2024 06:30:05 GMT

GET
H/1.1 200
OK wp-polyfill.min.js Show response
a3.a3erf.com/wp-includes/js/dist/vendor/ 17 KB
7 KB 42ms
40ms Script
application/x-javascript 2606:4700:3033::6815:4f2b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://a3.a3erf.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by: Host: a3.a3erf.com
URL: http://a3.a3erf.com/
Protocol: HTTP/1.1
Server: 2606:4700:3033::6815:4f2b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://a3.a3erf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 31 Jan 2023 06:30:05 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 6532
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 02 Nov 2022 05:02:12 GMT
Server: cloudflare
ETag: "459f-5ec75be55b6cc-gzip"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hLA%2BbE1EjwBBkeQhM3%2Fh%2B9eVhgjpDCSHfJKAaFrK0rInQSthgjb4WPnC75F4lDrKYVbjBGVgK46zmFCHD4zlo3YKwQIp5TbK2mmEJms%2BOku52QNCdiqmAh81vKeLNHqL1i7%2B5flxECbzDRI%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 7920658f4a4d2baf-FRA
Expires: Wed, 31 Jan 2024 06:30:05 GMT

GET
H/1.1 200
OK index.js Show response
a3.a3erf.com/wp-content/plugins/contact-form-7/includes/js/ 9 KB
4 KB 40ms
39ms Script
application/x-javascript 2606:4700:3033::6815:4f2b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://a3.a3erf.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6
Requested by: Host: a3.a3erf.com
URL: http://a3.a3erf.com/
Protocol: HTTP/1.1
Server: 2606:4700:3033::6815:4f2b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 679e44f9b4bbbc2ad0c4000c1413fd3a88627d83f1cba8ebdac26f81bc7edb78

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://a3.a3erf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 31 Jan 2023 06:30:06 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 3286
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 14 Jun 2022 15:29:01 GMT
Server: cloudflare
ETag: "25f8-5e16a10676497-gzip"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XlULM7FvkPF04CBIQAW4mL8kQmv9oPmHrdvyX3fUAlvQDNiZYoqyM4RFz%2BFgzpt2i7INl%2FSMsDaudBIxWzYpyrKBBcZcFsQZA2tIsam%2BDcK16NAlO58hHMrcM3z%2Bhi0iv%2FXyJcQ0c9gR0ao%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 7920658faad02baf-FRA
Expires: Wed, 31 Jan 2024 06:30:06 GMT

GET
H/1.1 200
OK ffe83622ad9ffe7194882b8f2303dbea.js Show response
a3.a3erf.com/wp-content/bs-booster-cache/ 253 KB
74 KB 74ms
73ms Script
application/x-javascript 2606:4700:3033::6815:4f2b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://a3.a3erf.com/wp-content/bs-booster-cache/ffe83622ad9ffe7194882b8f2303dbea.js?ver=6.1.1
Requested by: Host: a3.a3erf.com
URL: http://a3.a3erf.com/
Protocol: HTTP/1.1
Server: 2606:4700:3033::6815:4f2b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 656a08766471b98fc8b56c5720ceef43bc20f237789a0b636960577121976d39

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://a3.a3erf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 31 Jan 2023 06:30:06 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Sun, 08 Jan 2023 08:34:50 GMT
Server: cloudflare
ETag: "3f3b0-5f1bc862eb53e-gzip"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=20Q3%2F%2B%2BJN1eqeKES0ZAjosp6vrv9w6rnxaomxC4n35s8kmoxrvm%2FE02v3mV8EfNff%2BDGZkf7WYoZw08ujfzTZCR8sWNwZrVPDHraLuIZ6VxSCgO0xuh%2FZZRRVjw1QmFH5Q%2BDK1Km8sPFErI%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
CF-RAY: 7920658faa6dbbec-FRA
Expires: Wed, 31 Jan 2024 06:30:06 GMT

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
a3.a3erf.com/wp-includes/js/ 18 KB
6 KB 44ms
43ms Script
application/x-javascript 2606:4700:3033::6815:4f2b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://a3.a3erf.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
Requested by: Host: a3.a3erf.com
URL: http://a3.a3erf.com/
Protocol: HTTP/1.1
Server: 2606:4700:3033::6815:4f2b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://a3.a3erf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 31 Jan 2023 06:30:06 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 5009
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 14 Jun 2022 15:29:09 GMT
Server: cloudflare
ETag: "48b9-5e16a10ded9b6-gzip"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DcVl42%2FVKWUzUJm1Ssw%2F6sy7ZcOObq1S5iOpQSDu3cW8JDKnfbMDJVTo%2B0XK4G%2BYpW%2FK8En7fgoVEjXe3bZET8n%2BC61jcGvScIWjkDZxcyZ91koOhZSRx%2Fxsb5yd81DgiKuJ24iyLg8V41U%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 7920658fae5d90af-FRA
Expires: Wed, 31 Jan 2024 06:30:06 GMT

GET
H/1.1 200
OK bs-icons.woff
a3.a3erf.com/wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/ 14 KB
14 KB 47ms
47ms Font
application/font-woff 2606:4700:3033::6815:4f2b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://a3.a3erf.com/wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/bs-icons.woff
Requested by: Host: a3.a3erf.com
URL: http://a3.a3erf.com/wp-content/bs-booster-cache/cb183017d8f08e4730ec87740f0e2075.css
Protocol: HTTP/1.1
Server: 2606:4700:3033::6815:4f2b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8bd7e75c205b1650b2b9feb33de1565ec74c9213a030f287e5005e726daf9d6c

Request headers

Referer: http://a3.a3erf.com/wp-content/bs-booster-cache/cb183017d8f08e4730ec87740f0e2075.css
Origin: http://a3.a3erf.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 31 Jan 2023 06:30:06 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 13847
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 14 Jun 2022 15:29:04 GMT
Server: cloudflare
ETag: "361c-5e16a108f52f1-gzip"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dEqgPyvlFSzaC4CYHTsU4UndoyObpETnEgKLCuuvnFTkpWCw2jCP3LU6omtH18UMtzuIFh5DCZ5uCumNgcI5gdLgiCzMtzylqW1UmnohmlQNafQEeLr54d8Phc9KhGuwiSg1IIe2rOISW1w%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/font-woff
Cache-Control: max-age=31536000
Accept-Ranges: bytes
CF-RAY: 7920658fb9f99223-FRA
Expires: Wed, 31 Jan 2024 06:30:06 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 134ms
48ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700%7CRoboto:400,500,400italic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://a3.a3erf.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 21:51:10 GMT
x-content-type-options: nosniff
age: 463136
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 25 Jan 2024 21:51:10 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 124ms
38ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700%7CRoboto:400,500,400italic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://a3.a3erf.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 01:29:06 GMT
x-content-type-options: nosniff
age: 104460
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 30 Jan 2024 01:29:06 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
a3.a3erf.com/wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/ 75 KB
76 KB 48ms
48ms Font
application/font-woff2 2606:4700:3033::6815:4f2b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://a3.a3erf.com/wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: a3.a3erf.com
URL: http://a3.a3erf.com/wp-content/bs-booster-cache/cb183017d8f08e4730ec87740f0e2075.css
Protocol: HTTP/1.1
Server: 2606:4700:3033::6815:4f2b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: http://a3.a3erf.com/wp-content/bs-booster-cache/cb183017d8f08e4730ec87740f0e2075.css
Origin: http://a3.a3erf.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Tue, 31 Jan 2023 06:30:06 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 14 Jun 2022 15:29:04 GMT
Server: cloudflare
ETag: "12d68-5e16a108f4739-gzip"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0emgW2R2csnXJshO%2Bb5nB9LxGnUrY4HIKhyOcyfbfm6ZTC9h2Cqp%2BwDb0epXC6BN301ENNQzJzOtlc68CAfO32v7nkS%2FIEA9TOBbMhWi0mmjAFVQ2X1oaXDk8cD4iESqNJPYTNwznEbeFbE%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/font-woff2
Cache-Control: max-age=31536000
CF-RAY: 7920658fc8942c4d-FRA
Expires: Wed, 31 Jan 2024 06:30:06 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 175ms
100ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700%7CRoboto:400,500,400italic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://a3.a3erf.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 17:08:09 GMT
x-content-type-options: nosniff
age: 566517
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Jan 2024 17:08:09 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 155ms
81ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700%7CRoboto:400,500,400italic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://a3.a3erf.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 05:36:15 GMT
x-content-type-options: nosniff
age: 3231
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 31 Jan 2024 05:36:15 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://a3.a3erf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 %D9%84%D9%85%D8%B9%D8%B1%D9%81%D8%A9-%D8%B1%D8%B5%D9%8A%D8%AF-%D8%A7%D9%94%D9%88%D8%B1%D8%A7%D9%86%D8%AC-300x158-1.jpeg
a3.a3erf.com/wp-content/uploads/2022/04/ 5 KB
5 KB 17ms
15ms Image
image/jpeg 2606:4700:3033::6815:4f2b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a3.a3erf.com/wp-content/uploads/2022/04/%D9%84%D9%85%D8%B9%D8%B1%D9%81%D8%A9-%D8%B1%D8%B5%D9%8A%D8%AF-%D8%A7%D9%94%D9%88%D8%B1%D8%A7%D9%86%D8%AC-300x158-1.jpeg
Requested by: Host: a3.a3erf.com
URL: http://a3.a3erf.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:4f2b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba0c64f791270fde6dbc9212020a73600f5cad70def3c7bca4bfb725c38e1521

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://a3.a3erf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 06:30:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1711561
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4641
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 14 Jun 2022 15:29:04 GMT
server: cloudflare
etag: "1221-5e16a1099b705"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a1jJGPDUwOLfglQOFncS5vEp7bsoI9PJON2Ux0luvlW%2FmdIe0eIfcMMChdZWmfhS297g08EgHeY4t%2FY6o2ooNMcd9cwbFH%2F%2BqqhY5u%2FwwNfzrOtMJTqP%2FPrsFluJ1RZHql6fTKzZuEUZmpM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 79206590bc7e2bc6-FRA
expires: Thu, 11 Jan 2024 11:04:05 GMT

GET
H3

200

%D8%A7%D8%B9%D8%A7%D8%AF%D8%A9-%D8%AA%D8%B4%D8%BA%D9%8A%D9%84-%D8%A7%D9%84%D9%87%D8%A7%D8%AA%D9%81-1.jpg
a3.a3erf.com/wp-content/uploads/2021/08/
Redirect Chain

https://a3erf.com/wp-content/uploads/2021/08/%D8%A7%D8%B9%D8%A7%D8%AF%D8%A9-%D8%AA%D8%B4%D8%BA%D9%8A%D9%84-%D8%A7%D9%84%D9%87%D8%A7%D8%AA%D9%81-1.jpg
https://a3.a3erf.com/wp-content/uploads/2021/08/%D8%A7%D8%B9%D8%A7%D8%AF%D8%A9-%D8%AA%D8%B4%D8%BA%D9%8A%D9%84-%D8%A7%D9%84%D9%87%D8%A7%D8%AA%D9%81-1.jpg

27 KB
28 KB

13ms
13ms

Image
image/jpeg

2606:4700:3037::ac43:8ded
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a3.a3erf.com/wp-content/uploads/2021/08/%D8%A7%D8%B9%D8%A7%D8%AF%D8%A9-%D8%AA%D8%B4%D8%BA%D9%8A%D9%84-%D8%A7%D9%84%D9%87%D8%A7%D8%AA%D9%81-1.jpg
Requested by: Host: a3.a3erf.com
URL: http://a3.a3erf.com/
Protocol: H3
Server: 2606:4700:3037::ac43:8ded , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3df0aabb8e023fd77439bcdca47ae391bb21bd31458d102ee6e93b3fdba8438

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://a3.a3erf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 06:30:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1964542
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27736
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 14 Jun 2022 15:29:05 GMT
server: cloudflare
etag: "6c58-5e16a10a49048"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XGLrAq4yizWxzc5Q9UXp85e2u%2F%2Bw1p5Hc0dphdi%2Fbv96t05644ZCoBSi1Wmg62crAkGU%2Fk5mRYpMkj2v%2BLumVV4fxWEatQyCN7oifyScj7PpvVvjWIYqN5e%2F15ugogmaS7zxz3aAEvxAbGI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 79206590cacc903c-FRA
expires: Mon, 08 Jan 2024 12:47:43 GMT

Redirect headers

date: Tue, 31 Jan 2023 06:30:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J3OTGEWL10Vl9CcsqFCzqDs2TXQK74fLOQJeiqec1rkB7iuQ1%2BhKE2f34541d9RJsZoHQ0aCXu3rIH7BzzjpVdPAIG0Ffd01KJUFrX3z7%2B6Z8oLnMo00lSGyLNcHrZpKAc2m%2BvulRfk%3D"}],"group":"cf-nel","max_age":604800}
location: https://a3.a3erf.com/wp-content/uploads/2021/08/%D8%A7%D8%B9%D8%A7%D8%AF%D8%A9-%D8%AA%D8%B4%D8%BA%D9%8A%D9%84-%D8%A7%D9%84%D9%87%D8%A7%D8%AA%D9%81-1.jpg
cache-control: max-age=3600
cf-ray: 79206590bc7f2bc6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 31 Jan 2023 07:30:06 GMT

GET
H3

200

Screenshot_%D9%A2%D9%A0%D9%A2%D9%A1-%D9%A1%D9%A1-%D9%A2%D9%A1-%D9%A2%D9%A3-%D9%A4%D9%A8-%D9%A5%D9%A5-%D9%A2%D9%A9%D9%A9_io.va_.exposed64-144x300.jpg
a3.a3erf.com/wp-content/uploads/2021/11/
Redirect Chain

https://a3erf.com/wp-content/uploads/2021/11/Screenshot_%D9%A2%D9%A0%D9%A2%D9%A1-%D9%A1%D9%A1-%D9%A2%D9%A1-%D9%A2%D9%A3-%D9%A4%D9%A8-%D9%A5%D9%A5-%D9%A2%D9%A9%D9%A9_io.va_.exposed64-144x300.jpg
https://a3.a3erf.com/wp-content/uploads/2021/11/Screenshot_%D9%A2%D9%A0%D9%A2%D9%A1-%D9%A1%D9%A1-%D9%A2%D9%A1-%D9%A2%D9%A3-%D9%A4%D9%A8-%D9%A5%D9%A5-%D9%A2%D9%A9%D9%A9_io.va_.exposed64-144x300.jpg

3 KB
4 KB

27ms
27ms

Image
image/jpeg

2606:4700:3037::ac43:8ded
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a3.a3erf.com/wp-content/uploads/2021/11/Screenshot_%D9%A2%D9%A0%D9%A2%D9%A1-%D9%A1%D9%A1-%D9%A2%D9%A1-%D9%A2%D9%A3-%D9%A4%D9%A8-%D9%A5%D9%A5-%D9%A2%D9%A9%D9%A9_io.va_.exposed64-144x300.jpg
Requested by: Host: a3.a3erf.com
URL: http://a3.a3erf.com/
Protocol: H3
Server: 2606:4700:3037::ac43:8ded , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71741a6859dfb711303d83a20f2f45faecd31f9dfe37d8849dd029457f0e2edd

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://a3.a3erf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 06:30:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 430213
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3217
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 14 Jun 2022 15:29:05 GMT
server: cloudflare
etag: "c91-5e16a10a5c4dd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OW0QUw6eUnCzUzxpbyqi%2BKzv73Ssl7MVkp%2BksREkCPrf7zkJSQdjd8Gz1Dh%2BgYTeOB0PYCdAGt7UHd7fkMRULawoR9eww2OwB0iWo26OcQ008iPEPy%2FaHpgR7u1s%2BdLv1FkzgMWklLrkpd0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 79206590cace903c-FRA
expires: Fri, 26 Jan 2024 06:59:53 GMT

Redirect headers

date: Tue, 31 Jan 2023 06:30:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jFge7O1cBJY6DPf%2F7hMpgOxFKgoJfAJWRlrH2Y6OLjzhkbxhxEHMsvREI%2FaXp1LQxMc6aNTe5ur8oJ5vb9UtVrTKr3V9NL8TAmgMfQAjjxJAZ8QimRY7YbtsyBsplXtQtJk%2FYRta9lc%3D"}],"group":"cf-nel","max_age":604800}
location: https://a3.a3erf.com/wp-content/uploads/2021/11/Screenshot_%D9%A2%D9%A0%D9%A2%D9%A1-%D9%A1%D9%A1-%D9%A2%D9%A1-%D9%A2%D9%A3-%D9%A4%D9%A8-%D9%A5%D9%A5-%D9%A2%D9%A9%D9%A9_io.va_.exposed64-144x300.jpg
cache-control: max-age=3600
cf-ray: 79206590bc822bc6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 31 Jan 2023 07:30:06 GMT

GET
H3

200

FingerSecurity-300x150.jpg
a3.a3erf.com/wp-content/uploads/2021/11/
Redirect Chain

https://a3erf.com/wp-content/uploads/2021/11/FingerSecurity-300x150.jpg
https://a3.a3erf.com/wp-content/uploads/2021/11/FingerSecurity-300x150.jpg

12 KB
13 KB

20ms
19ms

Image
image/jpeg

2606:4700:3037::ac43:8ded
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a3.a3erf.com/wp-content/uploads/2021/11/FingerSecurity-300x150.jpg
Requested by: Host: a3.a3erf.com
URL: http://a3.a3erf.com/
Protocol: H3
Server: 2606:4700:3037::ac43:8ded , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1033d1f928bf0216a0c0473cac6da086ca3b525be551b96e2e53c0e63399a6ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://a3.a3erf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 06:30:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 964635
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12461
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 14 Jun 2022 15:29:05 GMT
server: cloudflare
etag: "30ad-5e16a10a69bb4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J12%2F6IqaPju22uSyFGsUK0Rj8iOjahJHn2rbejzHIWIMQLx0NsteGAZVotWVCL%2FXK01%2Fa7v20YtO5P%2B56EB05lJ843S7gUpyjxiEyIaxN%2F2k7Atob%2FSFSC2aTExfGz6IYljwqbNCCdP5eqI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 79206590caca903c-FRA
expires: Sat, 20 Jan 2024 02:32:51 GMT

Redirect headers

date: Tue, 31 Jan 2023 06:30:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G%2FxFHO8UPN3MAhPUOn56wY9yWMR5PSIxPh7Qi5LQJhRMhmg3GSKqTHQQXC%2BFvDWmufJFtaaDmc1IWmivlpjgDFFEi24gaUCaEdX195HflJXnzCZIsBcL9GEacpE2JYgGM%2FEZnEyxp7c%3D"}],"group":"cf-nel","max_age":604800}
location: https://a3.a3erf.com/wp-content/uploads/2021/11/FingerSecurity-300x150.jpg
cache-control: max-age=3600
cf-ray: 79206590bc842bc6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 31 Jan 2023 07:30:06 GMT

GET
H3

200

Screenshot_%D9%A2%D9%A0%D9%A2%D9%A1-%D9%A1%D9%A1-%D9%A0%D9%A1-%D9%A1%D9%A4-%D9%A0%D9%A8-%D9%A2%D9%A4-%D9%A1%D9%A2%D9%A8_com.android.vending.jpg
a3.a3erf.com/wp-content/uploads/2021/11/
Redirect Chain

https://a3erf.com/wp-content/uploads/2021/11/Screenshot_%D9%A2%D9%A0%D9%A2%D9%A1-%D9%A1%D9%A1-%D9%A0%D9%A1-%D9%A1%D9%A4-%D9%A0%D9%A8-%D9%A2%D9%A4-%D9%A1%D9%A2%D9%A8_com.android.vending.jpg
https://a3.a3erf.com/wp-content/uploads/2021/11/Screenshot_%D9%A2%D9%A0%D9%A2%D9%A1-%D9%A1%D9%A1-%D9%A0%D9%A1-%D9%A1%D9%A4-%D9%A0%D9%A8-%D9%A2%D9%A4-%D9%A1%D9%A2%D9%A8_com.android.vending.jpg

460 KB
461 KB

28ms
27ms

Image
image/jpeg

2606:4700:3037::ac43:8ded
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a3.a3erf.com/wp-content/uploads/2021/11/Screenshot_%D9%A2%D9%A0%D9%A2%D9%A1-%D9%A1%D9%A1-%D9%A0%D9%A1-%D9%A1%D9%A4-%D9%A0%D9%A8-%D9%A2%D9%A4-%D9%A1%D9%A2%D9%A8_com.android.vending.jpg
Requested by: Host: a3.a3erf.com
URL: http://a3.a3erf.com/
Protocol: H3
Server: 2606:4700:3037::ac43:8ded , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2827a1ea71fab1573db0cbc5f6866c39dd318b526df2bb683eddc2cad2eeee72

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://a3.a3erf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 06:30:06 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1964542
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 471191
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 14 Jun 2022 15:29:05 GMT
server: cloudflare
etag: "73097-5e16a10a59216"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UkD5YMTdcuvzYaQNh%2FbbBBB6FIQw2Eadb0KnkOvVBEF%2FCpkRekNVsrW3LnOkL2QHpjr7wJg7RIFoa6FLYmUXIKZMdo1BtCIMtmOUBmMq5YlqiWBmkLPz1sRc4PXqyg0ujh2YOi8cAh0jBLo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 79206590cad0903c-FRA
expires: Mon, 08 Jan 2024 12:47:44 GMT

Redirect headers

date: Tue, 31 Jan 2023 06:30:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BfBwwMxZ1Sei6OyutL3PGgKABQe6eT8qcMK4KSPFbqyg8vEV23XY2%2BPGjZ6nAi4xpejbA9FCBp%2FOkhDR%2BobdnHx2D8LukDdGejdP2IIpS07zKSdNbbtveF7r0oAXS72zT8ALDlEibeI%3D"}],"group":"cf-nel","max_age":604800}
location: https://a3.a3erf.com/wp-content/uploads/2021/11/Screenshot_%D9%A2%D9%A0%D9%A2%D9%A1-%D9%A1%D9%A1-%D9%A0%D9%A1-%D9%A1%D9%A4-%D9%A0%D9%A8-%D9%A2%D9%A4-%D9%A1%D9%A2%D9%A8_com.android.vending.jpg
cache-control: max-age=3600
cf-ray: 79206590bc852bc6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 31 Jan 2023 07:30:06 GMT

GET
H2 404 %D8%AA%D8%AD%D9%85%D9%8A%D9%84-%D9%88%D8%AA%D8%AB%D8%A8%D9%8A%D8%AA-%D9%88%D9%8A%D9%86%D8%AF%D9%88%D8%B2-11-1-210x136.jpg
a3.a3erf.com/wp-content/uploads/2021/10/ 0
0 460ms
459ms Image
text/html 2606:4700:3033::6815:4f2b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a3.a3erf.com/wp-content/uploads/2021/10/%D8%AA%D8%AD%D9%85%D9%8A%D9%84-%D9%88%D8%AA%D8%AB%D8%A8%D9%8A%D8%AA-%D9%88%D9%8A%D9%86%D8%AF%D9%88%D8%B2-11-1-210x136.jpg
Requested by: Host: a3.a3erf.com
URL: http://a3.a3erf.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:4f2b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://a3.a3erf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H2 404 %D8%AD%D8%B3%D8%A7%D8%A8-%D9%81%D9%8A%D8%B3%D8%A8%D9%88%D9%83-1-210x136.jpg
a3.a3erf.com/wp-content/uploads/2021/10/ 0
0 465ms
464ms Image
text/html 2606:4700:3033::6815:4f2b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a3.a3erf.com/wp-content/uploads/2021/10/%D8%AD%D8%B3%D8%A7%D8%A8-%D9%81%D9%8A%D8%B3%D8%A8%D9%88%D9%83-1-210x136.jpg
Requested by: Host: a3.a3erf.com
URL: http://a3.a3erf.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:4f2b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://a3.a3erf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H2 404 %D8%AD%D8%B3%D8%A7%D8%A8-%D8%AC%D9%88%D8%AC%D9%84-3-210x136.jpg
a3.a3erf.com/wp-content/uploads/2021/10/ 0
0 449ms
448ms Image
text/html 2606:4700:3033::6815:4f2b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a3.a3erf.com/wp-content/uploads/2021/10/%D8%AD%D8%B3%D8%A7%D8%A8-%D8%AC%D9%88%D8%AC%D9%84-3-210x136.jpg
Requested by: Host: a3.a3erf.com
URL: http://a3.a3erf.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:4f2b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://a3.a3erf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301250201/ 358 KB
118 KB 154ms
76ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301250201/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7909474700583821&plah=a3.a3erf.com&bust=31071927

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7909474700583821

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0605693b886b3c0a448296cbe722641e3685d83b1ac0d114edbc1bcb5f61cdb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://a3.a3erf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 06:30:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120572
x-xss-protection: 0
server: cafe
etag: 10949832897266431941
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 31 Jan 2023 06:30:06 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230125/r20190131/ Frame 660C 10 KB
5 KB 166ms
46ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230125/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7909474700583821

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://a3.a3erf.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 56352
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 14:50:54 GMT
etag: 10353107486223812946
expires: Mon, 13 Feb 2023 14:50:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 385 B
601 B 146ms
47ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=a3.a3erf.com&callback=_gfp_s_&client=ca-pub-7909474700583821

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301250201/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7909474700583821&plah=a3.a3erf.com&bust=31071927

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b42a4fe774feecaeb0232427d1c2299bef572cf76ce35335652543bd12e87460

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://a3.a3erf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 06:30:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 249
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 195ms
69ms Script
application/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=a3.a3erf.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://a3.a3erf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 06:30:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 195ms
69ms Script
application/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=a3.a3erf.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://a3.a3erf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 06:30:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 595D 503 KB
89 KB 826ms
826ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7909474700583821&output=html&adk=1812271804&adf=3025194257&lmt=1675146606&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=188x540_l%7C188x540_r&format=0x0&url=http%3A%2F%2Fa3.a3erf.com%2F&ea=0&pra=5&wgl=1&dt=1675146606244&bpp=13&bdt=437&idt=243&shv=r20230125&mjsv=m202301250201&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6359631033286&frm=20&pv=2&ga_vid=961463959.1675146607&ga_sid=1675146607&ga_hid=535878897&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071789%2C31071927%2C44779793&oid=2&pvsid=3767187551863985&tmod=2143684316&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=269

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

da6e35fabdc2063e9a3b14e07c38ec051e5ff90931591f96604a887e06181bd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://a3.a3erf.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 91219
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 06:30:07 GMT
expires: Tue, 31 Jan 2023 06:30:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D018 90 KB
32 KB 1324ms
1324ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7909474700583821&output=html&h=280&adk=866474670&adf=1949928142&pi=t.aa~a.433145973~rp.4&w=1150&fwrn=4&fwrnh=100&lmt=1675146606&rafmt=1&to=qs&pwprc=2234414854&format=1150x280&url=http%3A%2F%2Fa3.a3erf.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675146606257&bpp=1&bdt=450&idt=259&shv=r20230125&mjsv=m202301250201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6359631033286&frm=20&pv=1&ga_vid=961463959.1675146607&ga_sid=1675146607&ga_hid=535878897&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=225&ady=182&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071789%2C31071927%2C44779793&oid=2&pvsid=3767187551863985&tmod=2143684316&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Li8sNa0A7x&p=http%3A//a3.a3erf.com&dtd=261

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47cfdd259a9a426b9778bd26a531768831f7bff6379f4b7a6ffb1f236d84edd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://a3.a3erf.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 33082
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 06:30:07 GMT
expires: Tue, 31 Jan 2023 06:30:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301250201/ 150 KB
51 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202301250201/reactive_library_fy2021.js?bust=31071927

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f95fcff94e7872bd0a99e0f9b3882073e38763eb69583d12d94255c27a9ae86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://a3.a3erf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 06:30:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52200
x-xss-protection: 0
server: cafe
etag: 4697136873405083983
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 31 Jan 2023 06:30:07 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 74ms
73ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pm&rt=8%2C3%2C4%2C1&c=ca-pub-7909474700583821&eid=44759875%2C44759926%2C44759837%2C31071789%2C31071927%2C44779793

Requested by

Host: a3.a3erf.com
URL: http://a3.a3erf.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://a3.a3erf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 06:30:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 70ms
69ms Script
application/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=a3.a3erf.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://a3.a3erf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 06:30:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 71ms
71ms Script
application/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=a3.a3erf.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://a3.a3erf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 06:30:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8C00 97 KB
34 KB 684ms
684ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7909474700583821&output=html&h=280&adk=3088186576&adf=1706824535&pi=t.aa~a.1697495260~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1675146607&rafmt=1&to=qs&pwprc=2234414854&format=1200x280&url=http%3A%2F%2Fa3.a3erf.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675146607477&bpp=1&bdt=1669&idt=-M&shv=r20230125&mjsv=m202301250201&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd9d07d0e05288ba2-22a2d4c27bdb00c0%3AT%3D1675146606%3ART%3D1675146606%3AS%3DALNI_Mb2QYVxdfH-Z9WzUo8baZAqUa3ubg&gpic=UID%3D0000099948bdf7a6%3AT%3D1675146606%3ART%3D1675146606%3AS%3DALNI_MannawUGVH_sZv_3uATujNHK8EdSQ&prev_fmts=0x0%2C1150x280&nras=3&correlator=6359631033286&frm=20&pv=1&ga_vid=961463959.1675146607&ga_sid=1675146607&ga_hid=535878897&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2744&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071789%2C31071927%2C44779793&oid=2&pvsid=3767187551863985&tmod=2143684316&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=us5zgUuxJs&p=http%3A//a3.a3erf.com&dtd=9

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e85ad06cb9f47411befa697cab43ea1505932901dad02d1165c6cb0506c50824

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://a3.a3erf.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 35201
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 06:30:08 GMT
expires: Tue, 31 Jan 2023 06:30:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 33FE 95 KB
35 KB 503ms
503ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7909474700583821&output=html&h=280&adk=3375793728&adf=3109382988&pi=t.aa~a.1574040237~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1675146607&rafmt=1&to=qs&pwprc=2234414854&format=1200x280&url=http%3A%2F%2Fa3.a3erf.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675146607477&bpp=1&bdt=1669&idt=1&shv=r20230125&mjsv=m202301250201&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd9d07d0e05288ba2-22a2d4c27bdb00c0%3AT%3D1675146606%3ART%3D1675146606%3AS%3DALNI_Mb2QYVxdfH-Z9WzUo8baZAqUa3ubg&gpic=UID%3D0000099948bdf7a6%3AT%3D1675146606%3ART%3D1675146606%3AS%3DALNI_MannawUGVH_sZv_3uATujNHK8EdSQ&prev_fmts=0x0%2C1150x280%2C1200x280&nras=4&correlator=6359631033286&frm=20&pv=1&ga_vid=961463959.1675146607&ga_sid=1675146607&ga_hid=535878897&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=3034&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071789%2C31071927%2C44779793&oid=2&pvsid=3767187551863985&tmod=2143684316&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=TAKKL51qpw&p=http%3A//a3.a3erf.com&dtd=13

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2366d883c61160f8353b12f037006506446066917bc18be52c7fa48398632b13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://a3.a3erf.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 35356
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 06:30:07 GMT
expires: Tue, 31 Jan 2023 06:30:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 86ms
86ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=3&wpc=ca-pub-7909474700583821&w=1600&h=1200&pp=0&ppp=0&eatf=false&eatfAbg=false&reatf=false&a=6%2C1%2C5%2C7&apv=20230125_093506&sat=1674959071800&afm=0&as_count=0&d_count=0&ng_count=0&am_count=3&atf_count=1&mdns=0&alldns=0.240&allp=27&fd=(0%2C19%2C4)%2C(1%2C0%2C0)%2C(2%2C0%2C0)&pgh=3496&abl=false&rr=n&su=a3.a3erf.com&pvc=3767187551863985&r=0.1&eid=44759875%2C44759926%2C44759837%2C31071789%2C31071927%2C44779793

Requested by

Host: a3.a3erf.com
URL: http://a3.a3erf.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://a3.a3erf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 06:30:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 72ms
71ms Image
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pr&rt=8%2C3%2C4%2C1&c=ca-pub-7909474700583821&eid=44759875%2C44759926%2C44759837%2C31071789%2C31071927%2C44779793

Requested by

Host: a3.a3erf.com
URL: http://a3.a3erf.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://a3.a3erf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 06:30:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/ Frame 3843 10 KB
4 KB 47ms
46ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://a3.a3erf.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 41765
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 18:54:02 GMT
etag: 10353107486223812946
expires: Mon, 13 Feb 2023 18:54:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/ Frame 842D 10 KB
4 KB 47ms
46ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://a3.a3erf.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 41765
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 18:54:02 GMT
etag: 10353107486223812946
expires: Mon, 13 Feb 2023 18:54:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/ Frame 5349 10 KB
4 KB 67ms
66ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://a3.a3erf.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 41765
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 18:54:02 GMT
etag: 10353107486223812946
expires: Mon, 13 Feb 2023 18:54:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/ Frame 9CC7 10 KB
4 KB 71ms
70ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://a3.a3erf.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 41765
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 18:54:02 GMT
etag: 10353107486223812946
expires: Mon, 13 Feb 2023 18:54:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 3843 4 KB
732 B 48ms
48ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 31 Jan 2023 06:30:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 04:39:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 31 Jan 2023 06:30:07 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3843 205 B
649 B 117ms
35ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 04:29:18 GMT
x-content-type-options: nosniff
age: 7249
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 31 Jan 2024 04:29:18 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3843 604 B
695 B 118ms
36ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 20:14:17 GMT
x-content-type-options: nosniff
age: 36950
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 30 Jan 2024 20:14:17 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/elements/html/ Frame 3843 19 KB
8 KB 115ms
37ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

962b5a0b1058fb793fa137b948d5751e208b016bd67b27f886ba1b888e3ef9c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 22:39:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28230
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8248
x-xss-protection: 0
server: cafe
etag: 14490807653988091183
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Feb 2023 22:39:37 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 842D 4 KB
694 B 48ms
48ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 31 Jan 2023 06:30:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 04:42:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 31 Jan 2023 06:30:07 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/ Frame 842D 2 KB
799 B 174ms
110ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 21:06:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33847
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Feb 2023 21:06:00 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/ Frame 842D 22 KB
9 KB 103ms
41ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

682b9a643ebc5c5b7f54f802fe82d4d9117b6cdff3479110b81afdccfd6148c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 22:33:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28622
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8871
x-xss-protection: 0
server: cafe
etag: 9510037503091481574
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Feb 2023 22:33:05 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/ Frame 842D 3 KB
1 KB 171ms
110ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 22:22:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29244
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Feb 2023 22:22:43 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/ Frame 842D 18 KB
7 KB 139ms
78ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

90fef9d0acae0cc250d08d7b98da896c6c0dc6bb33999ffce7819fad76e5ff02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 22:22:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29244
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7523
x-xss-protection: 0
server: cafe
etag: 641023367890010850
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Feb 2023 22:22:43 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 842D 157 KB
48 KB 274ms
156ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a482b87b1055665d77c94492bf4739724380d45b00083575738386b2c7ee9d80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 06:30:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49075
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675083396089714"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 31 Jan 2023 06:30:07 GMT

GET
H2 200 8aec859a266e19fb42fee7f82edeac28.js Show response
www.gstatic.com/mysidia/ Frame 842D 33 KB
14 KB 110ms
46ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 05:31:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 262704
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14079
x-xss-protection: 0
last-modified: Fri, 27 Jan 2023 00:31:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 28 Apr 2023 05:31:43 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/ Frame 5349 2 KB
846 B 143ms
108ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 21:06:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33847
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Feb 2023 21:06:00 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/ Frame 5349 22 KB
9 KB 79ms
46ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

682b9a643ebc5c5b7f54f802fe82d4d9117b6cdff3479110b81afdccfd6148c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 22:33:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28622
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8871
x-xss-protection: 0
server: cafe
etag: 9510037503091481574
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Feb 2023 22:33:05 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/ Frame 5349 3 KB
1 KB 141ms
109ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 22:22:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29244
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Feb 2023 22:22:43 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/ Frame 5349 18 KB
7 KB 104ms
73ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

90fef9d0acae0cc250d08d7b98da896c6c0dc6bb33999ffce7819fad76e5ff02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 22:22:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29244
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7523
x-xss-protection: 0
server: cafe
etag: 641023367890010850
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Feb 2023 22:22:43 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5349 157 KB
48 KB 262ms
174ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a482b87b1055665d77c94492bf4739724380d45b00083575738386b2c7ee9d80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 06:30:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49075
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675083396089714"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 31 Jan 2023 06:30:07 GMT

GET
H2 200 8aec859a266e19fb42fee7f82edeac28.js Show response
www.gstatic.com/mysidia/ Frame 5349 33 KB
14 KB 72ms
37ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 05:31:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 262704
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14079
x-xss-protection: 0
last-modified: Fri, 27 Jan 2023 00:31:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 28 Apr 2023 05:31:43 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 9CC7 3 KB
674 B 48ms
48ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 31 Jan 2023 06:30:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 04:44:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 31 Jan 2023 06:30:07 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/ Frame 9CC7 2 KB
799 B 126ms
108ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 21:06:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33847
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Feb 2023 21:06:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9CC7 0
0 91ms
90ms Fetch
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C7YEzbrXYY_DWIoOPiM0PuNKy4Anvg8Shbr_Ir6y_DszHmqb9CBABIMK_lZQBYJXikIKgB6ABsLqh1wPIAQmpAr_Yab8VNLI-qAMByAPLBKoE4AFP0I_p0JRTDeAZc_NGuyn39tMIRzgfIMo2eJArO1Kz2wl8Lb_92UOwGtDdJW42wLiWLhZ0OoIwuK_CgmxH4oPpIb-7sSgXm7GJOMoGE1sm2Pskq3A1Na8p7SKl7Xm_PgL0Z0bz5MW1qHnmaBqZZAJE-A96xxqNEa3RI5Na7sGBR2rc4iOtI8HDhzH5Xm71oLF_j9t3hYZcUX1i6OSQ8OOzYf5I5D0IAvv8wzuhqKtnzMDsBTWxVipZF6rlL8pWNc-g9gGDxKqFtKASAmw0m9wbhrLh2OUPwJrIRHhc6BtwXsAEyZipquADkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB8X3rT6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQjd4C0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwyIFALQFQGAFwGyFxwKGggAEhRwdWItNzkwOTQ3NDcwMDU4MzgyMRgA&sigh=Lu7Y0ebFQT8&uach_m=[UACH]&cid=CAQSGwDUE5ymJT_yg8wapADw9vyZ1QeBCqpqZcj9WxgBIBM&template_id=494

Requested by

Host: a3.a3erf.com
URL: http://a3.a3erf.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 31 Jan 2023 06:30:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 31 Jan 2023 06:30:07 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/ Frame 9CC7 22 KB
9 KB 100ms
83ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

682b9a643ebc5c5b7f54f802fe82d4d9117b6cdff3479110b81afdccfd6148c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 22:33:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28622
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8871
x-xss-protection: 0
server: cafe
etag: 9510037503091481574
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Feb 2023 22:33:05 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/ Frame 9CC7 3 KB
1 KB 126ms
111ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 22:22:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29244
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Feb 2023 22:22:43 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/ Frame 9CC7 18 KB
7 KB 104ms
89ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

90fef9d0acae0cc250d08d7b98da896c6c0dc6bb33999ffce7819fad76e5ff02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 22:22:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29244
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7523
x-xss-protection: 0
server: cafe
etag: 641023367890010850
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Feb 2023 22:22:43 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9CC7 157 KB
49 KB 178ms
106ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a482b87b1055665d77c94492bf4739724380d45b00083575738386b2c7ee9d80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 06:30:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49075
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675083396089714"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 31 Jan 2023 06:30:07 GMT

GET
H2 200 8aec859a266e19fb42fee7f82edeac28.js Show response
www.gstatic.com/mysidia/ Frame 9CC7 33 KB
14 KB 95ms
76ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 05:31:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 262704
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14079
x-xss-protection: 0
last-modified: Fri, 27 Jan 2023 00:31:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 28 Apr 2023 05:31:43 GMT

GET
H2 200 16289748441678792045_2519254766523884697.jpeg
static.doubleclick.net/dynamic/5/74695522/ Frame 9CC7 64 KB
64 KB 219ms
101ms Image
image/jpeg 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/74695522/16289748441678792045_2519254766523884697.jpeg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0941eb45a475433b004b21d09089c2803182f2d31991d60f3faa37311bd382c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 07:59:23 GMT
x-content-type-options: nosniff
age: 253844
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65528
x-xss-protection: 0
last-modified: Wed, 25 Jan 2023 12:04:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 28 Jan 2024 07:59:23 GMT

GET
H2 200 8528023933291285008_9186565913604646649.jpeg
static.doubleclick.net/dynamic/5/74695522/ Frame 9CC7 89 KB
89 KB 250ms
132ms Image
image/jpeg 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/74695522/8528023933291285008_9186565913604646649.jpeg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68eaf8ac60d0942a6bcee0b4538d7d50ebe41bd26e332550d05d8b9d37fa16e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 18:45:30 GMT
x-content-type-options: nosniff
age: 474277
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 91035
x-xss-protection: 0
last-modified: Wed, 25 Jan 2023 12:03:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 Jan 2024 18:45:30 GMT

GET
H2 200 3129701539375676827_167768198777420005.jpeg
static.doubleclick.net/dynamic/5/74695522/ Frame 9CC7 83 KB
83 KB 165ms
48ms Image
image/jpeg 2a00:1450:400d:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/74695522/3129701539375676827_167768198777420005.jpeg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e5cea11d89879256ceb7fa6b67d30d98e0357d89a171e21304ffb627aa2c6a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 21:00:45 GMT
x-content-type-options: nosniff
age: 466162
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 84603
x-xss-protection: 0
last-modified: Wed, 25 Jan 2023 12:03:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 Jan 2024 21:00:45 GMT

GET
H2

200

624907996767536446
tpc.googlesyndication.com/simgad/ Frame 9CC7
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr3ZqF_gEQgAgYgAgyCFFyRh2Ouq9r
https://tpc.googlesyndication.com/simgad/624907996767536446

8 KB
9 KB

35ms
35ms

Image
image/png

2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/624907996767536446

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 03:43:28 GMT
x-content-type-options: nosniff
age: 96399
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8502
x-xss-protection: 0
last-modified: Tue, 09 Apr 2019 09:00:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 30 Jan 2024 03:43:28 GMT

Redirect headers

date: Tue, 31 Jan 2023 05:23:08 GMT
x-content-type-options: nosniff
server: cafe
age: 4019
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/624907996767536446
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 02 Mar 2023 05:23:08 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 8EDF 8 KB
895 B 48ms
47ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 31 Jan 2023 06:30:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 04:39:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 31 Jan 2023 06:30:07 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/ Frame 8EDF 2 KB
799 B 105ms
105ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 21:06:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33847
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Feb 2023 21:06:00 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/ Frame 8EDF 22 KB
9 KB 89ms
89ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

682b9a643ebc5c5b7f54f802fe82d4d9117b6cdff3479110b81afdccfd6148c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 22:33:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28622
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8871
x-xss-protection: 0
server: cafe
etag: 9510037503091481574
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Feb 2023 22:33:05 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/ Frame 8EDF 3 KB
1 KB 104ms
103ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 22:22:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29244
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Feb 2023 22:22:43 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/ Frame 8EDF 18 KB
7 KB 95ms
95ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

90fef9d0acae0cc250d08d7b98da896c6c0dc6bb33999ffce7819fad76e5ff02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 22:22:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29244
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7523
x-xss-protection: 0
server: cafe
etag: 641023367890010850
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Feb 2023 22:22:43 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8EDF 157 KB
48 KB 174ms
125ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a482b87b1055665d77c94492bf4739724380d45b00083575738386b2c7ee9d80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 06:30:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49075
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675083396089714"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 31 Jan 2023 06:30:07 GMT

GET
H2 200 8aec859a266e19fb42fee7f82edeac28.js Show response
www.gstatic.com/mysidia/ Frame 8EDF 33 KB
14 KB 82ms
81ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 05:31:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 262704
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14079
x-xss-protection: 0
last-modified: Fri, 27 Jan 2023 00:31:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 28 Apr 2023 05:31:43 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AECC 143 B
166 B 52ms
46ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3477
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 05:32:10 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 9CC7 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2f4391e63aa844a75bd1dca47a2c8c6bbec78d94ccc7f8c0459bd227bdbdbd4a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AECC
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

321ms
320ms

Document
text/html

2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230125/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 06:30:08 GMT
expires: Tue, 31 Jan 2023 06:30:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 06:30:08 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 8229fa5a5c3ebd24f3e2eb95db7eba72.js Show response
www.gstatic.com/mysidia/ Frame D018 9 KB
4 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8229fa5a5c3ebd24f3e2eb95db7eba72.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7909474700583821&output=html&h=280&adk=866474670&adf=1949928142&pi=t.aa~a.433145973~rp.4&w=1150&fwrn=4&fwrnh=100&lmt=1675146606&rafmt=1&to=qs&pwprc=2234414854&format=1150x280&url=http%3A%2F%2Fa3.a3erf.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675146606257&bpp=1&bdt=450&idt=259&shv=r20230125&mjsv=m202301250201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6359631033286&frm=20&pv=1&ga_vid=961463959.1675146607&ga_sid=1675146607&ga_hid=535878897&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=225&ady=182&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071789%2C31071927%2C44779793&oid=2&pvsid=3767187551863985&tmod=2143684316&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Li8sNa0A7x&p=http%3A//a3.a3erf.com&dtd=261

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b597bf422617af67b2ffe3e420f0fd2d9a01a3b95020e368c57b2a131151158

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 01:48:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 362484
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4209
x-xss-protection: 0
last-modified: Tue, 24 Jan 2023 03:52:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 27 Apr 2023 01:48:43 GMT

GET
H2 200 9e5698c686bc55900eb7505b234da968.js Show response
www.gstatic.com/mysidia/ Frame D018 10 KB
4 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9e5698c686bc55900eb7505b234da968.js?tag=text/vanilla_highlight

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98a03cded6a2bd3976ad215e9f51af528f6be61edf3666ea4656e35a87f13687

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 16:35:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 395655
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4467
x-xss-protection: 0
last-modified: Tue, 24 Jan 2023 03:52:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 26 Apr 2023 16:35:52 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame D018 8 KB
895 B 48ms
47ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 31 Jan 2023 06:30:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 04:42:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 31 Jan 2023 06:30:07 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/ Frame D018 2 KB
765 B 39ms
38ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 21:06:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33847
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Feb 2023 21:06:00 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/ Frame D018 22 KB
9 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

682b9a643ebc5c5b7f54f802fe82d4d9117b6cdff3479110b81afdccfd6148c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 22:33:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28622
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8871
x-xss-protection: 0
server: cafe
etag: 9510037503091481574
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Feb 2023 22:33:05 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/ Frame D018 3 KB
1 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 22:22:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29244
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Feb 2023 22:22:43 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/ Frame D018 18 KB
7 KB 42ms
40ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

90fef9d0acae0cc250d08d7b98da896c6c0dc6bb33999ffce7819fad76e5ff02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 22:22:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29244
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7523
x-xss-protection: 0
server: cafe
etag: 641023367890010850
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Feb 2023 22:22:43 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D018 157 KB
48 KB 138ms
137ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a482b87b1055665d77c94492bf4739724380d45b00083575738386b2c7ee9d80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 06:30:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49075
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675083396089714"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 31 Jan 2023 06:30:07 GMT

GET
H2 200 8aec859a266e19fb42fee7f82edeac28.js Show response
www.gstatic.com/mysidia/ Frame D018 33 KB
14 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 05:31:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 262704
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14079
x-xss-protection: 0
last-modified: Fri, 27 Jan 2023 00:31:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 28 Apr 2023 05:31:43 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D018 0
0 104ms
104ms Fetch
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CS8ixbrXYY-GbIqGD-wasiJHgCOHhkapg24bJy5AQmPmq9_QKEAEgwr-VlAFgleKQgqAHoAHpnrXgAcgBAakCe-KB-PQisj6oAwHIA8MEqgTrAU_Q1dbfrMtqmaRtzQxOI7end3B-KlY-ncMYwhpGxRevL07kMpnuoZb33hmKWqTSczxgRREgKZva1ujn1v8REj1ooISPBvzXCQIFBHOnrF_7ywaAWi90-BqdTlEspGeDDBQbfnOD2jYDtVAc9xqNUxJ81q1b3un00LS9H9ml_QhDy-tGviAFrGUg-3wHoE2NxWcCkR-zyQxBkZ9L0lcIWE1YHtdMnEY75JwG-c_QkFfAHksyA7foUIFDw1vYer4K_X7lhmRIWaYmFBo337DpH2GfJPPNOaU3TtJOz_wescbJSETQtIfe8U6Dl9vABI-B9-D1A5IFBAgEGAGSBQQIBRgEoAZmgAf_4MqfAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEKqZF9IIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMKiBQB0BUBgBcBshccChoIABIUcHViLTc5MDk0NzQ3MDA1ODM4MjEYAA&sigh=NIX7Gy_SfOU&uach_m=[UACH]&cid=CAQSGwDUE5ymYNDj5Sf5DkgEqRNV139r1hhZc7beExgBIBM

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7909474700583821&output=html&h=280&adk=866474670&adf=1949928142&pi=t.aa~a.433145973~rp.4&w=1150&fwrn=4&fwrnh=100&lmt=1675146606&rafmt=1&to=qs&pwprc=2234414854&format=1150x280&url=http%3A%2F%2Fa3.a3erf.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675146606257&bpp=1&bdt=450&idt=259&shv=r20230125&mjsv=m202301250201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6359631033286&frm=20&pv=1&ga_vid=961463959.1675146607&ga_sid=1675146607&ga_hid=535878897&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=225&ady=182&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071789%2C31071927%2C44779793&oid=2&pvsid=3767187551863985&tmod=2143684316&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Li8sNa0A7x&p=http%3A//a3.a3erf.com&dtd=261
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 31 Jan 2023 06:30:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CD4B 143 B
166 B 47ms
46ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7909474700583821&output=html&h=280&adk=866474670&adf=1949928142&pi=t.aa~a.433145973~rp.4&w=1150&fwrn=4&fwrnh=100&lmt=1675146606&rafmt=1&to=qs&pwprc=2234414854&format=1150x280&url=http%3A%2F%2Fa3.a3erf.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675146606257&bpp=1&bdt=450&idt=259&shv=r20230125&mjsv=m202301250201&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6359631033286&frm=20&pv=1&ga_vid=961463959.1675146607&ga_sid=1675146607&ga_hid=535878897&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=225&ady=182&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071789%2C31071927%2C44779793&oid=2&pvsid=3767187551863985&tmod=2143684316&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Li8sNa0A7x&p=http%3A//a3.a3erf.com&dtd=261
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3477
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 05:32:10 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame D018 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f35e8425233d6bbed74a3e492460c07befe743ee84af742f326f48b8d73bd961

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 8229fa5a5c3ebd24f3e2eb95db7eba72.js Show response
www.gstatic.com/mysidia/ Frame 33FE 9 KB
4 KB 40ms
38ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8229fa5a5c3ebd24f3e2eb95db7eba72.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7909474700583821&output=html&h=280&adk=3375793728&adf=3109382988&pi=t.aa~a.1574040237~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1675146607&rafmt=1&to=qs&pwprc=2234414854&format=1200x280&url=http%3A%2F%2Fa3.a3erf.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675146607477&bpp=1&bdt=1669&idt=1&shv=r20230125&mjsv=m202301250201&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd9d07d0e05288ba2-22a2d4c27bdb00c0%3AT%3D1675146606%3ART%3D1675146606%3AS%3DALNI_Mb2QYVxdfH-Z9WzUo8baZAqUa3ubg&gpic=UID%3D0000099948bdf7a6%3AT%3D1675146606%3ART%3D1675146606%3AS%3DALNI_MannawUGVH_sZv_3uATujNHK8EdSQ&prev_fmts=0x0%2C1150x280%2C1200x280&nras=4&correlator=6359631033286&frm=20&pv=1&ga_vid=961463959.1675146607&ga_sid=1675146607&ga_hid=535878897&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=3034&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071789%2C31071927%2C44779793&oid=2&pvsid=3767187551863985&tmod=2143684316&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=TAKKL51qpw&p=http%3A//a3.a3erf.com&dtd=13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b597bf422617af67b2ffe3e420f0fd2d9a01a3b95020e368c57b2a131151158

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 01:48:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 362485
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4209
x-xss-protection: 0
last-modified: Tue, 24 Jan 2023 03:52:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 27 Apr 2023 01:48:43 GMT

GET
H3 200 9e5698c686bc55900eb7505b234da968.js Show response
www.gstatic.com/mysidia/ Frame 33FE 10 KB
4 KB 41ms
39ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9e5698c686bc55900eb7505b234da968.js?tag=text/vanilla_highlight

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98a03cded6a2bd3976ad215e9f51af528f6be61edf3666ea4656e35a87f13687

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 16:35:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 395656
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4467
x-xss-protection: 0
last-modified: Tue, 24 Jan 2023 03:52:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 26 Apr 2023 16:35:52 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 33FE 8 KB
895 B 49ms
47ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 31 Jan 2023 06:30:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 04:37:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 31 Jan 2023 06:30:08 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/ Frame 33FE 2 KB
765 B 48ms
47ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 21:06:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33848
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Feb 2023 21:06:00 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/ Frame 33FE 22 KB
9 KB 41ms
39ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

682b9a643ebc5c5b7f54f802fe82d4d9117b6cdff3479110b81afdccfd6148c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 22:33:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28623
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8871
x-xss-protection: 0
server: cafe
etag: 9510037503091481574
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Feb 2023 22:33:05 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/ Frame 33FE 3 KB
1 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 22:22:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29245
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Feb 2023 22:22:43 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/ Frame 33FE 18 KB
7 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

90fef9d0acae0cc250d08d7b98da896c6c0dc6bb33999ffce7819fad76e5ff02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 22:22:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29245
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7523
x-xss-protection: 0
server: cafe
etag: 641023367890010850
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Feb 2023 22:22:43 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 33FE 0
0 46ms
45ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS7q9OxDduaDuOXTdgbclEISZX4rJ49JzmRK6NX5ZPLHZFem5HYOFnOIV94B4MokKz2B9E2D-tfD91SYufJOA8jLYwWpg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7909474700583821&output=html&h=280&adk=3375793728&adf=3109382988&pi=t.aa~a.1574040237~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1675146607&rafmt=1&to=qs&pwprc=2234414854&format=1200x280&url=http%3A%2F%2Fa3.a3erf.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675146607477&bpp=1&bdt=1669&idt=1&shv=r20230125&mjsv=m202301250201&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd9d07d0e05288ba2-22a2d4c27bdb00c0%3AT%3D1675146606%3ART%3D1675146606%3AS%3DALNI_Mb2QYVxdfH-Z9WzUo8baZAqUa3ubg&gpic=UID%3D0000099948bdf7a6%3AT%3D1675146606%3ART%3D1675146606%3AS%3DALNI_MannawUGVH_sZv_3uATujNHK8EdSQ&prev_fmts=0x0%2C1150x280%2C1200x280&nras=4&correlator=6359631033286&frm=20&pv=1&ga_vid=961463959.1675146607&ga_sid=1675146607&ga_hid=535878897&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=3034&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071789%2C31071927%2C44779793&oid=2&pvsid=3767187551863985&tmod=2143684316&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=TAKKL51qpw&p=http%3A//a3.a3erf.com&dtd=13
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 33FE 157 KB
48 KB 103ms
102ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a482b87b1055665d77c94492bf4739724380d45b00083575738386b2c7ee9d80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 06:30:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49075
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675083396089714"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 31 Jan 2023 06:30:08 GMT

GET
H3 200 8aec859a266e19fb42fee7f82edeac28.js Show response
www.gstatic.com/mysidia/ Frame 33FE 33 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 05:31:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 262705
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14079
x-xss-protection: 0
last-modified: Fri, 27 Jan 2023 00:31:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 28 Apr 2023 05:31:43 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CD4B
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

321ms
321ms

Document
text/html

2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 06:30:08 GMT
expires: Tue, 31 Jan 2023 06:30:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 06:30:08 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 1Uo-GdYM8jmzkTe9Iw9agpx9XEOhCewo_y8ZrL7aHhw.js Show response
pagead2.googlesyndication.com/bg/ Frame 2491 36 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1Uo-GdYM8jmzkTe9Iw9agpx9XEOhCewo_y8ZrL7aHhw.js

Requested by

Host: a3.a3erf.com
URL: http://a3.a3erf.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d54a3e19d60cf239b39137bd230f5a829c7d5c43a109ec28ff2f19acbeda1e1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 20:21:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 468538
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14301
x-xss-protection: 0
last-modified: Tue, 24 Jan 2023 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 Jan 2024 20:21:10 GMT

GET
H3 200 1Uo-GdYM8jmzkTe9Iw9agpx9XEOhCewo_y8ZrL7aHhw.js Show response
pagead2.googlesyndication.com/bg/ Frame 11F8 36 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1Uo-GdYM8jmzkTe9Iw9agpx9XEOhCewo_y8ZrL7aHhw.js

Requested by

Host: a3.a3erf.com
URL: http://a3.a3erf.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d54a3e19d60cf239b39137bd230f5a829c7d5c43a109ec28ff2f19acbeda1e1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 20:21:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 468538
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14301
x-xss-protection: 0
last-modified: Tue, 24 Jan 2023 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 Jan 2024 20:21:10 GMT

GET
H3 200 1Uo-GdYM8jmzkTe9Iw9agpx9XEOhCewo_y8ZrL7aHhw.js Show response
pagead2.googlesyndication.com/bg/ Frame 2F6B 36 KB
14 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1Uo-GdYM8jmzkTe9Iw9agpx9XEOhCewo_y8ZrL7aHhw.js

Requested by

Host: a3.a3erf.com
URL: http://a3.a3erf.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d54a3e19d60cf239b39137bd230f5a829c7d5c43a109ec28ff2f19acbeda1e1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 20:21:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 468538
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14301
x-xss-protection: 0
last-modified: Tue, 24 Jan 2023 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 Jan 2024 20:21:10 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 33FE 0
0 91ms
90ms Fetch
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CEx6zb7XYY76eIaSKiM0PhcKJuAXJy-CFboKOv9vaEIbO_5WEGxABIMK_lZQBYJXikIKgB6AB0cfoiQPIAQGpAr_Yab8VNLI-qAMByAPDBKoE3QFP0BieN7VWnnvNMlOVQ-mRdfmvfHcrmsS8zoiW-EVARGvUN6RUtXoF6IsnS0atutdyHTKPaB_nPulqGa-ToyGjOn_UtM-afVesVqgHfsp-tSnPZLNlLY9hHG1mnigEsUy9WWIDLOlhTFMAGc5T0IhsmhEysl96BlkIKUynAW_vHU2LCAARXQ3TR6MgJsY3KHE1QPX5KbAWzKOjy7J-I0AaWyRdF7B8T4Wrg_QaZV5YxJZsyDjcJELYgzrtxCx3S_W5Q_gNt8bJSZSzcSM3V4FNnPTyNubpHMTn3aYXx8AEmczAhbMCkgUECAQYAZIFBAgFGASgBmaAB5e4l3aoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCm7AvSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTCtAVAZgWAYAXAbIXHAoaCAASFHB1Yi03OTA5NDc0NzAwNTgzODIxGAA&sigh=Lk6D91C1xrs&uach_m=[UACH]&cid=CAQSPADUE5ymJrDcSfmrIdAZy3q1hMlndLbOcFqBQmtBrAPeNu3N1tuFgryqPIvmmFVobc6UFr6Ylq_0RdDZphgBIBM

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7909474700583821&output=html&h=280&adk=3375793728&adf=3109382988&pi=t.aa~a.1574040237~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1675146607&rafmt=1&to=qs&pwprc=2234414854&format=1200x280&url=http%3A%2F%2Fa3.a3erf.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675146607477&bpp=1&bdt=1669&idt=1&shv=r20230125&mjsv=m202301250201&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd9d07d0e05288ba2-22a2d4c27bdb00c0%3AT%3D1675146606%3ART%3D1675146606%3AS%3DALNI_Mb2QYVxdfH-Z9WzUo8baZAqUa3ubg&gpic=UID%3D0000099948bdf7a6%3AT%3D1675146606%3ART%3D1675146606%3AS%3DALNI_MannawUGVH_sZv_3uATujNHK8EdSQ&prev_fmts=0x0%2C1150x280%2C1200x280&nras=4&correlator=6359631033286&frm=20&pv=1&ga_vid=961463959.1675146607&ga_sid=1675146607&ga_hid=535878897&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=3034&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071789%2C31071927%2C44779793&oid=2&pvsid=3767187551863985&tmod=2143684316&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=TAKKL51qpw&p=http%3A//a3.a3erf.com&dtd=13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 31 Jan 2023 06:30:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C07E 143 B
166 B 47ms
46ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7909474700583821&output=html&h=280&adk=3375793728&adf=3109382988&pi=t.aa~a.1574040237~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1675146607&rafmt=1&to=qs&pwprc=2234414854&format=1200x280&url=http%3A%2F%2Fa3.a3erf.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675146607477&bpp=1&bdt=1669&idt=1&shv=r20230125&mjsv=m202301250201&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd9d07d0e05288ba2-22a2d4c27bdb00c0%3AT%3D1675146606%3ART%3D1675146606%3AS%3DALNI_Mb2QYVxdfH-Z9WzUo8baZAqUa3ubg&gpic=UID%3D0000099948bdf7a6%3AT%3D1675146606%3ART%3D1675146606%3AS%3DALNI_MannawUGVH_sZv_3uATujNHK8EdSQ&prev_fmts=0x0%2C1150x280%2C1200x280&nras=4&correlator=6359631033286&frm=20&pv=1&ga_vid=961463959.1675146607&ga_sid=1675146607&ga_hid=535878897&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=3034&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071789%2C31071927%2C44779793&oid=2&pvsid=3767187551863985&tmod=2143684316&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=TAKKL51qpw&p=http%3A//a3.a3erf.com&dtd=13
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3478
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 05:32:10 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame AADE 1 KB
643 B 40ms
39ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 65990
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 12:10:18 GMT
etag: 48472445140208031
expires: Tue, 31 Jan 2023 12:10:18 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame D018 28 KB
28 KB 39ms
37ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 17:04:17 GMT
x-content-type-options: nosniff
age: 134751
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 29 Jan 2024 17:04:17 GMT

GET
DATA 200
OK truncated
/ Frame 33FE 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3d83f096eeb619cb1344d1c7fea82732489895022646be23eced095137740b16

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame 8C00 8 KB
895 B 50ms
49ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7909474700583821&output=html&h=280&adk=3088186576&adf=1706824535&pi=t.aa~a.1697495260~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1675146607&rafmt=1&to=qs&pwprc=2234414854&format=1200x280&url=http%3A%2F%2Fa3.a3erf.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675146607477&bpp=1&bdt=1669&idt=-M&shv=r20230125&mjsv=m202301250201&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd9d07d0e05288ba2-22a2d4c27bdb00c0%3AT%3D1675146606%3ART%3D1675146606%3AS%3DALNI_Mb2QYVxdfH-Z9WzUo8baZAqUa3ubg&gpic=UID%3D0000099948bdf7a6%3AT%3D1675146606%3ART%3D1675146606%3AS%3DALNI_MannawUGVH_sZv_3uATujNHK8EdSQ&prev_fmts=0x0%2C1150x280&nras=3&correlator=6359631033286&frm=20&pv=1&ga_vid=961463959.1675146607&ga_sid=1675146607&ga_hid=535878897&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2744&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071789%2C31071927%2C44779793&oid=2&pvsid=3767187551863985&tmod=2143684316&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=us5zgUuxJs&p=http%3A//a3.a3erf.com&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 31 Jan 2023 06:30:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 04:42:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 31 Jan 2023 06:30:08 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/ Frame 8C00 2 KB
765 B 46ms
43ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 21:06:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33848
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Feb 2023 21:06:00 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/ Frame 8C00 22 KB
9 KB 46ms
44ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

682b9a643ebc5c5b7f54f802fe82d4d9117b6cdff3479110b81afdccfd6148c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 22:33:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28623
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8871
x-xss-protection: 0
server: cafe
etag: 9510037503091481574
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Feb 2023 22:33:05 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/ Frame 8C00 3 KB
1 KB 45ms
41ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 22:22:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29245
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Feb 2023 22:22:43 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/ Frame 8C00 18 KB
7 KB 48ms
45ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230125/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

90fef9d0acae0cc250d08d7b98da896c6c0dc6bb33999ffce7819fad76e5ff02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 22:22:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29245
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7523
x-xss-protection: 0
server: cafe
etag: 641023367890010850
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 13 Feb 2023 22:22:43 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 8C00 0
0 47ms
43ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ3YHJR9CfmgDtRhes7nU7DF9IT0GOPQ3kp9J_sSz-w39U70w6NRr3-k-kiio4Tm0pTqZK2_HItq3J_sttCTL_P8OztGw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7909474700583821&output=html&h=280&adk=3088186576&adf=1706824535&pi=t.aa~a.1697495260~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1675146607&rafmt=1&to=qs&pwprc=2234414854&format=1200x280&url=http%3A%2F%2Fa3.a3erf.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675146607477&bpp=1&bdt=1669&idt=-M&shv=r20230125&mjsv=m202301250201&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd9d07d0e05288ba2-22a2d4c27bdb00c0%3AT%3D1675146606%3ART%3D1675146606%3AS%3DALNI_Mb2QYVxdfH-Z9WzUo8baZAqUa3ubg&gpic=UID%3D0000099948bdf7a6%3AT%3D1675146606%3ART%3D1675146606%3AS%3DALNI_MannawUGVH_sZv_3uATujNHK8EdSQ&prev_fmts=0x0%2C1150x280&nras=3&correlator=6359631033286&frm=20&pv=1&ga_vid=961463959.1675146607&ga_sid=1675146607&ga_hid=535878897&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2744&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071789%2C31071927%2C44779793&oid=2&pvsid=3767187551863985&tmod=2143684316&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=us5zgUuxJs&p=http%3A//a3.a3erf.com&dtd=9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8C00 157 KB
48 KB 99ms
95ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a482b87b1055665d77c94492bf4739724380d45b00083575738386b2c7ee9d80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 06:30:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49075
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1675083396089714"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 31 Jan 2023 06:30:08 GMT

GET
H3 200 8aec859a266e19fb42fee7f82edeac28.js Show response
www.gstatic.com/mysidia/ Frame 8C00 33 KB
14 KB 42ms
38ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8aec859a266e19fb42fee7f82edeac28.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 05:31:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 262705
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14079
x-xss-protection: 0
last-modified: Fri, 27 Jan 2023 00:31:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 28 Apr 2023 05:31:43 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8C00 0
0 89ms
87ms Fetch
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CJ32Bb7XYY8KlIJaczAb306nIAq-2yJxa6Kz0kp8Qvor_gNQCEAEgwr-VlAFgleKQgqAHoAHdsY7LAsgBCagDAcgDywSqBN4BT9CBoRaDh1iM0YBTxUpBQ6lq7dIbKTMC8vOgcnDGDaOE_t0UsuxT707nGtx5fffWZc-4erF7ZFf9xPoX5sZzdFvbYT9fHGcg6nBgKXfs8TW02kG9Rq-1887ZlTTTmM5-VH2K9KeD5uAESQIJFM8HjzZzOIuu8-Jh4QzHcAB98jTPdS4ntP7ATHbcF76Y4BPH83gztBWgGMlyzlqxgNbCJwsL8GGkL-swmqiwLYFm1Lyn8bach2ADK9TOqX36i_ZeKd0GIoRkN9T9sXIQg7gDeefaroOzYUgtFA6oJKXmwATu19y2vAKSBQQIBBgBkgUECAUYBKAGLoAHi87xtAGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDxhgjSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi03OTA5NDc0NzAwNTgzODIxGAA&sigh=veeJdI1i_gw&uach_m=[UACH]&cid=CAQSPADUE5ymLpPRtJF4oooFXlsFYeVkZVrq9VmdJF_SOZHYzjRpnfhdBBnc3FRDcV-JTbOLHamdDLI2uGDdZRgBIBM&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7909474700583821&output=html&h=280&adk=3088186576&adf=1706824535&pi=t.aa~a.1697495260~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1675146607&rafmt=1&to=qs&pwprc=2234414854&format=1200x280&url=http%3A%2F%2Fa3.a3erf.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675146607477&bpp=1&bdt=1669&idt=-M&shv=r20230125&mjsv=m202301250201&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd9d07d0e05288ba2-22a2d4c27bdb00c0%3AT%3D1675146606%3ART%3D1675146606%3AS%3DALNI_Mb2QYVxdfH-Z9WzUo8baZAqUa3ubg&gpic=UID%3D0000099948bdf7a6%3AT%3D1675146606%3ART%3D1675146606%3AS%3DALNI_MannawUGVH_sZv_3uATujNHK8EdSQ&prev_fmts=0x0%2C1150x280&nras=3&correlator=6359631033286&frm=20&pv=1&ga_vid=961463959.1675146607&ga_sid=1675146607&ga_hid=535878897&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2744&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071789%2C31071927%2C44779793&oid=2&pvsid=3767187551863985&tmod=2143684316&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=us5zgUuxJs&p=http%3A//a3.a3erf.com&dtd=9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 31 Jan 2023 06:30:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/13571001074246120263/ Frame 8C00 40 KB
40 KB 42ms
41ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13571001074246120263/14763004658117789537?w=600&h=314

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f11e4c1a4e4d20870c8c10619144575b07e831360c47dceaf4ea631da8dba8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 06:22:24 GMT
x-content-type-options: nosniff
age: 464
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41240
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 05:05:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 31 Jan 2024 06:22:24 GMT

GET
DATA 200
OK truncated
/ Frame 8C00 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 8C00 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame AADE
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEAJzNAXSNdhoTAHpXftJA8I&google_cver=1&google_push=Aa02lx_Mf4LuOdjjYskpsia6mwrf_HZ8du963qHiDx3phbwyfx7lVlo7wU8kEhoBF776jbWHKGZdYRQ9Dcy4lmTLi_jrsONvz_b4U...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEAJzNAXSNdhoTAHpXftJA8I&google_cver=1&google_push=Aa02lx_Mf4LuOdjjYskpsia6mwrf_HZ8du963qHiDx3phbwyfx7lVlo7wU8kEhoBF776jbWHKGZdYRQ9Dcy4lmTLi_jrsONvz_b...

43 B
408 B

176ms
158ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEAJzNAXSNdhoTAHpXftJA8I&google_cver=1&google_push=Aa02lx_Mf4LuOdjjYskpsia6mwrf_HZ8du963qHiDx3phbwyfx7lVlo7wU8kEhoBF776jbWHKGZdYRQ9Dcy4lmTLi_jrsONvz_b4UQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx_Mf4LuOdjjYskpsia6mwrf_HZ8du963qHiDx3phbwyfx7lVlo7wU8kEhoBF776jbWHKGZdYRQ9Dcy4lmTLi_jrsONvz_b4UQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7909474700583821&output=html&h=280&adk=3375793728&adf=3109382988&pi=t.aa~a.1574040237~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1675146607&rafmt=1&to=qs&pwprc=2234414854&format=1200x280&url=http%3A%2F%2Fa3.a3erf.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675146607477&bpp=1&bdt=1669&idt=1&shv=r20230125&mjsv=m202301250201&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd9d07d0e05288ba2-22a2d4c27bdb00c0%3AT%3D1675146606%3ART%3D1675146606%3AS%3DALNI_Mb2QYVxdfH-Z9WzUo8baZAqUa3ubg&gpic=UID%3D0000099948bdf7a6%3AT%3D1675146606%3ART%3D1675146606%3AS%3DALNI_MannawUGVH_sZv_3uATujNHK8EdSQ&prev_fmts=0x0%2C1150x280%2C1200x280&nras=4&correlator=6359631033286&frm=20&pv=1&ga_vid=961463959.1675146607&ga_sid=1675146607&ga_hid=535878897&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=3034&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071789%2C31071927%2C44779793&oid=2&pvsid=3767187551863985&tmod=2143684316&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=TAKKL51qpw&p=http%3A//a3.a3erf.com&dtd=13
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 06:30:08 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 792065a01b8f9bb0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 31 Jan 2023 06:30:08 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 2355
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEAJzNAXSNdhoTAHpXftJA8I&google_cver=1&google_push=Aa02lx_Mf4LuOdjjYskpsia6mwrf_HZ8du963qHiDx3phbwyfx7lVlo7wU8kEhoBF776jbWHKGZdYRQ9Dcy4lmTLi_jrsONvz_b4UQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx_Mf4LuOdjjYskpsia6mwrf_HZ8du963qHiDx3phbwyfx7lVlo7wU8kEhoBF776jbWHKGZdYRQ9Dcy4lmTLi_jrsONvz_b4UQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7920659ec97c9bb0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame AADE
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENydwGCQwxgR4i51_3LXcXQ&google_push=Aa02lx9pvmzRRsMEGBC3K-349BzZvmyMi-Vt1nsNvQyFtTTv7Bi2tgKXnL...

170 B
232 B

96ms
92ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENydwGCQwxgR4i51_3LXcXQ&google_push=Aa02lx9pvmzRRsMEGBC3K-349BzZvmyMi-Vt1nsNvQyFtTTv7Bi2tgKXnL9UG-VrVf8CUgBtBWN8XUHFZCgnT-l-_twhlStvrK_Qrw

Requested by

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 06:30:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-hhn-etou8220097-HHN
pragma: no-cache
date: Tue, 31 Jan 2023 06:30:08 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1675146608.441848,VS0,VE183
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENydwGCQwxgR4i51_3LXcXQ&google_push=Aa02lx9pvmzRRsMEGBC3K-349BzZvmyMi-Vt1nsNvQyFtTTv7Bi2tgKXnL9UG-VrVf8CUgBtBWN8XUHFZCgnT-l-_twhlStvrK_Qrw
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2 451 466606.gif
id.rlcdn.com/ Frame AADE 0
98 B 85ms
20ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAa02lx8j0pwEUUv5M_cTHMvrJkpe0gojPrCIFacbzXwXOjnwg1wylpQiFHw-bWUjcSoMMF3QQqBa2HMNV_YBY2stTRXFkheDptAEcwY&google_gid=CAESELZ56anGVhHrvOg3WNEvMlE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7909474700583821&output=html&h=280&adk=3375793728&adf=3109382988&pi=t.aa~a.1574040237~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1675146607&rafmt=1&to=qs&pwprc=2234414854&format=1200x280&url=http%3A%2F%2Fa3.a3erf.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675146607477&bpp=1&bdt=1669&idt=1&shv=r20230125&mjsv=m202301250201&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd9d07d0e05288ba2-22a2d4c27bdb00c0%3AT%3D1675146606%3ART%3D1675146606%3AS%3DALNI_Mb2QYVxdfH-Z9WzUo8baZAqUa3ubg&gpic=UID%3D0000099948bdf7a6%3AT%3D1675146606%3ART%3D1675146606%3AS%3DALNI_MannawUGVH_sZv_3uATujNHK8EdSQ&prev_fmts=0x0%2C1150x280%2C1200x280&nras=4&correlator=6359631033286&frm=20&pv=1&ga_vid=961463959.1675146607&ga_sid=1675146607&ga_hid=535878897&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=3034&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071789%2C31071927%2C44779793&oid=2&pvsid=3767187551863985&tmod=2143684316&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=TAKKL51qpw&p=http%3A//a3.a3erf.com&dtd=13
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 06:30:08 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AADE
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEPs_S82rU5LMveS91O4yBoo&google_cver=1&google_push=Aa02lx9agZ4-Itxle46cqLeZoNODk6EAXZ9Szao1qOjUh5CV6fqh4Za7X7Ip9q0DMfN9V57D4FGb0aqkiyVEGj8s0bqn...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEPs_S82rU5LMveS91O4yBoo&google_cver=1&google_push=Aa02lx9agZ4-Itxle46cqLeZoNODk6EAXZ9Szao1qOjUh5CV6fqh4Za7X7Ip9q0DMfN9V57D4FGb0aqkiyVEGj...
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=e1776874-5349-44c1-bd52-41e8983e51f3
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=e1776874-5349-44c1-bd52-41e8983e51f3
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=3b10442f-7df4-44c0-8520-be0311322f53&user_group=1&ssp=google&bsw_param=e1776874-5349-44c1-bd52-41e8983e51f3
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx9agZ4-Itxle46cqLeZoNODk6EAXZ9Szao1qOjUh5CV6fqh4Za7X7Ip9q0DMfN9V57D4FGb0aqkiyVEGj8s0bqnQDYBruYohPA&google_hm=4XdodFNJRMG9UkHomD5R...

170 B
188 B

71ms
70ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx9agZ4-Itxle46cqLeZoNODk6EAXZ9Szao1qOjUh5CV6fqh4Za7X7Ip9q0DMfN9V57D4FGb0aqkiyVEGj8s0bqnQDYBruYohPA&google_hm=4XdodFNJRMG9UkHomD5R8w==

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 06:30:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx9agZ4-Itxle46cqLeZoNODk6EAXZ9Szao1qOjUh5CV6fqh4Za7X7Ip9q0DMfN9V57D4FGb0aqkiyVEGj8s0bqnQDYBruYohPA&google_hm=4XdodFNJRMG9UkHomD5R8w==
date: Tue, 31 Jan 2023 06:30:08 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame AADE
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEMqW4IAS8ZYaoX4gMfNJUxo&google_cver=1&google_push=Aa02lx-jtyhLzkU5gCVY2djIO1W_eQrbEOyZsE9aKiu3HmC2lDIb4VewwFjBueadlSbqY1LxjnYzAPNK...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEMqW4IAS8ZYaoX4gMfNJUxo&google_cver=1&google_push=Aa02lx-jtyhLzkU5gCVY2djIO1W_eQrbEOyZsE9aKiu3HmC2lDIb4VewwFjBueadlSbqY1LxjnY...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTQwNDIwNDk4NjM5ODMwODc3NQ&google_push=Aa02lx-jtyhLzkU5gCVY2djIO1W_eQrbEOyZsE9aKiu3HmC2lDIb4VewwFjBueadlSbqY1LxjnYzAP...

170 B
232 B

93ms
92ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTQwNDIwNDk4NjM5ODMwODc3NQ&google_push=Aa02lx-jtyhLzkU5gCVY2djIO1W_eQrbEOyZsE9aKiu3HmC2lDIb4VewwFjBueadlSbqY1LxjnYzAPNKkF_7NLQGUztMzvgd00bVLgk

Requested by

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 06:30:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 31 Jan 2023 06:30:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTQwNDIwNDk4NjM5ODMwODc3NQ&google_push=Aa02lx-jtyhLzkU5gCVY2djIO1W_eQrbEOyZsE9aKiu3HmC2lDIb4VewwFjBueadlSbqY1LxjnYzAPNKkF_7NLQGUztMzvgd00bVLgk
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame AADE
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEJUJkOzs5Fdz0b3olp-XgkU&google_cver=1&google_push=Aa02lx9F_Q3Y7678OfQDxbUP4pQcdNG1iMp6eynqLNnXCLBnNmUo7lre_IFdR-Tdw280bcIidSyPlizpL7x36CO3SXj8xD...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEJUJkOzs5Fdz0b3olp-XgkU&google_cver=1&google_push=Aa02lx9F_Q3Y7678OfQDxbUP4pQcdNG1iMp6eynqLNnXCLBnNmUo7lre_IFdR-Tdw280bcIidSyPlizpL7x36CO3...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=ARy6rc8-SSyfeLRjfBvtfw&google_push=Aa02lx9F_Q3Y7678OfQDxbUP4pQcdNG1iMp6eynqLNnXCLBnNmUo7lre_IFdR-Tdw280bcIidSyPlizpL7x36CO...

170 B
232 B

134ms
94ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=ARy6rc8-SSyfeLRjfBvtfw&google_push=Aa02lx9F_Q3Y7678OfQDxbUP4pQcdNG1iMp6eynqLNnXCLBnNmUo7lre_IFdR-Tdw280bcIidSyPlizpL7x36CO3SXj8xDdcKxRgjQ

Requested by

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 06:30:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=ARy6rc8-SSyfeLRjfBvtfw&google_push=Aa02lx9F_Q3Y7678OfQDxbUP4pQcdNG1iMp6eynqLNnXCLBnNmUo7lre_IFdR-Tdw280bcIidSyPlizpL7x36CO3SXj8xDdcKxRgjQ
access-control-allow-origin: *
date: Tue, 31 Jan 2023 06:30:08 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame AADE 0
44 B 171ms
17ms Image
text/plain 185.86.139.93
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEDa3hVLBEVSIBlZvShQyJrQ&google_cver=1&google_push=Aa02lx8RKloGCrDCFN7IqowGLxO8OTpMppy5_sNyvjnXEHUDonzHKO_yU1f4ftxqO54ie7sa-r7L7FdCAKQGXN49Bvn0Mj21gIzYdw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7909474700583821&output=html&h=280&adk=3375793728&adf=3109382988&pi=t.aa~a.1574040237~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1675146607&rafmt=1&to=qs&pwprc=2234414854&format=1200x280&url=http%3A%2F%2Fa3.a3erf.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675146607477&bpp=1&bdt=1669&idt=1&shv=r20230125&mjsv=m202301250201&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd9d07d0e05288ba2-22a2d4c27bdb00c0%3AT%3D1675146606%3ART%3D1675146606%3AS%3DALNI_Mb2QYVxdfH-Z9WzUo8baZAqUa3ubg&gpic=UID%3D0000099948bdf7a6%3AT%3D1675146606%3ART%3D1675146606%3AS%3DALNI_MannawUGVH_sZv_3uATujNHK8EdSQ&prev_fmts=0x0%2C1150x280%2C1200x280&nras=4&correlator=6359631033286&frm=20&pv=1&ga_vid=961463959.1675146607&ga_sid=1675146607&ga_hid=535878897&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=3034&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071789%2C31071927%2C44779793&oid=2&pvsid=3767187551863985&tmod=2143684316&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=TAKKL51qpw&p=http%3A//a3.a3erf.com&dtd=13
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.93 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 06:30:08 GMT
content-length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame AADE 0
130 B 241ms
89ms Image
text/html 142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IVv-nbnN4bHk7KgEjKy-AIgbAu_noIKHYWY075_iSeXTh92fukzsomDLUQZTNURV4hZRv3

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 06:30:08 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 942A 1 KB
643 B 39ms
38ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 65990
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 12:10:18 GMT
etag: 48472445140208031
expires: Tue, 31 Jan 2023 12:10:18 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 8C00 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 35e8663d626ab5a28b1185ea1fcf9bcc24b7c7e57f58c49a9069a5b6aecb835e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C07E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

94ms
94ms

Document
text/html

2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 06:30:08 GMT
expires: Tue, 31 Jan 2023 06:30:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 06:30:08 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 8C00 28 KB
28 KB 36ms
35ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 17:04:17 GMT
x-content-type-options: nosniff
age: 134751
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 29 Jan 2024 17:04:17 GMT

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 33FE 28 KB
28 KB 39ms
38ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 17:04:17 GMT
x-content-type-options: nosniff
age: 134751
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 29 Jan 2024 17:04:17 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 942A
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEGBM0ZaQj1-HrzoU6Z2lAw0&google_cver=1&google_push=Aa02lx-LSSPBvEdfPpUQeTnL2duGBsLpg8ccyTMMuuc0NY3m_k1s1ewWRIB_Ts3UZ8sFNpjgydZqJgCtqv07z8s5...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx-LSSPBvEdfPpUQeTnL2duGBsLpg8ccyTMMuuc0NY3m_k1s1ewWRIB_Ts3UZ8sFNpjgydZqJgCtqv07z8s5R2bEyB7r18famdY

170 B
232 B

72ms
72ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx-LSSPBvEdfPpUQeTnL2duGBsLpg8ccyTMMuuc0NY3m_k1s1ewWRIB_Ts3UZ8sFNpjgydZqJgCtqv07z8s5R2bEyB7r18famdY

Requested by

Host: a3.a3erf.com
URL: http://a3.a3erf.com/

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 06:30:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 31 Jan 2023 06:30:08 GMT
Server: MT3 404 ce67235 master zrh-pixel-x5 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx-LSSPBvEdfPpUQeTnL2duGBsLpg8ccyTMMuuc0NY3m_k1s1ewWRIB_Ts3UZ8sFNpjgydZqJgCtqv07z8s5R2bEyB7r18famdY
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 31 Jan 2023 06:30:07 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 942A
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEACh_No3pndjTvSHTbizQ-w&google_cver=1&google_push=Aa02lx88qtYWHBYhHPXPHgtFXlf5Zvx2Gl12vii6cCLG9ktsytUOcjctPGRYhFasNhL0DxctfSBD7HGK...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEACh_No3pndjTvSHTbizQ-w&google_cver=1&google_push=Aa02lx88qtYWHBYhHPXPHgtFXlf5Zvx2Gl12vii6cCLG9ktsytUOcjctPGRYhFasNhL0DxctfSB...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njk4NjUyNTQ3NzIxNDg1MDcyNA&google_push=Aa02lx88qtYWHBYhHPXPHgtFXlf5Zvx2Gl12vii6cCLG9ktsytUOcjctPGRYhFasNhL0DxctfSBD7H...

170 B
232 B

89ms
88ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njk4NjUyNTQ3NzIxNDg1MDcyNA&google_push=Aa02lx88qtYWHBYhHPXPHgtFXlf5Zvx2Gl12vii6cCLG9ktsytUOcjctPGRYhFasNhL0DxctfSBD7HGKeyD8G_oXCQEWFNNYThisxg

Requested by

Host: a3.a3erf.com
URL: http://a3.a3erf.com/

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 06:30:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 31 Jan 2023 06:30:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Njk4NjUyNTQ3NzIxNDg1MDcyNA&google_push=Aa02lx88qtYWHBYhHPXPHgtFXlf5Zvx2Gl12vii6cCLG9ktsytUOcjctPGRYhFasNhL0DxctfSBD7HGKeyD8G_oXCQEWFNNYThisxg
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 942A
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEDEWAtGz3ah5bXlU13u_TE0&google_cver=1&google_push=Aa02lx9SmKKsjukS4pOpWyfO_pqQ4AeylsS5wS3nGGd_Qr8V3dEhaRF8uZZlmXRfLh8XISscWG9yazNibygE1XMs...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx9SmKKsjukS4pOpWyfO_pqQ4AeylsS5wS3nGGd_Qr8V3dEhaRF8uZZlmXRfLh8XISscWG9yazNibygE1XMsMRCdNubbvzW_onU

170 B
232 B

126ms
96ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx9SmKKsjukS4pOpWyfO_pqQ4AeylsS5wS3nGGd_Qr8V3dEhaRF8uZZlmXRfLh8XISscWG9yazNibygE1XMsMRCdNubbvzW_onU

Requested by

Host: a3.a3erf.com
URL: http://a3.a3erf.com/

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 06:30:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 31 Jan 2023 06:30:08 GMT
via: 1.1 ffdf2668ac264ec6d8784ccc7453073c.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P5
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx9SmKKsjukS4pOpWyfO_pqQ4AeylsS5wS3nGGd_Qr8V3dEhaRF8uZZlmXRfLh8XISscWG9yazNibygE1XMsMRCdNubbvzW_onU
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: 7CCYnsF-YjSaEY77Y7yQwbD1Lfcl_VJCyipaUyUHhUKJNbcq8dyF0Q==

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 942A
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEK...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=Aa02lx_RJJ1GkUTp9DHxvEgmI_Zn7_molNgBYgCXUEIhP7EjLPUuTz0U-MIdYO0D_1E_s0Y5xk_xS4XtnNfjecSZo6erUoq5Lc_ijg&redir=https%3A%2F%2Fcm.g.dou...
https://sync.targeting.unrulymedia.com/csync/RX-1c0c9864-270b-4507-b484-a5a85dea53c9-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAa02lx_RJJ1GkUTp9DHxvEgmI...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx_RJJ1GkUTp9DHxvEgmI_Zn7_molNgBYgCXUEIhP7EjLPUuTz0U-MIdYO0D_1E_s0Y5xk_xS4XtnNfjecSZo6erUoq5Lc_ijg&google_hm=AxwMmGQnC0UHtISlqF3qU8k

170 B
232 B

79ms
78ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx_RJJ1GkUTp9DHxvEgmI_Zn7_molNgBYgCXUEIhP7EjLPUuTz0U-MIdYO0D_1E_s0Y5xk_xS4XtnNfjecSZo6erUoq5Lc_ijg&google_hm=AxwMmGQnC0UHtISlqF3qU8k

Requested by

Host: a3.a3erf.com
URL: http://a3.a3erf.com/

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 06:30:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx_RJJ1GkUTp9DHxvEgmI_Zn7_molNgBYgCXUEIhP7EjLPUuTz0U-MIdYO0D_1E_s0Y5xk_xS4XtnNfjecSZo6erUoq5Lc_ijg&google_hm=AxwMmGQnC0UHtISlqF3qU8k
date: Tue, 31 Jan 2023 06:30:08 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX1c0c9864270b4507b484a5a85dea53c9003
content-type: text/html

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 942A
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEPpPmN5k5OVTlQUni1EBiaA&google_cver=1&google_push=Aa02lx-qJkTwc0IjIXcoq7jUhj5zM43b55h3pagv1coWoyGWQJBiH5fuuLTfKB90hr7_2X_AjrBBefxzNOyIFpL6sT9E0QzpQ2...
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx-qJkTwc0IjIXcoq7jUhj5zM43b55h3pagv1coWoyGWQJBiH5fuuLTfKB90hr7_2X_AjrBBefxzNOyIFpL6sT9E0QzpQ2n...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTQ4OTE5NDUxNzgwODg1OTYyNTAwNg%3D%3D&google_push=Aa02lx-qJkTwc0IjIXcoq7jUhj5zM43b55h3pagv1coWoyGWQJBiH5fu...

170 B
232 B

133ms
97ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTQ4OTE5NDUxNzgwODg1OTYyNTAwNg%3D%3D&google_push=Aa02lx-qJkTwc0IjIXcoq7jUhj5zM43b55h3pagv1coWoyGWQJBiH5fuuLTfKB90hr7_2X_AjrBBefxzNOyIFpL6sT9E0QzpQ2nk9A

Requested by

Host: a3.a3erf.com
URL: http://a3.a3erf.com/

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 06:30:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTQ4OTE5NDUxNzgwODg1OTYyNTAwNg%3D%3D&google_push=Aa02lx-qJkTwc0IjIXcoq7jUhj5zM43b55h3pagv1coWoyGWQJBiH5fuuLTfKB90hr7_2X_AjrBBefxzNOyIFpL6sT9E0QzpQ2nk9A
date: Tue, 31 Jan 2023 06:30:08 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame 942A 0
45 B 120ms
17ms Image
text/plain 185.86.139.93
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEDolvc3l5Rczy9cgiMI5Vcs&google_cver=1&google_push=Aa02lx9T0bjqfabckjpwh2nNmY7t24RMyNEqIoY3MrZNCA-UsKL-p4oStmmNpQlLRYWSQmjkHSxL0m9zLkeK6XejFJvnq2ml3Q1Qy3g
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7909474700583821&output=html&h=280&adk=3088186576&adf=1706824535&pi=t.aa~a.1697495260~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1675146607&rafmt=1&to=qs&pwprc=2234414854&format=1200x280&url=http%3A%2F%2Fa3.a3erf.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1675146607477&bpp=1&bdt=1669&idt=-M&shv=r20230125&mjsv=m202301250201&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dd9d07d0e05288ba2-22a2d4c27bdb00c0%3AT%3D1675146606%3ART%3D1675146606%3AS%3DALNI_Mb2QYVxdfH-Z9WzUo8baZAqUa3ubg&gpic=UID%3D0000099948bdf7a6%3AT%3D1675146606%3ART%3D1675146606%3AS%3DALNI_MannawUGVH_sZv_3uATujNHK8EdSQ&prev_fmts=0x0%2C1150x280&nras=3&correlator=6359631033286&frm=20&pv=1&ga_vid=961463959.1675146607&ga_sid=1675146607&ga_hid=535878897&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=2744&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071789%2C31071927%2C44779793&oid=2&pvsid=3767187551863985&tmod=2143684316&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=us5zgUuxJs&p=http%3A//a3.a3erf.com&dtd=9
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.93 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 06:30:08 GMT
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 942A
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEBROBOqgdXgy4ZtZRR4w8k0&google_cver=1&google_push=Aa02lx-46_JdD9sXp...
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEBROBOqgdXgy4ZtZRR4w8k0%26goo...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTQ3NjE0ODgyMjg4ODIwNDMxMQ%3D%3D&google_gid=CAESEBROBOqgdXgy4ZtZRR4w8k0&google_cver=1&google_push=Aa02lx-46_JdD9sXpITWYnwRd2mj-xMws9...

170 B
329 B

98ms
93ms

Image
image/png

142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTQ3NjE0ODgyMjg4ODIwNDMxMQ%3D%3D&google_gid=CAESEBROBOqgdXgy4ZtZRR4w8k0&google_cver=1&google_push=Aa02lx-46_JdD9sXpITWYnwRd2mj-xMws9E4jSMlSujlWiJSyJFco61k2XMpf0DkcpVJ57wdaG182Y7wiCBrqK_anPZ10MDGkOrYXryd

Requested by

Host: a3.a3erf.com
URL: http://a3.a3erf.com/

Protocol

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 06:30:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 31 Jan 2023 06:30:08 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.169; 185.213.155.169; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: dac7f2a4-c692-4e22-b1a8-98bf8a4b5023
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MTQ3NjE0ODgyMjg4ODIwNDMxMQ%3D%3D&google_gid=CAESEBROBOqgdXgy4ZtZRR4w8k0&google_cver=1&google_push=Aa02lx-46_JdD9sXpITWYnwRd2mj-xMws9E4jSMlSujlWiJSyJFco61k2XMpf0DkcpVJ57wdaG182Y7wiCBrqK_anPZ10MDGkOrYXryd
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 942A 0
49 B 191ms
90ms Image
text/html 142.251.208.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LbHlGxTDbh96-x7JEFAQIAfIAZK5Yz1wX5NkmIsqRUF9tSTxbwjNRQQc2wjlWNhPpkJWxTzA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.208.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s41-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 06:30:08 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 1Uo-GdYM8jmzkTe9Iw9agpx9XEOhCewo_y8ZrL7aHhw.js Show response
pagead2.googlesyndication.com/bg/ Frame F8A1 36 KB
14 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1Uo-GdYM8jmzkTe9Iw9agpx9XEOhCewo_y8ZrL7aHhw.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d54a3e19d60cf239b39137bd230f5a829c7d5c43a109ec28ff2f19acbeda1e1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 20:21:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 468538
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14301
x-xss-protection: 0
last-modified: Tue, 24 Jan 2023 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 Jan 2024 20:21:10 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 55ms
54ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230125&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c38096e22f24439cee93e129b8f4b817aeb588b78be916a79369fb810b8caf48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://a3.a3erf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 06:30:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11361
x-xss-protection: 0

GET
H3 200 1Uo-GdYM8jmzkTe9Iw9agpx9XEOhCewo_y8ZrL7aHhw.js Show response
pagead2.googlesyndication.com/bg/ Frame C9CE 36 KB
14 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1Uo-GdYM8jmzkTe9Iw9agpx9XEOhCewo_y8ZrL7aHhw.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d54a3e19d60cf239b39137bd230f5a829c7d5c43a109ec28ff2f19acbeda1e1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 20:21:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 468538
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14301
x-xss-protection: 0
last-modified: Tue, 24 Jan 2023 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 Jan 2024 20:21:10 GMT

GET
H3 200 1Uo-GdYM8jmzkTe9Iw9agpx9XEOhCewo_y8ZrL7aHhw.js Show response
pagead2.googlesyndication.com/bg/ Frame 7074 36 KB
14 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1Uo-GdYM8jmzkTe9Iw9agpx9XEOhCewo_y8ZrL7aHhw.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d54a3e19d60cf239b39137bd230f5a829c7d5c43a109ec28ff2f19acbeda1e1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 20:21:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 468538
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14301
x-xss-protection: 0
last-modified: Tue, 24 Jan 2023 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 Jan 2024 20:21:10 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 64ms
64ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://a3.a3erf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 06:30:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 31 Jan 2023 06:30:08 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CE0C 13 KB
5 KB 39ms
38ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://a3.a3erf.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 30086
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 22:08:42 GMT
expires: Tue, 30 Jan 2024 22:08:42 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 10CF 783 B
536 B 47ms
47ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

aea4dfcb16ed34c065c5a753bd7aa1221c64a78027044ffc9ee8de5f71a9175a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-VciE5pxbhUZbMBPNLPXQAQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://a3.a3erf.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-VciE5pxbhUZbMBPNLPXQAQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 31 Jan 2023 06:30:08 GMT
expires: Tue, 31 Jan 2023 06:30:08 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 1Uo-GdYM8jmzkTe9Iw9agpx9XEOhCewo_y8ZrL7aHhw.js Show response
pagead2.googlesyndication.com/bg/ Frame CE0C 36 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1Uo-GdYM8jmzkTe9Iw9agpx9XEOhCewo_y8ZrL7aHhw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d54a3e19d60cf239b39137bd230f5a829c7d5c43a109ec28ff2f19acbeda1e1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 20:21:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 468538
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14301
x-xss-protection: 0
last-modified: Tue, 24 Jan 2023 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 Jan 2024 20:21:10 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 10CF 0
0 73ms
72ms Image
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230125&jk=3767187551863985&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame CE0C 0
10 B 38ms
38ms Image
text/plain 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Tf7DYQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 06:30:08 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9CC7 42 B
64 B 74ms
74ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssMVavi6ooT0gFDFz4CfndMT9c69D7lWThTkVuhV49AgmFn1npsh0DtL-_x6-m8UHZ1huGC7sv_Ua95Og_FLhqdTMJpaG7MIaMTAX9T80vN9H1p-tYnOmsyrVWJVBEMIfTpoXKYiQ&sai=AMfl-YTBTUJ1HbojwLa6QIioSqk6hxFYlwN6bnjXT__DileRpVMoEK7YbnOkdnYtQagur-hBEI829A7NOTPdeG0&sig=Cg0ArKJSzFKKkyYdC0ilEAE&cid=CAQSGwDUE5ymJT_yg8wapADw9vyZ1QeBCqpqZcj9WxgBIBM&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=249,926,1000,1000,1000&tos=249,677,74,0,0&v=20230130&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&rst=1675146607554&rpt=546&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 06:30:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 75ms
75ms Image
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230125&jk=3767187551863985&bg=!yMuly4_NAAbFy4Ck5cs7ACkAdvg8WoHP9cpEmS1QO4ER6rBzWF_ipfwEI5AnEPRP48BhLZARqY1ewQIAAABEUgAAAAJoAQcKANYLxOgqqA1NJi8AJQAujaRPXFVfIzweQmQCXxQVEkNEcbw724TLrlTXzQoOTF_Uo8aRRBL-wGWLhZclSP0fdr844YoY44vSERr9wzyrXIh6CN4Um2unaRPn-0vvo8LlXxoRJHHYauFa0eQmsunNbilp6lsV1mN1feJq9vthp3Je8K7j5Rfvsi0amfi6PDHN87S38vEzmxJvjeM40RMFGGb93eoNYsGH87SrHA_zb3cpDYZTyuzF3WDL4c3kH7PyplTjUL3SN_mDHQHS2_GmSL2YzabltN4jmQKgCMDwWYddZ8BeoTl0gVIAuq-eeq_2jWqQPF35wTNS3-3yGU6HTs4tioiFTmaF92iJEyBT3GwP0796arAhMeogkraHFsLdqNRrZCUxronIPA9FleSCc0P6fd5YOob2WUc7Z9lAairxz5aNChcT0wSo3Da2YYoiK565bDWq5w7ToTAqjsZpZSTyrp0ymM6uPTfxJlCB5IUZe99efy1pMopulXysUUMnWjGoF8pmsyGSQ5SpGfkRuv4ESpqKjMKF9CDKGcQV0rrIsXYcNmzRtPzHZvX--OHJnErQLSkGtSIWjUJHw7U2yYix5X0dtbtueJqvsexPZbHXzrDCAGztZnibRUgcVhM3G_lDtyZSc7hngQIy-0PEcIQdCqnp5MeGhjgVjhZCVyLYHBNarffewxV_cAH8OLAfW7nF8uJ4Svq04qyroUUb3t4CvW1brg0O06ihAAkEdNdP-NK_p90ESEri3ULa-i_oSzpFR3l1a8onqyXHs-jAq_Nr8JEaWWuGWbqm6greZ0He0sUo0aDT-hCWAe_RFKq01xkdFLWvFvvXhWIfx9pP_g0OEpxr8N-YzDzEr-85VhI5dOHffKNo5T4VnaYB7WMhH1xEenYg2qaiEyNBjVfYknxxkgnbDAYAVYSCSzQF1tRJXhJlSqxilxgbEU1p3CRXcGOBmqHS9zHsqYRbvtp_G3C8J2msnt--98qMS81fqtlPxLcANOek5pCipiJx8Msqs6pQjbUXgAxUyHxFAArUGCsvjzmbfOVRVfBEo-uDiVgPfVpuyf3m2yqQlPbhAPDj4XDxGxb2JJkSpU5rNdGYa2iPMTvd_4u1biEKUiF_ShdVgQ25aYXoFgwk7uW0pFpJC7aTiqkFLixGNWfK1xL-FM9DvbbN4E8xYQun
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://a3.a3erf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D018 42 B
64 B 75ms
74ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstP5FziYhCVieiFeA7SlpjJS5zXD8-lZ7IP2AutqknkV47scbcxvD-aOU9zpT0sfbSZgVnYc8uV2ftQ5MeiabRjNjadLfeH8uqV1oi8krrNGFtpDvoSAK93pcUFjVKZv9pJvjn_LA&sai=AMfl-YR5ZVogKYG3nAN7TBpQcSpwUJb5Rx04PEJiCI7nwwUdR7vDaYcUV1gFkfxMFuW2boGPwM8DrIzKk36lI0c&sig=Cg0ArKJSzORDNCfVhIEOEAE&cid=CAQSGwDUE5ymYNDj5Sf5DkgEqRNV139r1hhZc7beExgBIBM&id=lidar2&mcvt=1000&p=0,0,280,1150&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230130&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=866474670&rs=2&la=1&cr=0&vs=4&r=v&rst=1675146606519&rpt=2124&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 31 Jan 2023 06:30:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.a3erf.com/	1970-01-20 18:40:42	Name: __gads Value: ID=d9d07d0e05288ba2-22a2d4c27bdb00c0:T=1675146606:RT=1675146606:S=ALNI_Mb2QYVxdfH-Z9WzUo8baZAqUa3ubg
.a3erf.com/	1970-01-20 18:40:42	Name: __gpi Value: UID=0000099948bdf7a6:T=1675146606:RT=1675146606:S=ALNI_MannawUGVH_sZv_3uATujNHK8EdSQ
.doubleclick.net/	1970-01-20 18:40:42	Name: IDE Value: AHWqTUkQ2UlcyPJwSWUYxasjNIwyeplk7ZqeaBeLjIjNNRp7A5zmK2qsO2V6NLkyGVk
.360yield.com/	1970-01-20 11:28:42	Name: tuuid Value: 011cbaad-cf3e-492c-9f78-b4637c1bed7f
.360yield.com/	1970-01-20 11:28:42	Name: tuuid_lu Value: 1675146608
.3lift.com/	1970-01-20 11:28:42	Name: tluid Value: 1489194517808859625006
.adnxs.com/	1970-01-20 11:28:42	Name: uuid2 Value: 1476148822888204311
.bidswitch.net/	1970-01-20 18:04:42	Name: tuuid Value: e1776874-5349-44c1-bd52-41e8983e51f3
.bidswitch.net/	1970-01-20 18:04:42	Name: c Value: 1675146608
.bidswitch.net/	1970-01-20 18:04:42	Name: tuuid_lu Value: 1675146608
.adform.net/	1970-01-20 09:59:25	Name: C Value: 1
.1rx.io/	1970-01-20 18:04:42	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-1c0c9864-270b-4507-b484-a5a85dea53c9-003%22%7D
.adform.net/	1970-01-20 10:45:30	Name: uid Value: 5404204986398308775
.mathtag.com/	1970-01-20 18:45:01	Name: uuid Value: 1a7163d8-b571-4b00-90f4-4d62c4400ce5
.mathtag.com/	1970-01-20 10:02:18	Name: mt_mop Value: 4:1675146609
.doubleclick.net/	1970-01-20 09:19:10	Name: DSID Value: NO_DATA
.targeting.unrulymedia.com/	1970-01-20 18:04:42	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-1c0c9864-270b-4507-b484-a5a85dea53c9-003%22%7D
.everesttech.net/	1970-01-20 18:04:42	Name: everest_g_v2 Value: g_surferid~Y9i1cAADfGU8kwAh
pool.admedo.com/	1970-01-20 18:04:42	Name: tuuid Value: 3b10442f-7df4-44c0-8520-be0311322f53
pool.admedo.com/	1970-01-20 18:04:42	Name: c Value: 1675146608
pool.admedo.com/	1970-01-20 18:04:42	Name: tuuid_lu Value: 1675146608
.tribalfusion.com/	1970-01-20 11:28:42	Name: ANON_ID Value: ainseFt3er76AxvPAB95x5W43MJh2TL1AcsWqo4VntaXypsNNn2sKZaJ0rGZdoiLokacW0ZaGNWHb0uMPJsvdXs

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://a3.a3erf.com/wp-content/uploads/2021/10/%D8%AD%D8%B3%D8%A7%D8%A8-%D8%AC%D9%88%D8%AC%D9%84-3-210x136.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://a3.a3erf.com/wp-content/uploads/2021/10/%D8%AA%D8%AD%D9%85%D9%8A%D9%84-%D9%88%D8%AA%D8%AB%D8%A8%D9%8A%D8%AA-%D9%88%D9%8A%D9%86%D8%AF%D9%88%D8%B2-11-1-210x136.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://a3.a3erf.com/wp-content/uploads/2021/10/%D8%AD%D8%B3%D8%A7%D8%A8-%D9%81%D9%8A%D8%B3%D8%A8%D9%88%D9%83-1-210x136.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAa02lx8j0pwEUUv5M_cTHMvrJkpe0gojPrCIFacbzXwXOjnwg1wylpQiFHw-bWUjcSoMMF3QQqBa2HMNV_YBY2stTRXFkheDptAEcwY&google_gid=CAESELZ56anGVhHrvOg3WNEvMlE&google_cver=1 Message: Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
a3.a3erf.com
a3erf.com
adservice.google.com
adservice.google.de
c1.adform.net
cm.g.doubleclick.net
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
id.rlcdn.com
match.360yield.com
pagead2.googlesyndication.com
partner.googleadservices.com
pool.admedo.com
s.ad.smaato.net
s.tribalfusion.com
secure.adnxs.com
ssbsync.smartadserver.com
static.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.mathtag.com
sync.targeting.unrulymedia.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
13.248.245.213
142.251.208.98
151.101.130.49
18.196.150.104
185.29.132.245
185.86.139.93
185.89.210.212
213.19.147.44
2600:9000:223f:6800:1b:5138:8a40:93a1
2606:4700:3033::6815:4f2b
2606:4700:3037::ac43:8ded
2606:4700::6812:18ad
2a00:1450:4001:800::2002
2a00:1450:4001:812::2002
2a00:1450:4001:813::2001
2a00:1450:4001:828::2003
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2003
2a00:1450:400d:802::2002
2a00:1450:400d:802::2006
2a00:1450:400d:807::2002
2a00:1450:400d:80d::2002
35.210.53.219
35.244.174.68
37.157.5.141
52.57.33.86
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
05d33bce3fc1753bcb9f94f51a7536cb621411492720236a663a7d28e2731359
0605693b886b3c0a448296cbe722641e3685d83b1ac0d114edbc1bcb5f61cdb6
076956289c202e94f3657469ef81a4d47dc69d2441d088de292918d6b07d30c9
07970172ef078d9a58aa9ed9e9b54dd1cfbfec021be21b0d0fc7484c5fd5a58a
0941eb45a475433b004b21d09089c2803182f2d31991d60f3faa37311bd382c4
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f1efaaac110c6b7b9b9a6d3224c0c9e169bd6a77049fef0d3e30c479659882c
1033d1f928bf0216a0c0473cac6da086ca3b525be551b96e2e53c0e63399a6ec
158d215666b3cec1bed39f25d4c0bc5b48ca549352c8162f9dab1e412e5caaea
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b
2366d883c61160f8353b12f037006506446066917bc18be52c7fa48398632b13
2827a1ea71fab1573db0cbc5f6866c39dd318b526df2bb683eddc2cad2eeee72
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2f4391e63aa844a75bd1dca47a2c8c6bbec78d94ccc7f8c0459bd227bdbdbd4a
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
35e8663d626ab5a28b1185ea1fcf9bcc24b7c7e57f58c49a9069a5b6aecb835e
3d83f096eeb619cb1344d1c7fea82732489895022646be23eced095137740b16
3f11e4c1a4e4d20870c8c10619144575b07e831360c47dceaf4ea631da8dba8c
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
47cfdd259a9a426b9778bd26a531768831f7bff6379f4b7a6ffb1f236d84edd3
484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e5cea11d89879256ceb7fa6b67d30d98e0357d89a171e21304ffb627aa2c6a4
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61abc4682c2f4636b1619f45b4941ddcbf41ff8c467e49380641f4cafc3132d4
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
656a08766471b98fc8b56c5720ceef43bc20f237789a0b636960577121976d39
679e44f9b4bbbc2ad0c4000c1413fd3a88627d83f1cba8ebdac26f81bc7edb78
682b9a643ebc5c5b7f54f802fe82d4d9117b6cdff3479110b81afdccfd6148c2
68eaf8ac60d0942a6bcee0b4538d7d50ebe41bd26e332550d05d8b9d37fa16e4
6b597bf422617af67b2ffe3e420f0fd2d9a01a3b95020e368c57b2a131151158
6f95fcff94e7872bd0a99e0f9b3882073e38763eb69583d12d94255c27a9ae86
71741a6859dfb711303d83a20f2f45faecd31f9dfe37d8849dd029457f0e2edd
8bd7e75c205b1650b2b9feb33de1565ec74c9213a030f287e5005e726daf9d6c
90fef9d0acae0cc250d08d7b98da896c6c0dc6bb33999ffce7819fad76e5ff02
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
962b5a0b1058fb793fa137b948d5751e208b016bd67b27f886ba1b888e3ef9c9
98a03cded6a2bd3976ad215e9f51af528f6be61edf3666ea4656e35a87f13687
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a402898a85d2a7c7fe6f7f182ebd8a89bb0d71af64b59a1bdd86a2831b5bbb68
a482b87b1055665d77c94492bf4739724380d45b00083575738386b2c7ee9d80
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
aea4dfcb16ed34c065c5a753bd7aa1221c64a78027044ffc9ee8de5f71a9175a
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b3df0aabb8e023fd77439bcdca47ae391bb21bd31458d102ee6e93b3fdba8438
b42a4fe774feecaeb0232427d1c2299bef572cf76ce35335652543bd12e87460
ba0c64f791270fde6dbc9212020a73600f5cad70def3c7bca4bfb725c38e1521
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c38096e22f24439cee93e129b8f4b817aeb588b78be916a79369fb810b8caf48
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c6e3fbb7605b3e090d7e156c449a305a472f725335d861c94d6237ad49966f21
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
d54a3e19d60cf239b39137bd230f5a829c7d5c43a109ec28ff2f19acbeda1e1c
d6be6985f0e1cb05ef87c81102a3c1de6a4074912b8bc83e90a0bf75a1ce90f4
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
da6e35fabdc2063e9a3b14e07c38ec051e5ff90931591f96604a887e06181bd4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e85ad06cb9f47411befa697cab43ea1505932901dad02d1165c6cb0506c50824
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a
f35e8425233d6bbed74a3e492460c07befe743ee84af742f326f48b8d73bd961
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce

a3.a3erf.com Open in urlscan Pro 2606:4700:3033::6815:4f2b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

161 Requests

79 %HTTPS

56 %IPv6

23 Domains

30 Subdomains

18 IPs

7 Countries

2563 kBTransfer

6152 kBSize

22 Cookies

5 Outgoing links

Redirected requests

161 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

a3.a3erf.com Open in urlscan Pro
2606:4700:3033::6815:4f2b Public Scan

Screenshot
Live screenshot

Full Image

161
Requests

79 %
HTTPS

56 %
IPv6

23
Domains

30
Subdomains

18
IPs

7
Countries

2563 kB
Transfer

6152 kB
Size

22
Cookies

161 HTTP transactions
7 data transactions