www.croxyproxy.com Open in urlscan Pro
64.227.120.231 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.croxyproxy.com/
Effective URL:
https://www.croxyproxy.com/
Submission: On July 19 via manual (July 19th 2022, 8:04:14 pm UTC) from MX — Scanned from DE

Summary HTTP 147 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 34 IPs in 5 countries across 21 domains to perform 147 HTTP transactions. The main IP is 64.227.120.231, located in Frankfurt am Main, Germany and belongs to DIGITALOCEAN-ASN, US. The main domain is www.croxyproxy.com. The Cisco Umbrella rank of the primary domain is 204034.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on June 13th 2022. Valid for: 3 months.

This is the only time www.croxyproxy.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	64.227.120.231 64.227.120.231	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	2606:4700:303... 2606:4700:3031::6815:5aa7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
23	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST)
4	2600:9000:231... 2600:9000:2315:a600:19:d208:7940:93a1	16509 (AMAZON-02) (AMAZON-02)
5	104.75.88.126 104.75.88.126	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	23.35.237.151 23.35.237.151	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.244.42.8 104.244.42.8	13414 (TWITTER) (TWITTER)
1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0d::9d	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223f:1600:11:af01:b40:93a1	16509 (AMAZON-02) (AMAZON-02)
3 5	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1	143.204.215.89 143.204.215.89	16509 (AMAZON-02) (AMAZON-02)
2 4	13.32.99.27 13.32.99.27	16509 (AMAZON-02) (AMAZON-02)
4 4	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
4 4	37.157.6.246 37.157.6.246	198622 (ADFORM) (ADFORM)
2	13.32.99.15 13.32.99.15	16509 (AMAZON-02) (AMAZON-02)
27	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4006:808::2003	15169 (GOOGLE) (GOOGLE)
1	173.194.76.154 173.194.76.154	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:63::8	15169 (GOOGLE) (GOOGLE)
3	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
147	34

2 64.227.120.231 (Frankfurt am Main, Germany) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

www.croxyproxy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3031::6815:5aa7 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.croxyproxy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.blockaway.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2315:a600:19:d208:7940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.75.88.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.151 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-151.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.8 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0d::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:1600:11:af01:b40:93a1 (United States)

ASN16509 (AMAZON-02, US)

tag.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-89.fra53.r.cloudfront.net

visitanalytics.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.32.99.27 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-27.fra60.r.cloudfront.net

cdw-dcl.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.66 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.6.246 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.99.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-15.fra60.r.cloudfront.net

audex.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4006:808::2003 (Ireland)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.194.76.154 (United States)

ASN15169 (GOOGLE, US)
PTR: ws-in-f154.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:63::8 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r3---sn-4g5e6nsr.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
52	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 128 tpc.googlesyndication.com — Cisco Umbrella Rank: 166 ade.googlesyndication.com — Cisco Umbrella Rank: 283	644 KB
28	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 67 stats.g.doubleclick.net — Cisco Umbrella Rank: 138 cm.g.doubleclick.net — Cisco Umbrella Rank: 223 bid.g.doubleclick.net — Cisco Umbrella Rank: 523 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 313	159 KB
13	gstatic.com www.gstatic.com fonts.gstatic.com csi.gstatic.com	113 KB
12	userreport.com 2 redirects cdn.userreport.com — Cisco Umbrella Rank: 30125 tag.userreport.com — Cisco Umbrella Rank: 20402 visitanalytics.userreport.com — Cisco Umbrella Rank: 16537 cdw-dcl.userreport.com — Cisco Umbrella Rank: 35342 audex.userreport.com — Cisco Umbrella Rank: 3687	90 KB
7	google.com 3 redirects adservice.google.com — Cisco Umbrella Rank: 103 www.google.com — Cisco Umbrella Rank: 17	2 KB
6	twitter.com platform.twitter.com — Cisco Umbrella Rank: 720 syndication.twitter.com — Cisco Umbrella Rank: 967	152 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 81 imasdk.googleapis.com — Cisco Umbrella Rank: 439	129 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 196	170 KB
4	adform.net 4 redirects dmp.adform.net — Cisco Umbrella Rank: 4474	2 KB
4	addthis.com s7.addthis.com — Cisco Umbrella Rank: 1654 m.addthis.com — Cisco Umbrella Rank: 1555	217 KB
4	croxyproxy.com 1 redirects www.croxyproxy.com — Cisco Umbrella Rank: 204034 cdn.croxyproxy.com — Cisco Umbrella Rank: 343957	267 KB
3	2mdn.net 1 redirects gcdn.2mdn.net — Cisco Umbrella Rank: 1062 r3---sn-4g5e6nsr.c.2mdn.net — Cisco Umbrella Rank: 976271	2 MB
3	google.de adservice.google.de — Cisco Umbrella Rank: 6937 www.google.de — Cisco Umbrella Rank: 4915	1 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 69	20 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 101	124 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 957	646 B
1	addthisedge.com v1.addthisedge.com — Cisco Umbrella Rank: 1895	775 B
1	moatads.com z.moatads.com — Cisco Umbrella Rank: 470	1 KB
1	blockaway.net cdn.blockaway.net — Cisco Umbrella Rank: 249657	1 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 258	355 KB
0	Failed function sub() { [native code] }. Failed
147	21

	Domain	Requested by
27	tpc.googlesyndication.com	googleads.g.doubleclick.net imasdk.googleapis.com tpc.googlesyndication.com pagead2.googlesyndication.com
22	pagead2.googlesyndication.com	www.croxyproxy.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
21	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
5	fonts.gstatic.com	fonts.googleapis.com
5	www.google.com	3 redirects www.croxyproxy.com tpc.googlesyndication.com
4	csi.gstatic.com	imasdk.googleapis.com
4	www.gstatic.com	googleads.g.doubleclick.net
4	www.googletagservices.com	googleads.g.doubleclick.net
4	dmp.adform.net	4 redirects
4	cm.g.doubleclick.net	4 redirects
4	cdw-dcl.userreport.com	2 redirects www.croxyproxy.com
4	cdn.userreport.com	www.croxyproxy.com cdn.userreport.com
4	platform.twitter.com	www.croxyproxy.com platform.twitter.com
3	ade.googlesyndication.com
3	fonts.googleapis.com	googleads.g.doubleclick.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	s7.addthis.com	cdn.blockaway.net s7.addthis.com
3	www.googletagmanager.com	www.croxyproxy.com www.googletagmanager.com
2	r3---sn-4g5e6nsr.c.2mdn.net	www.croxyproxy.com
2	imasdk.googleapis.com	googleads.g.doubleclick.net
2	audex.userreport.com	www.croxyproxy.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	syndication.twitter.com	platform.twitter.com www.croxyproxy.com
2	cdn.croxyproxy.com	www.croxyproxy.com
2	www.croxyproxy.com	1 redirects
1	googleads4.g.doubleclick.net
1	gcdn.2mdn.net	1 redirects
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	visitanalytics.userreport.com	www.croxyproxy.com
1	www.google.de	www.croxyproxy.com
1	tag.userreport.com	cdn.userreport.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	z.moatads.com	s7.addthis.com
1	cdn.blockaway.net	www.croxyproxy.com
1	cdnjs.cloudflare.com	www.croxyproxy.com
0	docbehmolikiogjomonmfieaidgfcbpc Failed	www.croxyproxy.com
0	haanbmjmhcofgngkioelkdablmmmbhoo Failed	www.croxyproxy.com
0	ckjnnmdnpicjmpmcheonhjhbhamjclhi Failed	www.croxyproxy.com
0	djpehmepgepfpoiaendmglmnjmmfalio Failed	www.croxyproxy.com
0	lmmpgfjnchldhcieiiegcpdmaidkaanb Failed	www.croxyproxy.com
147	44

This site contains links to these domains. Also see Links.

Domain
www.patreon.com
chrome.google.com
github.com
twitter.com
reflect4.me

Subject Issuer	Validity	Valid
c.cpfrx.info ZeroSSL RSA Domain Secure Site CA	`2022-06-13` - `2022-09-11`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-01` - `2023-06-01`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
*.userreport.com Amazon	`2022-01-19` - `2023-02-17`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-27` - `2023-02-28`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-11-27` - `2022-11-29`	a year	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2022-07-12` - `2022-09-20`	2 months	crt.sh

This page contains 23 frames:

Primary Page: https://www.croxyproxy.com/
Frame ID: 06A0E82E1BBD0FCA0EB4CBE6728EC1EC
Requests: 42 HTTP requests in this frame

Frame: https://cdn.blockaway.net/buttons/aHR0cHM6Ly93d3cuY3JveHlwcm94eS5jb20=
Frame ID: 697425D2F6DC59608E9B406F09A7F8D0
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220718/r20190131/zrt_lookup.html
Frame ID: 0A5EDD1766F2136C52B2C62EDCEB354E
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.f39f39d5e1aec76c12af50a9a19e4fee.html?origin=https%3A%2F%2Fwww.croxyproxy.com
Frame ID: FD4CE8413E47B5F5C31BFB5042A3A610
Requests: 2 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: EAB27C4400CA7701F1CD5F5FAF4F7A67
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 82D4677F36BB65D82133C9DC9DBBD430
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4989892168778415&output=html&h=280&slotname=6586196016&adk=879348656&adf=399592571&pi=t.ma~as.6586196016&w=336&fwrn=1&fwrnh=100&lmt=1658261049&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwww.croxyproxy.com%2F&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658261048882&bpp=4&bdt=340&idt=185&shv=r20220718&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&correlator=6082819289803&frm=20&pv=2&ga_vid=1720127308.1658261049&ga_sid=1658261049&ga_hid=1560700570&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=452&ady=455&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C31068390%2C42531606&oid=2&pvsid=4414199030543765&tmod=708258018&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=JVOZYnmFFh&p=https%3A//www.croxyproxy.com&dtd=199
Frame ID: B44B02E1CF0717481B2CCC76A12E356C
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4989892168778415&output=html&h=280&slotname=9093342801&adk=250807456&adf=519650642&pi=t.ma~as.9093342801&w=336&fwrn=1&fwrnh=100&lmt=1658261049&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwww.croxyproxy.com%2F&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658261048886&bpp=1&bdt=344&idt=206&shv=r20220718&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=6082819289803&frm=20&pv=1&ga_vid=1720127308.1658261049&ga_sid=1658261049&ga_hid=1560700570&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=813&ady=455&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C31068390%2C42531606&oid=2&pvsid=4414199030543765&tmod=708258018&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=U9bS0QcgZK&p=https%3A//www.croxyproxy.com&dtd=209
Frame ID: E3238469B78EAC350C74776D38EDDD3A
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4989892168778415&output=html&adk=1812271804&adf=3025194257&lmt=1658261049&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.croxyproxy.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658261048887&bpp=1&bdt=345&idt=211&shv=r20220718&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280&nras=1&correlator=6082819289803&frm=20&pv=1&ga_vid=1720127308.1658261049&ga_sid=1658261049&ga_hid=1560700570&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C31068390%2C42531606&oid=2&pvsid=4414199030543765&tmod=708258018&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=221
Frame ID: 73E5B8E80C297E5C690123647015B2F5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4989892168778415&output=html&h=280&slotname=8350989238&adk=92410651&adf=2170088206&pi=t.ma~as.8350989238&w=750&fwrn=1&fwrnh=100&lmt=1658261049&rafmt=1&psa=0&format=750x280&url=https%3A%2F%2Fwww.croxyproxy.com%2F&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658261048887&bpp=1&bdt=345&idt=230&shv=r20220718&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280%2C0x0&nras=1&correlator=6082819289803&frm=20&pv=1&ga_vid=1720127308.1658261049&ga_sid=1658261049&ga_hid=1560700570&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=826&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C31068390%2C42531606&oid=2&pvsid=4414199030543765&tmod=708258018&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=XcyYynkltq&p=https%3A//www.croxyproxy.com&dtd=233
Frame ID: 93492BCB6B38B12311849682E67F185A
Requests: 29 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4989892168778415&output=html&h=280&slotname=5081542653&adk=1284609407&adf=3177331638&pi=t.ma~as.5081542653&w=750&fwrn=1&fwrnh=100&lmt=1658261049&rafmt=1&psa=0&format=750x280&url=https%3A%2F%2Fwww.croxyproxy.com%2F&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658261048888&bpp=1&bdt=347&idt=245&shv=r20220718&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280%2C0x0%2C750x280&nras=1&correlator=6082819289803&frm=20&pv=1&ga_vid=1720127308.1658261049&ga_sid=1658261049&ga_hid=1560700570&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=1554&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C31068390%2C42531606&oid=2&pvsid=4414199030543765&tmod=708258018&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=6pymQEMDtn&p=https%3A//www.croxyproxy.com&dtd=248
Frame ID: A7AE842E6F1C11AF996F4DEE666995FC
Requests: 9 HTTP requests in this frame

Frame: https://tag.userreport.com/server.html
Frame ID: B4A0B0EC237B03DD929B380EAC5188BF
Requests: 4 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/follow_button.f39f39d5e1aec76c12af50a9a19e4fee.en.html
Frame ID: B3FDB7886580A1649E4F24C97D6ADDFF
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220718/r20110914/zrt_lookup.html?fsb=1
Frame ID: 160BBD825A72E00E03C36954C725BC4A
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 7664539216F1BF84206E80876BE3D7BC
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E80647E4F3E1B8C93B66AAA8BC095D92
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Jb5du1wVqba4or3nurh6HQr9svaNG92rNWcoGauPISE.js
Frame ID: 5181C7F5D00AFCF74301812609C08E64
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Jb5du1wVqba4or3nurh6HQr9svaNG92rNWcoGauPISE.js
Frame ID: 2873DD4D6649CC09650785A27F1251E3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: AD0E5303A914DCFE43231CCACCCF7F31
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: A61B8EC8804EE9DCF385B35CABC1B9B8
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Jb5du1wVqba4or3nurh6HQr9svaNG92rNWcoGauPISE.js
Frame ID: 2A40EDE04A8F0BAD2F3FD6B503C62384
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 05F0767AB937327C76116118B8FFE3EB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 61180CEE1D1D8D854B4DB2FA455D66C6
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Free web proxy and the most advanced online proxy | CroxyProxy

Page URL History Show full URLs

http://www.croxyproxy.com/ HTTP 301
https://www.croxyproxy.com/ Page URL

Detected technologies

AddThis (Widgets) Expand

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

Page Statistics

147
Requests

93 %
HTTPS

64 %
IPv6

21
Domains

44
Subdomains

34
IPs

5
Countries

4722 kB
Transfer

9453 kB
Size

14
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.patreon.com/croxyproxy?fan_landing=true
Title: Get premium access

Search URL Search Domain Scan URL

URL: https://chrome.google.com/webstore/detail/croxyproxy-free-web-proxy/lmmpgfjnchldhcieiiegcpdmaidkaanb
Title: from Chrome web store

Search URL Search Domain Scan URL

URL: https://github.com/croxy-proxy-official/extension
Title: manually

Search URL Search Domain Scan URL

URL: https://twitter.com/croxy_proxy
Title: @croxy_proxy Twitter

Search URL Search Domain Scan URL

URL: https://reflect4.me/register?utm_source=front_top_banner
Title: Configure your personal web proxy for free and share it with friends!

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.croxyproxy.com/ HTTP 301
https://www.croxyproxy.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46

https://cdw-dcl.userreport.com/gs/init/pixel.gif HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=userreport_ddp&google_cm&google_hm=ZTI2NTI1ZDEtYTUzNTlhYWZmMTAzLTliY2FhOWQwNTNmNQ== HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=userreport_ddp&google_cm=&google_hm=ZTI2NTI1ZDEtYTUzNTlhYWZmMTAzLTliY2FhOWQwNTNmNQ==&google_tc= HTTP 302
https://cdw-dcl.userreport.com/gs/receive?google_gid=CAESELgRMdvcOD_JK9sY4ZKwraw&google_cver=1

Request Chain 47

https://dmp.adform.net/serving/cookie/match/?party=1001&cid=db4b0d46-fe0b-4534-8014-ab0ff4f73095&Today=20220719 HTTP 302
https://dmp.adform.net/serving/cookie/match/?CC=1&party=1001&cid=db4b0d46-fe0b-4534-8014-ab0ff4f73095&Today=20220719 HTTP 302
https://audex.userreport.com/sync/put/adform?adfusr=3833297868981837446

Request Chain 53

https://cdw-dcl.userreport.com/gs/init/pixel.gif HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=userreport_ddp&google_cm&google_hm=ZTI2NTI1ZDEtYTUzNTlhYWZmMTAzLTliY2FhOWQwNTNmNQ== HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=userreport_ddp&google_cm=&google_hm=ZTI2NTI1ZDEtYTUzNTlhYWZmMTAzLTliY2FhOWQwNTNmNQ==&google_tc= HTTP 302
https://cdw-dcl.userreport.com/gs/receive?google_gid=CAESECQHwerMruwd7zabLpYvgks&google_cver=1

Request Chain 54

https://dmp.adform.net/serving/cookie/match/?party=1001&cid=db4b0d46-fe0b-4534-8014-ab0ff4f73095 HTTP 302
https://dmp.adform.net/serving/cookie/match/?CC=1&party=1001&cid=db4b0d46-fe0b-4534-8014-ab0ff4f73095 HTTP 302
https://audex.userreport.com/sync/put/adform?adfusr=7874544230180438437

Request Chain 101

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 111

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 121

https://gcdn.2mdn.net/videoplayback/id/42720a6f925d66fd/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3800868504/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/329BFF2BC8B712795DC1BAE77A3462FF5B7B9728.6692B305700B6C8DC21691B142677512921A1F32/key/ck2/file/file.mp4 HTTP 302
https://r3---sn-4g5e6nsr.c.2mdn.net/videoplayback/id/42720a6f925d66fd/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3800868504/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/55E26CD6528B9CA626C6A323B56D25E72A97BD5A.79B36F4155C20FE9952A34DBF5CDFD53D2CDEDAE/key/cms1/cms_redirect/yes/mh/3f/mip/2001:1b60:1010:3:1011:899:8413:dda1/mm/42/mn/sn-4g5e6nsr/ms/onc/mt/1658259666/mv/u/mvi/3/pl/29/file/file.mp4

Request Chain 126

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

147 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.croxyproxy.com/
Redirect Chain

http://www.croxyproxy.com/
https://www.croxyproxy.com/

270 KB
65 KB

117ms
69ms

Document
text/html

64.227.120.231
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://www.croxyproxy.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

64.227.120.231 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

a1ca3d513297f3d2ec676bcd89d5651dd83f4279251640f668c917c9e9997343

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-eval' 'unsafe-inline'; object-src https:
Strict-Transport-Security	max-age=0 max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: https://www.croxyproxy.com
content-encoding: gzip
content-security-policy: default-src https: data: 'unsafe-eval' 'unsafe-inline'; object-src https:
content-type: text/html; charset=UTF-8
date: Tue, 19 Jul 2022 20:04:08 GMT
server: nginx
strict-transport-security: max-age=0 max-age=15768000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Tue, 19 Jul 2022 20:04:08 GMT
Location: https://www.croxyproxy.com/
Server: nginx
Strict-Transport-Security: max-age=15768000; includeSubDomains

GET
H2 200 __cpa.mainAsync.js Show response
cdn.croxyproxy.com/assets/ 996 KB
190 KB 97ms
42ms Script
application/javascript 2606:4700:3031::6815:5aa7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.croxyproxy.com/assets/__cpa.mainAsync.js?dummy=753abc9f0b91e5b160072ad573e50c98

Requested by

Host: www.croxyproxy.com
URL: https://www.croxyproxy.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:5aa7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8600ac725c29cc9b3e0e71a22ad384e6c42a2f088c49bab84d366ff91bd63868

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.croxyproxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 20:04:08 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5987
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 21 Jun 2022 15:27:07 GMT
server: cloudflare
etag: W/"62b1e34b-f908e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f2dxxD8W4fL5LR5M954oEMLAxdG0beFCgEEP4JOroBQu37bOFeseO0LTMOeKm3osW%2Fm1mVTSjHmpmVi81cB9auwPLGrIxBlHvHCD5a3CXTcPi8GMXJ%2FcLFBT4SCK2OzKFD7wddoMNaEZlFjEBZySat4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 72d6108208c0915f-FRA

GET
H2 200 all.min.js Show response
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/js/ 1 MB
355 KB 77ms
30ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/js/all.min.js

Requested by

Host: www.croxyproxy.com
URL: https://www.croxyproxy.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20a3ef6979bbe5e4de1afaecc703e1d34cbc5e3ceab36d378539506327692d72

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.croxyproxy.com/
Origin: https://www.croxyproxy.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 20:04:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5361637
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 362308
timing-allow-origin: *
last-modified: Mon, 05 Oct 2020 17:43:59 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f7b5b5f-123bd0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MYJsCn%2BPz0kL3wOeiF0NRQ4z7RpNTteNpMCgLE3lfOlMRosN6VWuAJoGbMwOtkbyqVr%2BeUxMUcfCucWgqHRKNoOTYf%2BJ85%2Br9ddCg751ME3c1mvuLfYzxP5T1DhGCSl31L4MhqJatEPbEsqtNPG%2B3cFA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 72d61081f883914a-FRA
expires: Sun, 09 Jul 2023 20:04:08 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 107 KB
41 KB 109ms
61ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-111548442-12

Requested by

Host: www.croxyproxy.com
URL: https://www.croxyproxy.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

418f40e2f98d71f923f4be59df3b7e021a237a76105891c7d93fafb3f3090069

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.croxyproxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 20:04:08 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42043
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 19 Jul 2022 20:04:08 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 107 KB
41 KB 86ms
38ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-111548442-4

Requested by

Host: www.croxyproxy.com
URL: https://www.croxyproxy.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b84e77cbaa895622c2fad9a99865ad9a9508c1fb370b72dad56a2829bbfc3eb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.croxyproxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 20:04:08 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41996
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 19 Jul 2022 20:04:08 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8c527240491ebcd30d2f3f131422d5a5d10a57da26d0f17b93fdd7ba7a3ec9f0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 logo.png
cdn.croxyproxy.com/images/ 12 KB
13 KB 74ms
30ms Image
image/png 2606:4700:3031::6815:5aa7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.croxyproxy.com/images/logo.png

Requested by

Host: www.croxyproxy.com
URL: https://www.croxyproxy.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3031::6815:5aa7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b09d436fe2c56cf42bb403f4ed2f6dd14ee897d4194c3b609f20ff604c9c3e59

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.croxyproxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 20:04:08 GMT
cf-cache-status: HIT
last-modified: Tue, 21 Jun 2022 15:25:42 GMT
server: cloudflare
age: 934
etag: W/"62b1e2f6-31a9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sNAJBTm5WZ96YmepyKu1EjXh21yHJBb%2BMG%2BhW4DHdUDUx8PQ6%2FUQOEAkkFlv%2FK7iDsOVdFoGizrenk%2FXdV9m23zJUBeJxY62wLFwHFOMPnx1KvduO3O9tMsWzuf%2Fh4vWA8tsnlz9xc%2BItQdAcuZ8f40%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
cf-ray: 72d6108208bd915f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 165 KB
56 KB 103ms
55ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.croxyproxy.com
URL: https://www.croxyproxy.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4cfe75789fc7f1119379e9ed88ea21440c1572a0c2292f8e1ef9fc2f16074ec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.croxyproxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 20:04:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56567
x-xss-protection: 0
server: cafe
etag: 7803127793432237316
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 19 Jul 2022 20:04:08 GMT

GET
H2 200 aHR0cHM6Ly93d3cuY3JveHlwcm94eS5jb20= Show response
cdn.blockaway.net/buttons/ Frame 6974 2 KB
1 KB 85ms
31ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.blockaway.net/buttons/aHR0cHM6Ly93d3cuY3JveHlwcm94eS5jb20=

Requested by

Host: www.croxyproxy.com
URL: https://www.croxyproxy.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

069c81d3601088f444901b1efbed69d35a0594d021c55f7bd456df54a117ff31

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-eval' 'unsafe-inline'; object-src https:
Strict-Transport-Security	max-age=0 max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: https://cdn.blockaway.net
age: 4072
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 72d610821e868fc5-FRA
content-encoding: br
content-security-policy: default-src https: data: 'unsafe-eval' 'unsafe-inline'; object-src https:
content-type: text/html; charset=UTF-8
date: Tue, 19 Jul 2022 20:04:08 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Tue, 19 Jul 2022 17:33:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OpqsdsRQl0wwcEv%2BN2%2BPiLvW6HHYWYS0dfxJ8AxW6X23aqMTg6fBwsAwlJjFLB5BVD7Zv7QqRbYMb4EFayLKQFP96sL17kRmLXetIalNVvL2fJ8nsFG9A8KLlWArdxIDz3%2FpZCoOD8dTzGnQrbaJ6A%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0 max-age=15768000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 97 KB
29 KB 150ms
21ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.croxyproxy.com
URL: https://www.croxyproxy.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/669F) /
Resource Hash: d9a6e71441811bf8ad12d3fdd93bf7dc4a187a9de4982996189e90cd6ba295b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.croxyproxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 19 Jul 2022 20:04:08 GMT
Content-Encoding: gzip
Age: 900
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Content-Length: 29251
x-tw-cdn: VZ
Last-Modified: Mon, 11 Jul 2022 23:29:05 GMT
Server: ECS (frb/669F)
Etag: "6bd810ca00e69f1e65a4c1093054e30c+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H2 200 userreport.js Show response
cdn.userreport.com/ 239 KB
71 KB 88ms
26ms Script
application/x-javascript 2600:9000:2315:a600:19:d208:7940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userreport.com/userreport.js
Requested by: Host: www.croxyproxy.com
URL: https://www.croxyproxy.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:a600:19:d208:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bc53f2d02646c9adf5a0a2207aa37782253372565ec18928a849766f7a432772

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.croxyproxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: KmyVw9XfHwaFpaMM28B2YID1fxbBaAJq
content-encoding: gzip
last-modified: Tue, 09 Nov 2021 11:28:30 GMT
server: AmazonS3
age: 2581
etag: "04d68f82c66f6b3ec08bae4aa4be2487"
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 b6b3463eedbd4b446fd969736178bf98.cloudfront.net (CloudFront)
cache-control: max-age=3600
date: Tue, 19 Jul 2022 19:21:08 GMT
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
content-length: 72520
x-amz-cf-id: TfAOALeGXguNn_KaN2PuxaVydCBQRpBKY8YL6jkMRojc5So5CTCBQA==

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ Frame 6974 353 KB
114 KB 150ms
39ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: cdn.blockaway.net
URL: https://cdn.blockaway.net/buttons/aHR0cHM6Ly93d3cuY3JveHlwcm94eS5jb20=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.blockaway.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
date: Tue, 19 Jul 2022 20:04:08 GMT
x-host: s7.addthis.com
content-length: 116451

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 107 KB
41 KB 35ms
34ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-111548442-12&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-111548442-4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c8b88111616dc58d757e3bdbd3057cc8bd8afc861f9e71bd29c74398d8b9d1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.croxyproxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 20:04:08 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42113
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 19 Jul 2022 20:04:08 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 69ms
20ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-111548442-4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.croxyproxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 3728
date: Tue, 19 Jul 2022 19:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 19 Jul 2022 21:02:00 GMT

GET test.png
lmmpgfjnchldhcieiiegcpdmaidkaanb/shared/images/ 0
0

GET test.png
djpehmepgepfpoiaendmglmnjmmfalio/shared/images/ 0
0

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207130101/ 340 KB
120 KB 94ms
52ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4989892168778415&plah=www.croxyproxy.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fb27dedaec7ab90d33283b1751e55cf6eeeb9ea3ee75c3ef567ec6df774420e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.croxyproxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 20:04:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122715
x-xss-protection: 0
server: cafe
etag: 7027408408634622360
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 19 Jul 2022 20:04:08 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220718/r20190131/ Frame 0A5E 10 KB
5 KB 68ms
21ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220718/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.croxyproxy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 69961
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Jul 2022 00:38:07 GMT
etag: 8616628553774171045
expires: Tue, 02 Aug 2022 00:38:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET test.png
ckjnnmdnpicjmpmcheonhjhbhamjclhi/shared/images/ 0
0

GET test.png
haanbmjmhcofgngkioelkdablmmmbhoo/shared/images/ 0
0

GET
H/1.1 200
OK widget_iframe.f39f39d5e1aec76c12af50a9a19e4fee.html Show response
platform.twitter.com/widgets/ Frame FD4C 320 KB
104 KB 21ms
21ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.f39f39d5e1aec76c12af50a9a19e4fee.html?origin=https%3A%2F%2Fwww.croxyproxy.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6712) /
Resource Hash: 4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer: https://www.croxyproxy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 900
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105435
Content-Type: text/html; charset=utf-8
Date: Tue, 19 Jul 2022 20:04:08 GMT
Etag: "95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified: Mon, 11 Jul 2022 22:43:33 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6712)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H2 200 settings.js Show response
cdn.userreport.com/w_711722bf-8d17-4423-979e-bc7e656808cf/ 5 KB
2 KB 119ms
118ms Script
text/javascript 2600:9000:2315:a600:19:d208:7940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userreport.com/w_711722bf-8d17-4423-979e-bc7e656808cf/settings.js
Requested by: Host: cdn.userreport.com
URL: https://cdn.userreport.com/userreport.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:a600:19:d208:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6b8117a56d756ce4021f0773d384069aac7187ab701e9226c5f78e355e304e6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.croxyproxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: 6kahkgKu_51dAUeHjDQPWKFfqN0mQxrD
content-encoding: gzip
last-modified: Tue, 23 Feb 2021 15:03:57 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P2
etag: "a5e8271d062b5a95dc648db5e2547e0d"
x-cache: RefreshHit from cloudfront
content-type: text/javascript
via: 1.1 b6b3463eedbd4b446fd969736178bf98.cloudfront.net (CloudFront)
cache-control: max-age=0
date: Tue, 19 Jul 2022 20:04:10 GMT
accept-ranges: bytes
content-length: 1676
x-amz-cf-id: ihAndm0mm_Ya22lDkA7sSE0P_9dwi3HzpyM6IPQrINlbcGAD7JCJgg==

GET test.png
docbehmolikiogjomonmfieaidgfcbpc/shared/images/ 0
0

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ Frame 6974 2 KB
1 KB 77ms
20ms Script
application/x-javascript 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.blockaway.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 20:04:09 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=30946
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 72ms
28ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1560700570&t=pageview&_s=1&dl=https%3A%2F%2Fwww.croxyproxy.com%2F&ul=en-us&de=UTF-8&dt=Free%20web%20proxy%20and%20the%20most%20advanced%20online%20proxy%20%7C%20CroxyProxy&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=837372204&gjid=1068634022&cid=1720127308.1658261049&tid=UA-111548442-4&_gid=1996062922.1658261049&_r=1&gtm=2ou7i0&z=625494316

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.croxyproxy.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 19 Jul 2022 20:04:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.croxyproxy.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 69ms
29ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1560700570&t=pageview&_s=1&dl=https%3A%2F%2Fwww.croxyproxy.com%2F&ul=en-us&de=UTF-8&dt=Free%20web%20proxy%20and%20the%20most%20advanced%20online%20proxy%20%7C%20CroxyProxy&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAAC~&jid=260240696&gjid=350725686&cid=1720127308.1658261049&tid=UA-111548442-12&_gid=1996062922.1658261049&_r=1&gtm=2ou7i0&z=903944143

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.croxyproxy.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 19 Jul 2022 20:04:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.croxyproxy.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-5c7f678b056ca9f1/ Frame 6974 2 KB
775 B 122ms
115ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-5c7f678b056ca9f1/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d60a64393c2cddc96ee641c63c946323bec501f57852db8397fb9a43bee430f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.blockaway.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 20:04:09 GMT
content-encoding: gzip
etag: 2124313244--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=22, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 599

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ Frame 6974 89 B
249 B 718ms
696ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=62d70e3836657315&bkl=0&bl=1&pdt=117&sid=62d70e3836657315&pub=ra-5c7f678b056ca9f1&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=cdn.blockaway.net&fp=buttons%2FaHR0cHM6Ly93d3cuY3JveHlwcm94eS5jb20%3D&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1658261049023&jsl=0&skipb=1&callback=addthis.cbs.jsonp__68581124104614210
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 5c2b1b052e39ff32c00f7f743274c3f853601a19cc0c194b4d392f82427a2b04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.blockaway.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Jul 2022 20:04:09 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 89
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame EAB2 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame 82D4 71 KB
26 KB 69ms
69ms Document
text/html 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://cdn.blockaway.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=86313600
content-encoding: gzip
content-length: 26421
content-type: text/html
date: Tue, 19 Jul 2022 20:04:09 GMT
etag: W/"5f971164-11adc"
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
p3p: CP="NON ADM OUR DEV IND COM STA"
server: nginx/1.15.8
strict-transport-security: max-age=15724800; includeSubDomains
timing-allow-origin: *
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H2 200 settings Show response
syndication.twitter.com/ Frame FD4C 580 B
540 B 186ms
133ms Fetch
application/json 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=fddc53a8ae3830b13a7e03f491224298e184ab07

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.f39f39d5e1aec76c12af50a9a19e4fee.html?origin=https%3A%2F%2Fwww.croxyproxy.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

a502f79cb5fa985d8b516eeb3b2ce66e500731cd1999e64b3bb1cb035e784f66

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-response-time: 112
date: Tue, 19 Jul 2022 20:04:09 GMT
content-encoding: gzip
last-modified: Tue, 19 Jul 2022 20:04:09 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: bcdaac441b0d67bc79195913cea6dbe80e4d7a5041001de0e3e8208b2fa6dd01
content-length: 260

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 218 B
646 B 109ms
29ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.croxyproxy.com&callback=_gfp_s_&client=ca-pub-4989892168778415

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4989892168778415&plah=www.croxyproxy.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

ac3c76afd5f27f1774dc0546d00f2f0791440da6c1dca5cb7fde7c4237df576f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.croxyproxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 20:04:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 202
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 108ms
30ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.croxyproxy.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.croxyproxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 19 Jul 2022 20:04:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 94ms
30ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.croxyproxy.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.croxyproxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 19 Jul 2022 20:04:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B44B 67 KB
27 KB 899ms
857ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4989892168778415&output=html&h=280&slotname=6586196016&adk=879348656&adf=399592571&pi=t.ma~as.6586196016&w=336&fwrn=1&fwrnh=100&lmt=1658261049&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwww.croxyproxy.com%2F&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658261048882&bpp=4&bdt=340&idt=185&shv=r20220718&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&correlator=6082819289803&frm=20&pv=2&ga_vid=1720127308.1658261049&ga_sid=1658261049&ga_hid=1560700570&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=452&ady=455&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C31068390%2C42531606&oid=2&pvsid=4414199030543765&tmod=708258018&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=JVOZYnmFFh&p=https%3A//www.croxyproxy.com&dtd=199

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37197965a09a027984d4287726afead602fd1483ef37907636026d5055cf8249

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.croxyproxy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 27856
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Jul 2022 20:04:09 GMT
expires: Tue, 19 Jul 2022 20:04:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
445 B 85ms
29ms XHR
text/plain 2a00:1450:400c:c0d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-111548442-4&cid=1720127308.1658261049&jid=837372204&gjid=1068634022&_gid=1996062922.1658261049&_u=YEBAAUAAAAAAAC~&z=367702327

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0d::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.croxyproxy.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 19 Jul 2022 20:04:09 GMT
content-type: text/plain
access-control-allow-origin: https://www.croxyproxy.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E323 76 KB
29 KB 415ms
387ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4989892168778415&output=html&h=280&slotname=9093342801&adk=250807456&adf=519650642&pi=t.ma~as.9093342801&w=336&fwrn=1&fwrnh=100&lmt=1658261049&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwww.croxyproxy.com%2F&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658261048886&bpp=1&bdt=344&idt=206&shv=r20220718&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=6082819289803&frm=20&pv=1&ga_vid=1720127308.1658261049&ga_sid=1658261049&ga_hid=1560700570&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=813&ady=455&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C31068390%2C42531606&oid=2&pvsid=4414199030543765&tmod=708258018&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=U9bS0QcgZK&p=https%3A//www.croxyproxy.com&dtd=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53e5ce9e8c434dfe1c2482d11d5aceffc05c4beb221c58f034cee6169e77feea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.croxyproxy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 29165
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Jul 2022 20:04:09 GMT
expires: Tue, 19 Jul 2022 20:04:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 54ms
54ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.croxyproxy.com%2F&tn=DIV&id=infoBar&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: www.croxyproxy.com
URL: https://www.croxyproxy.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.croxyproxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Jul 2022 20:04:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 73E5 88 KB
25 KB 380ms
366ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4989892168778415&output=html&adk=1812271804&adf=3025194257&lmt=1658261049&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.croxyproxy.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658261048887&bpp=1&bdt=345&idt=211&shv=r20220718&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280&nras=1&correlator=6082819289803&frm=20&pv=1&ga_vid=1720127308.1658261049&ga_sid=1658261049&ga_hid=1560700570&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C31068390%2C42531606&oid=2&pvsid=4414199030543765&tmod=708258018&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=221

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

268c53733cf6c4af20b7d8677b38317e500ba029c1b7b81911fb5b07dfe86c82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.croxyproxy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 25579
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Jul 2022 20:04:09 GMT
expires: Tue, 19 Jul 2022 20:04:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9349 67 KB
21 KB 503ms
500ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4989892168778415&output=html&h=280&slotname=8350989238&adk=92410651&adf=2170088206&pi=t.ma~as.8350989238&w=750&fwrn=1&fwrnh=100&lmt=1658261049&rafmt=1&psa=0&format=750x280&url=https%3A%2F%2Fwww.croxyproxy.com%2F&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658261048887&bpp=1&bdt=345&idt=230&shv=r20220718&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280%2C0x0&nras=1&correlator=6082819289803&frm=20&pv=1&ga_vid=1720127308.1658261049&ga_sid=1658261049&ga_hid=1560700570&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=826&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C31068390%2C42531606&oid=2&pvsid=4414199030543765&tmod=708258018&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=XcyYynkltq&p=https%3A//www.croxyproxy.com&dtd=233

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e32d9408acb2e2abd68a0c26aac3040d906f556cb6085626147b2e0a12cac19d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.croxyproxy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 21397
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Jul 2022 20:04:09 GMT
expires: Tue, 19 Jul 2022 20:04:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A7AE 79 KB
30 KB 297ms
296ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4989892168778415&output=html&h=280&slotname=5081542653&adk=1284609407&adf=3177331638&pi=t.ma~as.5081542653&w=750&fwrn=1&fwrnh=100&lmt=1658261049&rafmt=1&psa=0&format=750x280&url=https%3A%2F%2Fwww.croxyproxy.com%2F&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658261048888&bpp=1&bdt=347&idt=245&shv=r20220718&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280%2C0x0%2C750x280&nras=1&correlator=6082819289803&frm=20&pv=1&ga_vid=1720127308.1658261049&ga_sid=1658261049&ga_hid=1560700570&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=1554&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C31068390%2C42531606&oid=2&pvsid=4414199030543765&tmod=708258018&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=6pymQEMDtn&p=https%3A//www.croxyproxy.com&dtd=248

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a4036eaa6a660030e4afbf38fbe1a8b6ce8d3731f11d30fbd88a511dd44942f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.croxyproxy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 30308
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 19 Jul 2022 20:04:09 GMT
expires: Tue, 19 Jul 2022 20:04:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 SystemSettings.js Show response
cdn.userreport.com/ 894 B
845 B 52ms
52ms Script
text/javascript 2600:9000:2315:a600:19:d208:7940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userreport.com/SystemSettings.js
Requested by: Host: cdn.userreport.com
URL: https://cdn.userreport.com/userreport.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:a600:19:d208:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9464552e64337889ef3a9dc120396d91f87b2015ad60a8bc0b61d846839f28af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.croxyproxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: 6kJ.oVpG3emizYDtxaJznkN1t118DNMr
content-encoding: gzip
last-modified: Thu, 26 Nov 2020 08:23:54 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P2
etag: "fbcd727c30fa10bc139aca4aec81f8e3"
x-cache: RefreshHit from cloudfront
content-type: text/javascript
via: 1.1 b6b3463eedbd4b446fd969736178bf98.cloudfront.net (CloudFront)
cache-control: max-age=0
date: Tue, 19 Jul 2022 20:04:10 GMT
accept-ranges: bytes
content-length: 442
x-amz-cf-id: CiM_vECv0oZfZKJaPH3n5x7hq5W_OOPVx7YQ5Nm-dz6xxhfB0DSR8g==

GET
H2 200 server.html Show response
tag.userreport.com/ Frame B4A0 37 KB
13 KB 66ms
23ms Document
text/html 2600:9000:223f:1600:11:af01:b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.userreport.com/server.html
Requested by: Host: cdn.userreport.com
URL: https://cdn.userreport.com/userreport.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:1600:11:af01:b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 41c12262453783f916105c53e3513dcf49cfae58b805b09c92eeac8d43b8b022

Request headers

Referer: https://www.croxyproxy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1059
cache-control: max-age=3600
content-encoding: gzip
content-type: text/html
date: Tue, 19 Jul 2022 19:46:30 GMT
etag: W/"626278e6-936d"
last-modified: Fri, 22 Apr 2022 09:44:06 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: nginx/1.12.2
vary: Accept-Encoding
via: 1.1 604f8ac78ed3ba5235c1a14794f2ac64.cloudfront.net (CloudFront)
x-amz-cf-id: BzguYk8cIHX4vOJbQwz3WswSB8noQDpMF6aHi4L29sG_eRGfmQtQ3A==
x-amz-cf-pop: FRA56-P5
x-cache: Hit from cloudfront

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ Frame 6974 263 KB
76 KB 34ms
34ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.blockaway.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Tue, 19 Jul 2022 20:04:09 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 94ms
47ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-111548442-4&cid=1720127308.1658261049&jid=837372204&_u=YEBAAUAAAAAAAC~&z=26613080

Requested by

Host: www.croxyproxy.com
URL: https://www.croxyproxy.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.croxyproxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Jul 2022 20:04:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 95ms
46ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-111548442-4&cid=1720127308.1658261049&jid=837372204&_u=YEBAAUAAAAAAAC~&z=26613080

Requested by

Host: www.croxyproxy.com
URL: https://www.croxyproxy.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.croxyproxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Jul 2022 20:04:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hit.gif
visitanalytics.userreport.com/ Frame B4A0 43 B
515 B 71ms
21ms Image
image/gif 143.204.215.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visitanalytics.userreport.com/hit.gif?t=USRdsusync-v1&dsu=1.e81974b746cc2b5a.f3ecd6dc-de5b-4ad9-3a66-7728b6e11299.1.1295.7a0f751cffe69fe4&origin=https%3A%2F%2Fwww.croxyproxy.com
Requested by: Host: www.croxyproxy.com
URL: https://www.croxyproxy.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-89.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tag.userreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: fZAqbzuxSGtIKd7g0Oj0VzvG4UrkztnT
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
age: 45978
x-amz-meta-cb-modifiedtime: Tue, 14 Apr 2015 11:43:27 GMT
x-cache: Hit from cloudfront
content-length: 43
last-modified: Thu, 15 Oct 2015 11:22:45 GMT
server: AmazonS3
date: Tue, 19 Jul 2022 07:17:52 GMT
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-cf-id: qvl2rWj0jFzciHyNPnuviS4mH7U0bqzmt0NfSGzp8PD031-NgEk43g==
expires: 0

GET
H/1.1

200
OK

receive
cdw-dcl.userreport.com/gs/ Frame B4A0
Redirect Chain

https://cdw-dcl.userreport.com/gs/init/pixel.gif
https://cm.g.doubleclick.net/pixel?google_nid=userreport_ddp&google_cm&google_hm=ZTI2NTI1ZDEtYTUzNTlhYWZmMTAzLTliY2FhOWQwNTNmNQ==
https://cm.g.doubleclick.net/pixel?google_nid=userreport_ddp&google_cm=&google_hm=ZTI2NTI1ZDEtYTUzNTlhYWZmMTAzLTliY2FhOWQwNTNmNQ==&google_tc=
https://cdw-dcl.userreport.com/gs/receive?google_gid=CAESELgRMdvcOD_JK9sY4ZKwraw&google_cver=1

35 B
420 B

25ms
25ms

Image
image/gif

13.32.99.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdw-dcl.userreport.com/gs/receive?google_gid=CAESELgRMdvcOD_JK9sY4ZKwraw&google_cver=1
Requested by: Host: www.croxyproxy.com
URL: https://www.croxyproxy.com/
Protocol: HTTP/1.1
Server: 13.32.99.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-27.fra60.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tag.userreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 19 Jul 2022 20:04:09 GMT
Via: 1.1 cb605905cea2427f1d9f13acc778e822.cloudfront.net (CloudFront)
Server: nginx/1.20.0
X-Amz-Cf-Pop: FRA60-P3
X-Cache: Miss from cloudfront
Content-Type: image/gif
Cache-Control: s-maxage=3600, max-age=0
Connection: keep-alive
Content-Length: 35
X-Amz-Cf-Id: ceZMwEEXhA4luTBYx8kxiEjNB0zGaSGL-Tj11xXrKZjcW1LxfqAhmg==

Redirect headers

pragma: no-cache
date: Tue, 19 Jul 2022 20:04:09 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cdw-dcl.userreport.com/gs/receive?google_gid=CAESELgRMdvcOD_JK9sY4ZKwraw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

adform
audex.userreport.com/sync/put/ Frame B4A0
Redirect Chain

https://dmp.adform.net/serving/cookie/match/?party=1001&cid=db4b0d46-fe0b-4534-8014-ab0ff4f73095&Today=20220719
https://dmp.adform.net/serving/cookie/match/?CC=1&party=1001&cid=db4b0d46-fe0b-4534-8014-ab0ff4f73095&Today=20220719
https://audex.userreport.com/sync/put/adform?adfusr=3833297868981837446

35 B
425 B

71ms
27ms

Image
image/gif

13.32.99.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://audex.userreport.com/sync/put/adform?adfusr=3833297868981837446
Requested by: Host: www.croxyproxy.com
URL: https://www.croxyproxy.com/
Protocol: HTTP/1.1
Server: 13.32.99.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-15.fra60.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tag.userreport.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 19 Jul 2022 20:04:09 GMT
Via: 1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
Server: nginx/1.20.0
X-Amz-Cf-Pop: FRA60-P3
X-Cache: Miss from cloudfront
Content-Type: image/gif
Cache-Control: s-maxage=75600, max-age=43200
Connection: keep-alive
Content-Length: 35
X-Amz-Cf-Id: Hzlza20gHupfL8xwuIDS1JuKgvW-AjHYfNYmAhf9U2t18cyCXL9ppA==

Redirect headers

pragma: no-cache
date: Tue, 19 Jul 2022 20:04:09 GMT
server: nginx
location: https://audex.userreport.com/sync/put/adform?adfusr=3833297868981837446
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1 200
OK button.fed83577e235944f1c02f314fdfd94dd.js Show response
platform.twitter.com/js/ 7 KB
3 KB 22ms
22ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.fed83577e235944f1c02f314fdfd94dd.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/669F) /
Resource Hash: dd73aaa40aaa3f68485ce0099ab91f2db304523f542b95da68397340d58d5c4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.croxyproxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 19 Jul 2022 20:04:09 GMT
Content-Encoding: gzip
Age: 901
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=2
Content-Length: 2359
x-tw-cdn: VZ
Last-Modified: Mon, 11 Jul 2022 22:43:26 GMT
Server: ECS (frb/669F)
Etag: "c1233079fb145bc77c712143fa5dcd65+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK follow_button.f39f39d5e1aec76c12af50a9a19e4fee.en.html Show response
platform.twitter.com/widgets/ Frame B3FD 41 KB
15 KB 21ms
21ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/follow_button.f39f39d5e1aec76c12af50a9a19e4fee.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/669F) /
Resource Hash: d2967e52cf9203016a3c2559a0b72b2c061eb319c3b277cea34455d1d8b6e563

Request headers

Referer: https://www.croxyproxy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 899
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 15074
Content-Type: text/html; charset=utf-8
Date: Tue, 19 Jul 2022 20:04:09 GMT
Etag: "5b62ccb43122a3b1f73ed5f1d60fb0d6+gzip"
Last-Modified: Mon, 11 Jul 2022 22:43:27 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/669F)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H2 200 jot
syndication.twitter.com/i/ 43 B
333 B 144ms
143ms Image
image/gif 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fwww.croxyproxy.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22l%3Awithcount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1658261049289%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%223235bd17138fa%3A1657578976990%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=fddc53a8ae3830b13a7e03f491224298e184ab07

Requested by

Host: www.croxyproxy.com
URL: https://www.croxyproxy.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.croxyproxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 20:04:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 122
pragma: no-cache
last-modified: Tue, 19 Jul 2022 20:04:09 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: bcdaac441b0d67bc79195913cea6dbe80e4d7a5041001de0e3e8208b2fa6dd01
x-transaction: 54ad1e49aa009ea3
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 analytics-tags.js Show response
cdn.userreport.com/ 265 B
651 B 22ms
21ms Script
application/javascript 2600:9000:2315:a600:19:d208:7940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userreport.com/analytics-tags.js
Requested by: Host: cdn.userreport.com
URL: https://cdn.userreport.com/userreport.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:a600:19:d208:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7d8c62049816b4a834204bb3a79b014f88a6c6dc916e7ab26abf0d40c2e69ed4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.croxyproxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: BQ4neG9T5yHFyGCIm7yA158D1GNg0I81
via: 1.1 b6b3463eedbd4b446fd969736178bf98.cloudfront.net (CloudFront)
last-modified: Fri, 03 Aug 2018 07:14:09 GMT
server: AmazonS3
age: 1213
etag: "b9c284ba1fea2a6f6c2de5d0d9904ee9"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
date: Tue, 19 Jul 2022 19:43:58 GMT
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
content-length: 265
x-amz-cf-id: gq0MbE_2J5rhdiUhMdn-5FyhirWNAGvVsY6uCWp42BmMCbatLM8Qeg==

GET
DATA 200
OK truncated
/ Frame B3FD 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1

200
OK

receive
cdw-dcl.userreport.com/gs/
Redirect Chain

https://cdw-dcl.userreport.com/gs/init/pixel.gif
https://cm.g.doubleclick.net/pixel?google_nid=userreport_ddp&google_cm&google_hm=ZTI2NTI1ZDEtYTUzNTlhYWZmMTAzLTliY2FhOWQwNTNmNQ==
https://cm.g.doubleclick.net/pixel?google_nid=userreport_ddp&google_cm=&google_hm=ZTI2NTI1ZDEtYTUzNTlhYWZmMTAzLTliY2FhOWQwNTNmNQ==&google_tc=
https://cdw-dcl.userreport.com/gs/receive?google_gid=CAESECQHwerMruwd7zabLpYvgks&google_cver=1

35 B
420 B

45ms
23ms

Image
image/gif

13.32.99.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdw-dcl.userreport.com/gs/receive?google_gid=CAESECQHwerMruwd7zabLpYvgks&google_cver=1
Requested by: Host: www.croxyproxy.com
URL: https://www.croxyproxy.com/
Protocol: HTTP/1.1
Server: 13.32.99.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-27.fra60.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.croxyproxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 19 Jul 2022 20:04:09 GMT
Via: 1.1 cb605905cea2427f1d9f13acc778e822.cloudfront.net (CloudFront)
Server: nginx/1.20.0
X-Amz-Cf-Pop: FRA60-P3
X-Cache: Miss from cloudfront
Content-Type: image/gif
Cache-Control: s-maxage=3600, max-age=0
Connection: keep-alive
Content-Length: 35
X-Amz-Cf-Id: Dasxk6KH2Jqo94afQb7_wtj8HL9enpLEcLZL4S_GWBdYmPgyIwpwMA==

Redirect headers

pragma: no-cache
date: Tue, 19 Jul 2022 20:04:09 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cdw-dcl.userreport.com/gs/receive?google_gid=CAESECQHwerMruwd7zabLpYvgks&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

adform
audex.userreport.com/sync/put/
Redirect Chain

https://dmp.adform.net/serving/cookie/match/?party=1001&cid=db4b0d46-fe0b-4534-8014-ab0ff4f73095
https://dmp.adform.net/serving/cookie/match/?CC=1&party=1001&cid=db4b0d46-fe0b-4534-8014-ab0ff4f73095
https://audex.userreport.com/sync/put/adform?adfusr=7874544230180438437

35 B
425 B

66ms
25ms

Image
image/gif

13.32.99.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://audex.userreport.com/sync/put/adform?adfusr=7874544230180438437
Requested by: Host: www.croxyproxy.com
URL: https://www.croxyproxy.com/
Protocol: HTTP/1.1
Server: 13.32.99.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-15.fra60.r.cloudfront.net
Software: nginx/1.20.0 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.croxyproxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 19 Jul 2022 20:04:09 GMT
Via: 1.1 6ae82cc0c8a39c993134c2be90b4d120.cloudfront.net (CloudFront)
Server: nginx/1.20.0
X-Amz-Cf-Pop: FRA60-P3
X-Cache: Miss from cloudfront
Content-Type: image/gif
Cache-Control: s-maxage=68400, max-age=43200
Connection: keep-alive
Content-Length: 35
X-Amz-Cf-Id: X_YQf7NhDnbQGIXXaWrVeLjM8JnOFlCrHLlSLhZOvwYbUuRt_pxapg==

Redirect headers

pragma: no-cache
date: Tue, 19 Jul 2022 20:04:09 GMT
server: nginx
location: https://audex.userreport.com/sync/put/adform?adfusr=7874544230180438437
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 17224937611225333992
tpc.googlesyndication.com/simgad/ Frame A7AE 97 KB
97 KB 215ms
41ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17224937611225333992?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4ql0UUwTc_giiDjggG_iXtCJI3hgBw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4989892168778415&output=html&h=280&slotname=5081542653&adk=1284609407&adf=3177331638&pi=t.ma~as.5081542653&w=750&fwrn=1&fwrnh=100&lmt=1658261049&rafmt=1&psa=0&format=750x280&url=https%3A%2F%2Fwww.croxyproxy.com%2F&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658261048888&bpp=1&bdt=347&idt=245&shv=r20220718&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280%2C0x0%2C750x280&nras=1&correlator=6082819289803&frm=20&pv=1&ga_vid=1720127308.1658261049&ga_sid=1658261049&ga_hid=1560700570&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=1554&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C31068390%2C42531606&oid=2&pvsid=4414199030543765&tmod=708258018&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=6pymQEMDtn&p=https%3A//www.croxyproxy.com&dtd=248

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f57911de8027504c18f9a099e927b9ebbfbe7f2c299200569f93ebb2aac2abcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 09:23:25 GMT
x-content-type-options: nosniff
age: 384044
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99262
x-xss-protection: 0
last-modified: Thu, 02 Dec 2021 09:30:48 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 15 Jul 2023 09:23:25 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220718/r20110914/ Frame A7AE 21 KB
9 KB 194ms
20ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220718/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3e5424c940e81b700243272693cbd0ef8e46a75e5e420d479974cfa7c022665

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 19:29:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2100
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8695
x-xss-protection: 0
server: cafe
etag: 18278475684918935672
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Aug 2022 19:29:09 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/ Frame A7AE 3 KB
1 KB 195ms
26ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 19:38:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1512
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Aug 2022 19:38:57 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/ Frame A7AE 17 KB
7 KB 193ms
23ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e352bd3598be515c20c398e90549e3f966fbce570d88adea32a7f43de7b08f83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 19:53:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 623
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7322
x-xss-protection: 0
server: cafe
etag: 17958847364917198933
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Aug 2022 19:53:46 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A7AE 137 KB
43 KB 205ms
38ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0de50a799ee39bde80bfb0943ba85616975f5c71e0e746b49c27c5b0d1731ef6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 20:04:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43203
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1658144321100200"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 19 Jul 2022 20:04:09 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/ Frame A7AE 30 KB
13 KB 195ms
26ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe0dd527489b9ada352a33c4c98447e0070705bc816dfb87f3b008fb8ff5514a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 19:42:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1323
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12705
x-xss-protection: 0
server: cafe
etag: 7888163778620344625
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Aug 2022 19:42:06 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A7AE 0
0 68ms
68ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CV5FIOQ7XYq_fCtCFiM0Pn8G34AbDqd7katrLutqPD9nZHhABIIqNiwlglaqzgsAHoAGs8ri_AcgBAqkCzsLbuZQoCj6oAwHIA8kEqgTWAU_QPcwoNvdTRDgattp_hMKABpQKMRg3_iscDKm-RSJEGXhqaM-hzIzaNJxjt5j1LNcJz_PCYhCW0AH6pvXF22wwTtSRfo5HkW1aqv6McX0Lvf7b1FEnXwfM3bzx9ALclQ5wbzBjwP-krX5XyExnPVyR6tHh0KlQHkAF4m0X7PI4NYV6VV6zpg1yX1GDwTpLyhYvsT073REjc1VVxHB0ehden6xXsqN8ary2H3bKhkjnQswEm1FvzOzuLjwhHfCjmh9E4Yi7xhKp2thgO_Y1vmX-ZBBIvP3ABMfW6sfeA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAe8jcfAAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcDEPJJ0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItNDk4OTg5MjE2ODc3ODQxNRgA&sigh=w56aHSSpioU&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4989892168778415&output=html&h=280&slotname=5081542653&adk=1284609407&adf=3177331638&pi=t.ma~as.5081542653&w=750&fwrn=1&fwrnh=100&lmt=1658261049&rafmt=1&psa=0&format=750x280&url=https%3A%2F%2Fwww.croxyproxy.com%2F&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658261048888&bpp=1&bdt=347&idt=245&shv=r20220718&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280%2C0x0%2C750x280&nras=1&correlator=6082819289803&frm=20&pv=1&ga_vid=1720127308.1658261049&ga_sid=1658261049&ga_hid=1560700570&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=1554&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C31068390%2C42531606&oid=2&pvsid=4414199030543765&tmod=708258018&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=6pymQEMDtn&p=https%3A//www.croxyproxy.com&dtd=248
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 19 Jul 2022 20:04:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 19 Jul 2022 20:04:09 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207130101/ 149 KB
53 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207130101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

10aabba53db37c57fc91cd84452a59ddb48c7c1e44b720d091f9a0fa600a4b50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.croxyproxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 20:04:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54140
x-xss-protection: 0
server: cafe
etag: 7611172755857355018
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Jul 2022 20:04:09 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 54ms
54ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pm&rt=1&c=ca-pub-4989892168778415&eid=44759876%2C44759927%2C44759842%2C44763505%2C31068390%2C42531606

Requested by

Host: www.croxyproxy.com
URL: https://www.croxyproxy.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.croxyproxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Jul 2022 20:04:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame E323 6 KB
745 B 80ms
31ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4989892168778415&output=html&h=280&slotname=9093342801&adk=250807456&adf=519650642&pi=t.ma~as.9093342801&w=336&fwrn=1&fwrnh=100&lmt=1658261049&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwww.croxyproxy.com%2F&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658261048886&bpp=1&bdt=344&idt=206&shv=r20220718&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=6082819289803&frm=20&pv=1&ga_vid=1720127308.1658261049&ga_sid=1658261049&ga_hid=1560700570&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=813&ady=455&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C31068390%2C42531606&oid=2&pvsid=4414199030543765&tmod=708258018&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=U9bS0QcgZK&p=https%3A//www.croxyproxy.com&dtd=209

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 19:55:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 19 Jul 2022 20:04:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 19 Jul 2022 20:04:09 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/ Frame E323 2 KB
983 B 71ms
70ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 19:50:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 845
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Aug 2022 19:50:04 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220718/r20110914/ Frame E323 21 KB
9 KB 67ms
67ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220718/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3e5424c940e81b700243272693cbd0ef8e46a75e5e420d479974cfa7c022665

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 19:29:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2100
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8695
x-xss-protection: 0
server: cafe
etag: 18278475684918935672
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Aug 2022 19:29:09 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/ Frame E323 3 KB
1 KB 66ms
65ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 19:38:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1512
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Aug 2022 19:38:57 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E323 137 KB
42 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0de50a799ee39bde80bfb0943ba85616975f5c71e0e746b49c27c5b0d1731ef6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 20:04:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43203
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1658144321100200"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 19 Jul 2022 20:04:09 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/ Frame E323 17 KB
7 KB 69ms
69ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e352bd3598be515c20c398e90549e3f966fbce570d88adea32a7f43de7b08f83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 19:53:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 623
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7322
x-xss-protection: 0
server: cafe
etag: 17958847364917198933
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Aug 2022 19:53:46 GMT

GET
H2 200 b8b39a8a01d591fbf8e8e88b2bbf8fd4.js Show response
www.gstatic.com/mysidia/ Frame E323 30 KB
13 KB 68ms
19ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b8b39a8a01d591fbf8e8e88b2bbf8fd4.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09e298fd9b3051dfcab1ec4dc4931a9e476a0de10ce2a11db1a367ae6782f521

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 14:05:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 107945
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12830
x-xss-protection: 0
last-modified: Thu, 14 Jul 2022 00:22:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 16 Oct 2022 14:05:04 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E323 0
0 65ms
65ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Ck_BMOQ7XYsr3Cda5YbbvhOAN1cb0pmvuzM6goRDAjbcBEAEgio2LCWCVqrOCwAegAaKRoYADyAEJqAMByAPLBKoE1gFP0Ond26W-SYQdzFyzSqvyJbgeKLBaFqQXPOGNLJoEQBC07ZWXv8j9a4Nftzab4csSvoHjQriuH7hXUbxYbxwlob802bWm0oKh6qpM7AKF93VJxHfykY-vQ7sSyAchMz6wCcupp4vx_HRMjttZtXJIexZwDNLSx_NwmzLWy7bAFE04An0JVaUc5-bziHsPdAA6MvDVa3nIhYc-O7MQm9eedkZHFGshwO2BJCC8lg454IPrzFhGatcO1NL_kdWqFHD3pR4gmpaF5VGBA68zMFRPO_z-MxFxwAS0qb_KjASSBQQIBBgBkgUECAUYBKAGLoAHxu7ef6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEMDhBNIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBuBPkA9gTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi00OTg5ODkyMTY4Nzc4NDE1GAA&sigh=ZmDwR5fyts4&uach_m=[UACH]&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4989892168778415&output=html&h=280&slotname=9093342801&adk=250807456&adf=519650642&pi=t.ma~as.9093342801&w=336&fwrn=1&fwrnh=100&lmt=1658261049&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwww.croxyproxy.com%2F&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658261048886&bpp=1&bdt=344&idt=206&shv=r20220718&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=6082819289803&frm=20&pv=1&ga_vid=1720127308.1658261049&ga_sid=1658261049&ga_hid=1560700570&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=813&ady=455&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C31068390%2C42531606&oid=2&pvsid=4414199030543765&tmod=708258018&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=U9bS0QcgZK&p=https%3A//www.croxyproxy.com&dtd=209
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 19 Jul 2022 20:04:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 55ms
55ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pr&rt=1&c=ca-pub-4989892168778415&eid=44759876%2C44759927%2C44759842%2C44763505%2C31068390%2C42531606

Requested by

Host: www.croxyproxy.com
URL: https://www.croxyproxy.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.croxyproxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Jul 2022 20:04:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 70ms
29ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.croxyproxy.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.croxyproxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 19 Jul 2022 20:04:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 76ms
29ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.croxyproxy.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.croxyproxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 19 Jul 2022 20:04:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220718/r20110914/ Frame 160B 10 KB
4 KB 20ms
19ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220718/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.croxyproxy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 80404
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 18 Jul 2022 21:44:05 GMT
etag: 8616628553774171045
expires: Mon, 01 Aug 2022 21:44:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 2076313506083323656
tpc.googlesyndication.com/simgad/2236869639229773942/ Frame E323 43 KB
43 KB 72ms
27ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2236869639229773942/2076313506083323656

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d940ac7e8c3c49747d915c3ef7e6dc9d5b6d50f9f1184386ffb6e594f8c5503

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 20:02:17 GMT
x-content-type-options: nosniff
age: 112
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44426
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 19:42:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 19 Jul 2023 20:02:17 GMT

GET
DATA 200
OK truncated
/ Frame E323 216 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 862979d831d09008de4b751f3b5536e24e66e3e4cca8c1e388e4bda68d69498b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220718/r20110914/ Frame 9349 21 KB
9 KB 39ms
21ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220718/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4989892168778415&output=html&h=280&slotname=8350989238&adk=92410651&adf=2170088206&pi=t.ma~as.8350989238&w=750&fwrn=1&fwrnh=100&lmt=1658261049&rafmt=1&psa=0&format=750x280&url=https%3A%2F%2Fwww.croxyproxy.com%2F&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658261048887&bpp=1&bdt=345&idt=230&shv=r20220718&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280%2C0x0&nras=1&correlator=6082819289803&frm=20&pv=1&ga_vid=1720127308.1658261049&ga_sid=1658261049&ga_hid=1560700570&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=826&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C31068390%2C42531606&oid=2&pvsid=4414199030543765&tmod=708258018&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=XcyYynkltq&p=https%3A//www.croxyproxy.com&dtd=233

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3e5424c940e81b700243272693cbd0ef8e46a75e5e420d479974cfa7c022665

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 19:29:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2100
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8695
x-xss-protection: 0
server: cafe
etag: 18278475684918935672
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Aug 2022 19:29:09 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 9349 8 KB
1 KB 34ms
30ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 19:54:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 19 Jul 2022 20:04:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 19 Jul 2022 20:04:09 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220711_RC00/ Frame 9349 14 KB
3 KB 84ms
21ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220711_RC00/outstream.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 13:27:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 110193
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 10:42:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jul 2023 13:27:36 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220711_RC00/ Frame 9349 354 KB
123 KB 85ms
22ms Script
text/javascript 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220711_RC00/outstream.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f142b41ded989e7073c9bda8679c59a6cbe9fef877388e9c567947ac559f13a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 00:42:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 501721
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125467
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 10:42:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Jul 2023 00:42:08 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/ Frame 9349 17 KB
7 KB 42ms
25ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e352bd3598be515c20c398e90549e3f966fbce570d88adea32a7f43de7b08f83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 19:32:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1898
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7322
x-xss-protection: 0
server: cafe
etag: 17958847364917198933
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Aug 2022 19:32:31 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7664 143 B
163 B 21ms
19ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4989892168778415&output=html&h=280&slotname=5081542653&adk=1284609407&adf=3177331638&pi=t.ma~as.5081542653&w=750&fwrn=1&fwrnh=100&lmt=1658261049&rafmt=1&psa=0&format=750x280&url=https%3A%2F%2Fwww.croxyproxy.com%2F&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658261048888&bpp=1&bdt=347&idt=245&shv=r20220718&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280%2C0x0%2C750x280&nras=1&correlator=6082819289803&frm=20&pv=1&ga_vid=1720127308.1658261049&ga_sid=1658261049&ga_hid=1560700570&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=1554&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C31068390%2C42531606&oid=2&pvsid=4414199030543765&tmod=708258018&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=6pymQEMDtn&p=https%3A//www.croxyproxy.com&dtd=248
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Tue, 19 Jul 2022 19:10:49 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dfafa4fd47dd86b7cbcd5aa280f1fc74.js Show response
www.gstatic.com/mysidia/ Frame 160B 10 KB
4 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/dfafa4fd47dd86b7cbcd5aa280f1fc74.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220718/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f7f8fc77f71c162c7907a35dda7b01cc2d098685b2a1554e6514655911af8e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 17 Jul 2022 21:59:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 165851
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4359
x-xss-protection: 0
last-modified: Thu, 14 Jul 2022 00:22:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 15 Oct 2022 21:59:58 GMT

GET
H2 200 4c3be841d2249c2a90c31a8670fa811e.js Show response
www.gstatic.com/mysidia/ Frame 160B 10 KB
4 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/4c3be841d2249c2a90c31a8670fa811e.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220718/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67cd2d215dfe5c7b17cfa9b3ee43c744ae069d1aae2f0d371898a90f59b0876f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 06:24:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49198
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4278
x-xss-protection: 0
last-modified: Thu, 14 Jul 2022 00:22:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 17 Oct 2022 06:24:11 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 160B 8 KB
966 B 31ms
28ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220718/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 19 Jul 2022 19:52:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 19 Jul 2022 20:04:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 19 Jul 2022 20:04:09 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/ Frame 160B 2 KB
902 B 51ms
49ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220718/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 19:39:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1468
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Aug 2022 19:39:41 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220718/r20110914/ Frame 160B 21 KB
9 KB 33ms
31ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220718/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220718/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3e5424c940e81b700243272693cbd0ef8e46a75e5e420d479974cfa7c022665

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 19:29:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2100
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8695
x-xss-protection: 0
server: cafe
etag: 18278475684918935672
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Aug 2022 19:29:09 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/ Frame 160B 3 KB
1 KB 51ms
49ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220718/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 19:52:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 679
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Aug 2022 19:52:50 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 160B 137 KB
42 KB 72ms
30ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220718/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0de50a799ee39bde80bfb0943ba85616975f5c71e0e746b49c27c5b0d1731ef6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 20:04:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43203
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1658144321100200"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 19 Jul 2022 20:04:09 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/ Frame 160B 17 KB
7 KB 37ms
35ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220718/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e352bd3598be515c20c398e90549e3f966fbce570d88adea32a7f43de7b08f83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 19:32:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1898
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7322
x-xss-protection: 0
server: cafe
etag: 17958847364917198933
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Aug 2022 19:32:31 GMT

GET
H2 200 b8b39a8a01d591fbf8e8e88b2bbf8fd4.js Show response
www.gstatic.com/mysidia/ Frame 160B 30 KB
13 KB 27ms
24ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b8b39a8a01d591fbf8e8e88b2bbf8fd4.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220718/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09e298fd9b3051dfcab1ec4dc4931a9e476a0de10ce2a11db1a367ae6782f521

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 14:05:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 107945
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12830
x-xss-protection: 0
last-modified: Thu, 14 Jul 2022 00:22:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 16 Oct 2022 14:05:04 GMT

GET
DATA 200
OK truncated
/ Frame A7AE 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ddbfe0b990100c27546b1fcf339d6a034f9f85d253782269626a47e970658860

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E323 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2da1c50c107fee37262b07122a238fabd2dc78e6319a4699e1efc6f3b7f83a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/6164110877804301844/ Frame 160B 4 KB
4 KB 23ms
22ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6164110877804301844/downsize_200k_v1?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220718/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7275f0fb8158cedd2aca99a9bb760d297331473511835855cf2614badbef18ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 19:01:41 GMT
x-content-type-options: nosniff
age: 90148
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3610
x-xss-protection: 0
last-modified: Tue, 04 Aug 2020 11:05:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 18 Jul 2023 19:01:41 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 160B 0
0 62ms
62ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cl0zvOQ7XYsmTCsT0YN_bkZACjsXW-GXctYKPkQzZ2R4QASCKjYsJYJWqs4LAB6AB1fP40gPIAQGoAwGqBMsBT9A1-b3yGFzN38ov_gCZFuftXKyzcmnZ-0FlzvyVsD7oFrqVIB3-oL90qUYs4DCFCIok5miIkuPCEyo5_xXVoNKMQKTtHpIr6Qs2AR098LEyvyH0PekFuX_h67xDHHXjyd2Yp5hS_Tc6wHqpOljJ-XPf8LWp-Gptw8S0tu-sVyZvbRPaWpbPq0n0ixJHRvqhHq7ZMwnOuJ062Wk_0Fh8_ajpRpQYDon7slm2okJ8r_vMBL6qhmxNzJFdiJEhJmFn9PXKxG08Zdp5Jo7ABLiSnsG0AZIFBAgEGAGSBQQIBRgEgAeTjIctqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwMQ0X3SCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDIgUAtAVAZgWAYAXAbIXHAoaCAASFHB1Yi00OTg5ODkyMTY4Nzc4NDE1GAA&sigh=Hvpt12a1dw0&uach_m=[UACH]&template_id=5001

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220718/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220718/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 19 Jul 2022 20:04:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E806 143 B
163 B 20ms
19ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220718/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220718/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Tue, 19 Jul 2022 19:10:49 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E323 15 KB
16 KB 70ms
21ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 19:07:55 GMT
x-content-type-options: nosniff
age: 89774
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jul 2023 19:07:55 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E323 15 KB
16 KB 73ms
26ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 98357
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jul 2023 16:44:52 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E323 15 KB
15 KB 95ms
50ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:39:45 GMT
x-content-type-options: nosniff
age: 98664
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jul 2023 16:39:45 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7664
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

66ms
66ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 19 Jul 2022 20:04:10 GMT
expires: Tue, 19 Jul 2022 20:04:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 19 Jul 2022 20:04:09 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Jb5du1wVqba4or3nurh6HQr9svaNG92rNWcoGauPISE.js Show response
pagead2.googlesyndication.com/bg/ Frame 5181 36 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Jb5du1wVqba4or3nurh6HQr9svaNG92rNWcoGauPISE.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25be5dbb5c15a9b6b8a2bde7bab87a1d0afdb2f68d1bddab35672819ab8f2121

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 18:41:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 264151
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13868
x-xss-protection: 0
last-modified: Thu, 07 Jul 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 16 Jul 2023 18:41:38 GMT

GET
DATA 200
OK truncated
/ Frame 160B 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1774cf1666074c7bb9b378b2a6df98ab91703ad64163524822a6f6fa6941c384

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 csi
csi.gstatic.com/ Frame 9349 0
327 B 163ms
63ms Ping
image/gif 2a00:1450:4006:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~l5sltb05&c=1479712991453&slotId=739856495726.5&qqid=CLCPn-bfhfkCFRkdewodce8LJA&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C324123032%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220711_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4006:808::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Jul 2022 20:04:10 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9349 15 KB
16 KB 44ms
43ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 98357
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jul 2023 16:44:52 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9349 15 KB
15 KB 56ms
56ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 19:07:55 GMT
x-content-type-options: nosniff
age: 89774
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jul 2023 19:07:55 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9349 0
20 B 55ms
55ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CnE40OQ7XYvCOCpm67APx3q-gAqaU5fBqwbWx560Q8C4QASCKjYsJYJWqs4LAB6AB6pHKpwHIAQWpAsefYJWkNLE-qAMByAObBKoE9wFP0HzPD1pSCIHTQdXUXEKnn_1Nr4IE5KsbrHXekNRNPSMVNO5Y-DvvQ36YzqSN-iJtR13po7q-zSIYwm27f_3bxRrE-dYpb4ImDBAP9Tt0GBw_bzjX2ualreDwOHXzEgQJ-JUmZmSUVCVKH7ErqmvaaPRkA3FJaqRjqqPU9q_ONkIZkhZkyJlIRpWD38KCY2IDg5iNol6sOh1jmIpFhtyBtbjToW99O0V4Syr6MYxtKw-YXtgmYG_z0cv0mWxFvbbHn-m987XoYa6-35t-Z1Ed4YXGk065SyoNpVEnphe9UFRg8HFsJQr4AFmdfbTnVrlYexDv6StjwATwjdCdnATgBAOQBgGgBk6AB_7ttdgCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIEQiA4YAQEAEYHzICqgI6AoBAgAoBmAsByAsBgAwBsBOEhdcPyBOhkd_gA9gTCogUPtgUAdAVAfgWAYAXAQ&eventType=clickstring&clientTime=1658261049867&ai=CnE40OQ7XYvCOCpm67APx3q-gAqaU5fBqwbWx560Q8C4QASCKjYsJYJWqs4LAB6AB6pHKpwHIAQWpAsefYJWkNLE-qAMByAObBKoE9wFP0HzPD1pSCIHTQdXUXEKnn_1Nr4IE5KsbrHXekNRNPSMVNO5Y-DvvQ36YzqSN-iJtR13po7q-zSIYwm27f_3bxRrE-dYpb4ImDBAP9Tt0GBw_bzjX2ualreDwOHXzEgQJ-JUmZmSUVCVKH7ErqmvaaPRkA3FJaqRjqqPU9q_ONkIZkhZkyJlIRpWD38KCY2IDg5iNol6sOh1jmIpFhtyBtbjToW99O0V4Syr6MYxtKw-YXtgmYG_z0cv0mWxFvbbHn-m987XoYa6-35t-Z1Ed4YXGk065SyoNpVEnphe9UFRg8HFsJQr4AFmdfbTnVrlYexDv6StjwATwjdCdnATgBAOQBgGgBk6AB_7ttdgCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIEQiA4YAQEAEYHzICqgI6AoBAgAoBmAsByAsBgAwBsBOEhdcPyBOhkd_gA9gTCogUPtgUAdAVAfgWAYAXAQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Jul 2022 20:04:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 9349 28 KB
16 KB 135ms
49ms XHR
text/xml 173.194.76.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-AaOseIHoo6UlTmQVvJzh_WbQqA4I7OEeD3EtuKD_eQIOY1BCVrqNOmuh4xH_knL7w_5a2hoBDjqpmIv3tdToSpORk7hQ&cry=1&dbm_d=AKAmf-CVyduVPh96w-oRkvBY2JsjRv9wyQHDWsfARHRzhHakHscAeRcxaAGFCbAhKFhh8E1CT2eK0gI4_2ao4VHkul7k1FRPSgxKWy80pO1GDMH7hLshAcp4r1LNXlup4x_JGV6oSpsUkjiR55PSTsyViBifY0MI07EwwX6wF-DSHb57mAtcjHuE7oGrN1REfrXq44jNdsoHanGGHn8_VLyqLs_H_1bq-KqFczavbiPGQjYac4PqD3q8XNSUWwGJcUMeUy5c-TrFB8f24vNp1fjJLeTI-ZvToDTcKApA08T6ydsk3Uj92FEDvz4v5QhZhDHYXxuV7Nb5U1y9yOjENPb48vkXwaGwRWr2eRmo5sd6L3f_071rKwjJNoIgMkGxGLWvUAz4MtmM09OqNBbBbgaiBsT93ZvTZvIcZlboQkok6gbO654PfIER6w99geX4QmQSX_JYUaa6Bddv5e_UI2ymZrcQT1OC4bI4pRfjKiSYEB_Od3pyu5cyYmHgWsUsXNQNwb4ecyTdhCUKu2O4qh26R5UVn6IvwU_NnwRtlIqD-kt3cAzABjf5fxjaEBF5XNj6xlUxuZXcLQqpdD7aN4gYKX5xUSZN7FhPMl3P3xL9QoMDAtN_cJV0PFI-5kjndomKRcZqwMrvZBv1_CEIEOY-I5SiNuxfg0KudlRflY0NGhZ49f138IgKVuRY1QoqAHI3eVOCZwrKY3FjpHiGa-qCtfgKifUNUakw6ebH-iLmlDIaID3Mdpl5_9i4o-991Ad0z_DnU_J-bfiF-TxLle8t7L5Hp55ZMFR5giMXVRyYuScdCP-YHUXqUUHSrAXwzfZX_rzuLYujvIQ9lkDM6sejjCLsETNCbTRu5GWayOsgknM4QKO1M-uI5SmzSDDEwBXseJV631PB9TzDLuMgZAaAA4ycnSrLRplo7oLpZIkB5zaHJK-xV5NJtuHnV6NgfL6Awk_CRhXF7YSOXaMXWjCWF7nqnILOe-ymBA8D83vBwhgEV6Rdm0HT60GqHf1lDAvQGCI8cLqdI4U7udEGhVFMWHUNre5JYsj-SXie5z6swk8_T-FHckWRaWtACiNbamN8hSoPFDF4JeJssH1ah1EZk-cjptkBMNufrl2TObOabBQwemvB--suXd79zuzJ0ixCItJPFEioxQTV9T9f7w4_inpgyCBU2LWQD7C0lxa6l2hIH6xP5v7n2LHi6UKgAZW5GxN6qj2cYuSoL5Qho_Lmdn2TGr4QJ_IypVKREpU6gXx4NMrjMVRaiJCJ1Bfm7NtRWrScIbfgYuAs81HSq7SjZBBoW4s1YR1tQCpAfiapLtC3FU8cbARddbHy2Sd1bTsbGXvLaWO6TLBdTVoW0DEyyo47nIEivw-6H4iJQbq3jOyDfMPDpQq4NJHHcFgnCyUEM0e8AgBjP5FmbQs45FBK5LInlz8R1_658ZkdmG8FUInierWef1Az_0iAaWZ0zoqMq4DNE_pr-sRU58Zw-6AXWNjsHmph4P-0-7xlo24CHbPzjhRss6yACFJ1QAr8q3kmoslt98NSgNKJjVeIa1peDQ274lGFbSVte32n-Qs0zrQgzSdPb_gBUrdAZSEYH6BmlZ1mfug4rvulp__Qe82cYz2qb6HTOlNLKnOatBnygjY0hkdeumStDjhHW6byinr3IKDdS2LP1hbeGjGPROzB86LjmfME352ZvHNbxn9hLHwEGuE92cqMTrZuUsb6pfSwRUyaDhrkp3gnVYYwrcnAJ6ChcTO4nyYlvX0HVZuD_yRCZoyNrcpb3jhP8zDDwiCSUz6PzpOHG3QfKd9f6YuBDsjibe2XnQjGLHcXocov5xhtGm8vUGbArZykRtyzA7cc-Bpgg1NMeNUl3YeEHvB-5o5CA8YxjCA7bO1eDoGG1leTiUajQRzoRuC4slhlz4VGXDm-QjeH40QIQTGGfcSGrTF6BA6kEIo50nngulaXpB-35JvgizZAqSm3ll4MUD7hZa9hXXPVZvkBRK_bcw_oz0z_B_Oyv9F_qpg-Tjqywh5zrWqjP_60xnp8iM8o2BJ4dZ5FZ43-5T04rE05Ym_J9jftNumxTV38UuhNttr7KwsOsNP77K8HTOBPi6fS31R_Hq56jT98nSdc6qNnBvHcQakBuKp6zkWayLJlWF4dlU8zbWGQ-q7AHT0iCQJwAPCgbp5Mw0fIOWsCFjVE87_WLjb0XIG6mRjIimXoLdsPvf7OFwiWVP9fV0RtTJ7xUu21AfeK8AojpchcrgVrD6XziDN6URsdINiPfKQX6m1dZfw-a9R7dzd0JL7t_ay8CoWZ5t4Mt_KYyq8-omPBVry62P5N1H-y4-j-sPTXEWo-CYZ8IdYUfNzp8faF8gJzPr9PaytSplJQlJsgeRnEPoTz1aFKjTAdpx8G2bETAcUfNs7XFSbHoT8HRWNwa1ZzPJ4px7AsNE9NwM0o1VJuPsR9JnWnQ1OPw6l2J1vl6IhdQ7aSBn8f3mFuv3c9j2Lm8HMW2Fm0ByKrdZeobKoWAZp5uNbPquOmlxiKqVWTqQihJAUexeW3hNgJNl9sTPVivfkRKIEvMUF4qmLaJwFGtIvN56TYXzwhLCFvIkFVTQVfNPPDJhVOvPdntY2NBYecWeZEVZMWKMriBBkMeUJKDOXWxVQwHShKzYQ4nk5jJFCxtrUYmthrm4B2wWVixG96blQunFqx1thQd8UuXAwpdjbHkALRxkuS2z05cuzNbt0nWIxmD8v3_AgPQD3iB7S-rDpK6CsWdUPjHu9Lx4N6FS88VEE2K28aBYOiaAHllYhFB1H4aOqDPoJ15K8P2zT0e1QiqfxVYdrZ9FSTo3vPAaDkMswbXMQQg_rVqLx3OiA6soy1dQAFILIFbURLHH3Kf-6pTw-8Kf6ZuD_VPpLwpPGr-5sihhoLe0Dfsic6bw6auxpJlX3e9Pfj0E6RYl9X_Rz2hQG4x0a4WWci1LuDU4JQZsM7AxCqxWO_hYV_WWy_t0Dvb5vNiXM85ZC2A23bZxG-dilH2fMDsJRHUUZ7fmCNDsFV4_67RU0mzfSCMYz7riRrdWjQtXe9-DVXxO4GwjDX30ltAkkJi9K0iBc-1riHUyQQWkJzSxnQHJe_lT2GnOd09-LXs19Kt-hHNxhA1LAEAP6O5NiWdEGLGtC1BpbJDDfUHV_imlVeNnvW4saTDdcxKvr4h3MUep8ThX19lDHr7wYVhR-H&cid=CAASBORoXkg&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220711_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

173.194.76.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ws-in-f154.1e100.net

Software

cafe /

Resource Hash

3eb33abcc9e17566662916a5dffff94c84a6819c2d20244a6acd54e47a9ec6bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 20:04:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15631
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9349 0
0 58ms
57ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CGdNGOQ7XYvCOCpm67APx3q-gAqaU5fBqwbWx560Q8C4QASCKjYsJYJWqs4LAB6AB6pHKpwHIAQWpAsefYJWkNLE-qAMBqgT0AU_QfM8PWlIIgdNB1dRcQqef_U2vggTkqxusdd6Q1E09IxU07lj4O-9DfpjOpI36Im1HXemjur7NIhjCbbt__dvFGsT51ilvgiYMEA_1O3QYHD9vONfa5qWt4PA4dfMSBAn4lSZmZJRUJUofsSuqa9po9GQDcUlqpGOqo9T2r842QhmSFmTImUhGlYPfwoJjYgODmI2iXqw6HWOYikWG3IG1uNOhb307RXhLKvoxjG0rD5he2CZgb_PRk_U7cE2HIPUNJl4qoyK4j0Esx4SUJLRi8W84SqRBiQeMSfQTjMn59cfnX3Tf6xNco0zbo8tOdI66BiXABPCN0J2cBOAEA4gF07bzyUGSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBk6AB_7ttdgCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwoQ85UKGKy-os4B0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwGwE4SF1w_IE6GR3-AD2BMKiBQ-2BQB0BUBgBcBshccChoIABIUcHViLTQ5ODk4OTIxNjg3Nzg0MTUYAA&sigh=yV84c2CqjNA&uach_m=[UACH]&cid=CAQSGwCNIrLMKj68uEdBE0N2fK8kBXhnxe4HLqgEhQ&vt=10

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4989892168778415&output=html&h=280&slotname=8350989238&adk=92410651&adf=2170088206&pi=t.ma~as.8350989238&w=750&fwrn=1&fwrnh=100&lmt=1658261049&rafmt=1&psa=0&format=750x280&url=https%3A%2F%2Fwww.croxyproxy.com%2F&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658261048887&bpp=1&bdt=345&idt=230&shv=r20220718&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280%2C0x0&nras=1&correlator=6082819289803&frm=20&pv=1&ga_vid=1720127308.1658261049&ga_sid=1658261049&ga_hid=1560700570&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=826&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C31068390%2C42531606&oid=2&pvsid=4414199030543765&tmod=708258018&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=XcyYynkltq&p=https%3A//www.croxyproxy.com&dtd=233
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 19 Jul 2022 20:04:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 9349 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 13b4caa06607d1b3db7546b924243dcfd5353c9f605db1d66f00cb04a0bb7380

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E806
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

106ms
93ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220718/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 19 Jul 2022 20:04:10 GMT
expires: Tue, 19 Jul 2022 20:04:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 19 Jul 2022 20:04:10 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Jb5du1wVqba4or3nurh6HQr9svaNG92rNWcoGauPISE.js Show response
pagead2.googlesyndication.com/bg/ Frame 2873 36 KB
14 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Jb5du1wVqba4or3nurh6HQr9svaNG92rNWcoGauPISE.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25be5dbb5c15a9b6b8a2bde7bab87a1d0afdb2f68d1bddab35672819ab8f2121

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 18:41:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 264151
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13868
x-xss-protection: 0
last-modified: Thu, 07 Jul 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 16 Jul 2023 18:41:38 GMT

GET
H3 200 13349439401667314574
tpc.googlesyndication.com/simgad/ Frame B44B 45 KB
45 KB 31ms
30ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13349439401667314574?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmJsktqWdF3J-2AU6pbQVeZF4M8Kw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4989892168778415&output=html&h=280&slotname=6586196016&adk=879348656&adf=399592571&pi=t.ma~as.6586196016&w=336&fwrn=1&fwrnh=100&lmt=1658261049&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwww.croxyproxy.com%2F&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658261048882&bpp=4&bdt=340&idt=185&shv=r20220718&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&correlator=6082819289803&frm=20&pv=2&ga_vid=1720127308.1658261049&ga_sid=1658261049&ga_hid=1560700570&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=452&ady=455&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C31068390%2C42531606&oid=2&pvsid=4414199030543765&tmod=708258018&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=JVOZYnmFFh&p=https%3A//www.croxyproxy.com&dtd=199

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e61f04ea795a27a75e1fa93d276cba291bd1066bc87cc321bb13988a659f860c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 11:03:56 GMT
x-content-type-options: nosniff
age: 464414
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45936
x-xss-protection: 0
last-modified: Thu, 02 Dec 2021 10:00:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 14 Jul 2023 11:03:56 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220718/r20110914/ Frame B44B 21 KB
9 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220718/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3e5424c940e81b700243272693cbd0ef8e46a75e5e420d479974cfa7c022665

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 19:29:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2101
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8695
x-xss-protection: 0
server: cafe
etag: 18278475684918935672
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Aug 2022 19:29:09 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/ Frame B44B 3 KB
1 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 19:52:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 680
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Aug 2022 19:52:50 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B44B 137 KB
42 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0de50a799ee39bde80bfb0943ba85616975f5c71e0e746b49c27c5b0d1731ef6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 20:04:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43203
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1658144321100200"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 19 Jul 2022 20:04:10 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/ Frame B44B 17 KB
7 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e352bd3598be515c20c398e90549e3f966fbce570d88adea32a7f43de7b08f83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 19:32:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1899
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7322
x-xss-protection: 0
server: cafe
etag: 17958847364917198933
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Aug 2022 19:32:31 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/ Frame B44B 30 KB
12 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe0dd527489b9ada352a33c4c98447e0070705bc816dfb87f3b008fb8ff5514a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 19:42:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1324
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12705
x-xss-protection: 0
server: cafe
etag: 7888163778620344625
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Aug 2022 19:42:06 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B44B 0
0 64ms
63ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cg81uOQ7XYrSGCYSI9u8Pga64iAHDqd7kasj3xKDED9nZHhABIIqNiwlglaqzgsAHoAGs8ri_AcgBAqkCzsLbuZQoCj6oAwHIA8kEqgTZAU_QzxOZXUBGZJfZwy8PaEMBpsvUPz1sZ-AmnTnOu8xeSwjmZngffrFMO1FYYJkWegqV0PGLZIg-k7z0JdDEMdZO2T_hlCBnMTiJwrVdV_RudaJn1FmYQzXXnQmkl8PXXHp_In8JH4SU1kabcsKNKoUPw1GPYtEDBmL00gGx7jt27NggOv0I2JqYvkxU_4dORbv58JRqhPhK3vbljGeQEwNJRPbVPQV5fFHoatp7oj7pSMubNBfm-CulHpAYKGDZY11yDbyjQdhAVY2gTyCVpl1SRdVC_29TrS7ABMfW6sfeA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAe8jcfAAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEO-WCNIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMM0BUBmBYBgBcBshccChoIABIUcHViLTQ5ODk4OTIxNjg3Nzg0MTUYAA&sigh=RFoL30aTRX0&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4989892168778415&output=html&h=280&slotname=6586196016&adk=879348656&adf=399592571&pi=t.ma~as.6586196016&w=336&fwrn=1&fwrnh=100&lmt=1658261049&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwww.croxyproxy.com%2F&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658261048882&bpp=4&bdt=340&idt=185&shv=r20220718&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&correlator=6082819289803&frm=20&pv=2&ga_vid=1720127308.1658261049&ga_sid=1658261049&ga_hid=1560700570&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=452&ady=455&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C31068390%2C42531606&oid=2&pvsid=4414199030543765&tmod=708258018&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=JVOZYnmFFh&p=https%3A//www.croxyproxy.com&dtd=199
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 19 Jul 2022 20:04:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 9349 41 KB
15 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220711_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 08:18:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42331
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jul 2023 08:18:39 GMT

HEAD
H/1.1

200
OK

file.mp4
r3---sn-4g5e6nsr.c.2mdn.net/videoplayback/id/42720a6f925d66fd/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3800868504/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 9349
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/42720a6f925d66fd/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3800868504/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
https://r3---sn-4g5e6nsr.c.2mdn.net/videoplayback/id/42720a6f925d66fd/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3800868504/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

101ms
20ms

Fetch
video/mp4

2a00:1450:4001:63::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-4g5e6nsr.c.2mdn.net/videoplayback/id/42720a6f925d66fd/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3800868504/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/55E26CD6528B9CA626C6A323B56D25E72A97BD5A.79B36F4155C20FE9952A34DBF5CDFD53D2CDEDAE/key/cms1/cms_redirect/yes/mh/3f/mip/2001:1b60:1010:3:1011:899:8413:dda1/mm/42/mn/sn-4g5e6nsr/ms/onc/mt/1658259666/mv/u/mvi/3/pl/29/file/file.mp4

Requested by

Host: www.croxyproxy.com
URL: https://www.croxyproxy.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:63::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 19 Jul 2022 20:04:10 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2332923
Last-Modified: Tue, 28 Jun 2022 12:47:02 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Tue, 19 Jul 2022 20:04:10 GMT

Redirect headers

date: Tue, 19 Jul 2022 20:04:10 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 665
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
location: https://r3---sn-4g5e6nsr.c.2mdn.net/videoplayback/id/42720a6f925d66fd/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3800868504/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/55E26CD6528B9CA626C6A323B56D25E72A97BD5A.79B36F4155C20FE9952A34DBF5CDFD53D2CDEDAE/key/cms1/cms_redirect/yes/mh/3f/mip/2001:1b60:1010:3:1011:899:8413:dda1/mm/42/mn/sn-4g5e6nsr/ms/onc/mt/1658259666/mv/u/mvi/3/pl/29/file/file.mp4
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 9349 0
17 B 135ms
63ms Ping
image/gif 2a00:1450:4006:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~l5sltb0t&c=1479712991453&slotId=739856495726.5&qqid=CLCPn-bfhfkCFRkdewodce8LJA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=736&mt=video%2Fmp4&vs=720x720&ulv=1&cll=0&vast_v=2.0&vmfc=11&vhc=0&msm=1&aits=0%2C18%2C22%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=346&vsrc=web_video_ads&ape=1&met.4=videopreviewvisible.qd
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220711_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4006:808::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Jul 2022 20:04:10 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AD0E 143 B
163 B 20ms
20ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4989892168778415&output=html&h=280&slotname=6586196016&adk=879348656&adf=399592571&pi=t.ma~as.6586196016&w=336&fwrn=1&fwrnh=100&lmt=1658261049&rafmt=1&psa=0&format=336x280&url=https%3A%2F%2Fwww.croxyproxy.com%2F&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658261048882&bpp=4&bdt=340&idt=185&shv=r20220718&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&correlator=6082819289803&frm=20&pv=2&ga_vid=1720127308.1658261049&ga_sid=1658261049&ga_hid=1560700570&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=452&ady=455&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C31068390%2C42531606&oid=2&pvsid=4414199030543765&tmod=708258018&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=JVOZYnmFFh&p=https%3A//www.croxyproxy.com&dtd=199
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3201
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Tue, 19 Jul 2022 19:10:49 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame B44B 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2d5b3272292d40974cddc95fe948b8c52fe78290f9fc83f98cc942a4b695ec7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame A61B 23 KB
9 KB 21ms
21ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 34702
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Jul 2022 10:25:48 GMT
expires: Wed, 19 Jul 2023 10:25:48 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AD0E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

80ms
79ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 19 Jul 2022 20:04:10 GMT
expires: Tue, 19 Jul 2022 20:04:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 19 Jul 2022 20:04:10 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Jb5du1wVqba4or3nurh6HQr9svaNG92rNWcoGauPISE.js Show response
pagead2.googlesyndication.com/bg/ Frame 2A40 36 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Jb5du1wVqba4or3nurh6HQr9svaNG92rNWcoGauPISE.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25be5dbb5c15a9b6b8a2bde7bab87a1d0afdb2f68d1bddab35672819ab8f2121

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 18:41:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 264152
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13868
x-xss-protection: 0
last-modified: Thu, 07 Jul 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 16 Jul 2023 18:41:38 GMT

GET
H3 200 E2dGzQBU3-hFQzCJ1SK9yR3-Nqj68cGhnayTXqjoLgQ.js Show response
pagead2.googlesyndication.com/bg/ Frame A61B 35 KB
13 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/E2dGzQBU3-hFQzCJ1SK9yR3-Nqj68cGhnayTXqjoLgQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

136746cd0054dfe845433089d522bdc91dfe36a8faf1c1a19dac935ea8e82e04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 19:34:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1759
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13706
x-xss-protection: 0
last-modified: Thu, 07 Jul 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 19 Jul 2023 19:34:51 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A61B 0
20 B 56ms
56ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BAZeEOQ7XYo3UPKfNxgKQkIfQBAAAAAA4AeAEAg&bg=!VFelVxPNAAZlvz3gRb87ACkAdvg8WsBbiFaXKIY0kLOJHEyEQpxK_jpK3muNwd7opN1jGY5F_M4Q9gIAAABPUgAAAAJoAQcKAElvsyc5pBjHyF7Y_vI524Ey9X1u-fivepgZ-Rviy5G-ibONJyH6mHPPMvYM0XDnpInsZQlKONcS3T_4TEfV0b7d1PL1XyK6sThJmQK7OhAxJ1T9ZY-fVuX6IGBE-3hb0aSOfMicGvgaw3demnjeJEQnShVNy9JJ1u3X0O3yKOCHEvTidImOQq50p0Mo0_YC_ANagfim0SIdr2sZkqg_hyU2wjMX8zmVlo_P2oWVROcqWMQhokiyu-2aeuXfy-n9mZDm7BbCVhOfStIqJdEECK58cPO2f-mNY-EeapGIlYBqQtA0_9TKyMDDq9aw_28zs2XCaUGc5PMq15VBF1qFDWBxGJhC7rDKPhrraKxm652XBkU-DaanRALj4XrokBY53LVYE0r8hUl4l6oPLUQyetx7rhMQE-D75mR7Yv3hLozketLdvomvms5o5BOenxfSn9dG6NQtsDzORMxywh_Fw0VUVNQLo-NcWnHnKA6lZfyqKW7BMpphhZZtCybjDzt1TfgA75xZEOi4RISQ0ViXDsNFWm4PC8BIe2sF4l3Cc48PJFbowlEJFw0cz7XZjLpTAVN-_TwRZpwqjBD0dKKXr1QHTxi4YwRXt4Cbcou7SEIN3xXZrXZDzI6r5gzKWZkcqdlaehvjQZYmasMCfTjBcWTf7V1dw8x_nzVQvc6itxLukj-orNo15o-86LHQ-r_LrY2_ZqgFr34DZKMSaMVUjGc7gpuU7z2pl9oI8bREZ33k03zcvwh9xONGVLe7AYQB1xcI3W_xo9ufWEaP1S9HFbyEEK62AgEacRwZFo8qFwmGl5Z-ryjymUSiTArdXkQOaytChIfBSnNi4tyVxQIA1SHm6SoDeJeI5NWtevDi4ocq99qagnspGeL2Q_Q78HABf72dqHugQ_3H4cksFTifzpm-pQXhxBIZFTC2xuDezaPEUo2QJqsRxM21WMLCJGNtPXmz5CJmkQc-KD5dplAF5z6BXvTNgvdbvvqnMG-ZlsiL4EgFezu4z3KjzMUsepnzfi4gPEIJvRhd

Requested by

Host: www.croxyproxy.com
URL: https://www.croxyproxy.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Jul 2022 20:04:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 206 file.mp4
r3---sn-4g5e6nsr.c.2mdn.net/videoplayback/id/42720a6f925d66fd/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3800868504/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 9349 2 MB
2 MB 44ms
21ms Media
video/mp4 2a00:1450:4001:63::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.croxyproxy.com
URL: https://www.croxyproxy.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:63::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

ff043bbec7f561560586e38eab02c3fe05508da36a123a1313f9a7c59921c700

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 19 Jul 2022 20:04:10 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-2332922/2332923
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2332923
expires: Tue, 19 Jul 2022 20:04:10 GMT
last-modified: Tue, 28 Jun 2022 12:47:02 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

POST
H3 204 csi
csi.gstatic.com/ Frame 9349 0
17 B 63ms
63ms Ping
image/gif 2a00:1450:4006:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~l5sltb6f&c=1479712991453&slotId=739856495726.5&qqid=CLCPn-bfhfkCFRkdewodce8LJA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=736&mt=video%2Fmp4&vs=720x720&ple=1&umsem=0&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fgcdn.2mdn.net%252Fvideoplayback%252Fid%252F42720a6f925d66fd%252Fitag%252F346%252Fsource%252Fweb_video_ads%252Fctier%252FL%252Facao%252Fyes%252Fip%252F0.0.0.0%252Fipbits%252F0%252Fexpire%252F3800868504%252Fsparams%252Fid%252Citag%252Csource%252Cctier%252Cacao%252Cip%252Cipbits%252Cexpire%252Fsignature%252F329BFF2BC8B712795DC1BAE77A3462FF5B7B9728.6692B305700B6C8DC21691B142677512921A1F32%252Fkey%252Fck2%252Ffile%252Ffile.mp4&encoded_body_size=0&transfer_size=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220711_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4006:808::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Jul 2022 20:04:10 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 82ms
38ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220718&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8852fce88538d0d49c1e0f01353d5855d06484b3608b117d2a6373ef19e76d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.croxyproxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 19 Jul 2022 20:04:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11044
x-xss-protection: 0

GET
H2 200 dc_oe=ChMIzdTR5t-F-QIVp6ZRCh0QyAFKEAAYACCigo9TOhoI4q-i2QIQ8I3QnZwEGKGR3-ADIMG1seetEEITCLCPn-bfhfkCFRkdewodce8LJA;dc_rmcid=CAASBORoXkg;eps=CIDhgBAQARgfMgKqAjoCgEA;met=1;acvw=sv%3D929%26v%3D20220711%...
ade.googlesyndication.com/ddm/activity/ Frame 9349 42 B
494 B 122ms
58ms Image
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIzdTR5t-F-QIVp6ZRCh0QyAFKEAAYACCigo9TOhoI4q-i2QIQ8I3QnZwEGKGR3-ADIMG1seetEEITCLCPn-bfhfkCFRkdewodce8LJA;dc_rmcid=CAASBORoXkg;eps=CIDhgBAQARgfMgKqAjoCgEA;met=1;acvw=sv%3D929%26v%3D20220711%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D20010%26vmtime%3D4%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D957490499%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1658261050411;dc_rfl=[URL_SIGNALS];ecn1=1;etm1=0;eid1=11;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Jul 2022 20:04:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 9349 42 B
64 B 32ms
32ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CnE40OQ7XYvCOCpm67APx3q-gAqaU5fBqwbWx560Q8C4QASCKjYsJYJWqs4LAB6AB6pHKpwHIAQWpAsefYJWkNLE-qAMByAObBKoE9wFP0HzPD1pSCIHTQdXUXEKnn_1Nr4IE5KsbrHXekNRNPSMVNO5Y-DvvQ36YzqSN-iJtR13po7q-zSIYwm27f_3bxRrE-dYpb4ImDBAP9Tt0GBw_bzjX2ualreDwOHXzEgQJ-JUmZmSUVCVKH7ErqmvaaPRkA3FJaqRjqqPU9q_ONkIZkhZkyJlIRpWD38KCY2IDg5iNol6sOh1jmIpFhtyBtbjToW99O0V4Syr6MYxtKw-YXtgmYG_z0cv0mWxFvbbHn-m987XoYa6-35t-Z1Ed4YXGk065SyoNpVEnphe9UFRg8HFsJQr4AFmdfbTnVrlYexDv6StjwATwjdCdnATgBAOQBgGgBk6AB_7ttdgCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIEQiA4YAQEAEYHzICqgI6AoBAgAoBmAsByAsBgAwBsBOEhdcPyBOhkd_gA9gTCogUPtgUAdAVAfgWAYAXAQ&sigh=U8eUrJTOFE4&label=part2viewed&ad_mt=5&acvw=sv%3D929%26v%3D20220711%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D20010%26vmtime%3D4%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D957490499%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1658261050411

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4989892168778415&output=html&h=280&slotname=8350989238&adk=92410651&adf=2170088206&pi=t.ma~as.8350989238&w=750&fwrn=1&fwrnh=100&lmt=1658261049&rafmt=1&psa=0&format=750x280&url=https%3A%2F%2Fwww.croxyproxy.com%2F&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658261048887&bpp=1&bdt=345&idt=230&shv=r20220718&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280%2C0x0&nras=1&correlator=6082819289803&frm=20&pv=1&ga_vid=1720127308.1658261049&ga_sid=1658261049&ga_hid=1560700570&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=826&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C31068390%2C42531606&oid=2&pvsid=4414199030543765&tmod=708258018&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=XcyYynkltq&p=https%3A//www.croxyproxy.com&dtd=233
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Jul 2022 20:04:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9349 0
622 B 149ms
67ms Image
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstT-JV7BCZkb6MwrI6dmA_abbMwMwdJTkSaN_yHp6-9-DoFSDcAlK_ZsuS8eJajETOdJqIk6zdh8tfmdBjJbKt_AWzvGmDbVf0R_5KBEGE9r5MErCsfuawSgOJqycccEb3dxa8cFRzpXklHS1GOEYKOL9RUCPAz1_VKBWF2aOSdChChHg4KYeWcyp6g2GEfvLkjDDPMmH5TF0hHECbo3VZ7t--3BemN4asUxNC_SqE-qx5XiyFn2Lbk9ZfATWS8P4awoLrSJUsq9Dkm4FZSdN-gIJGgtz4dIK-p7XFNr3BCXnLp0KN5MBgPvm8O1_-JhV_i-e24pVlw6C-Y_h0f0Y_hLsGWyZWum0_KuZBR-nCw7lPMdw_uF68BqlGkjzDU5CHX2_Cngo_UkxSdKEnzmiZtG_lSOCPu_7py7rYGghporTMwk6d-3kXcixPv3c-asGFM-UHisE3DyF2IeV8XwZ9V0un639uMtOZA7uubulFsJW1PCcNFqH3o3Dkf6eUQru45D-jEkTciCnvUmyVJXWfP9y5syTFToTWo3quNz8Hn7Xei-npmkcUsVA60RmXWGMLw1IqDGTnfP38UXUV57773eOu_Md57wPvNmxm-WtyQAxHJdveFAXAxRAvNKR6D5MpBZW1YTKuBMEJH8G4A42oLiyYurFNOoKE2z6Vvs47Bl6ugDUbkun17_YretrqZMascppSTpScPfq0Ckt9GCiiJR1S2pGnNQUZcAFl2oghxAsSDtddDYHXCfRP00FwnihQ7pAOS-I3p1ZW31InskUoZyW_2sWB1Q5qhTThz4y9kvlaSfACZeCroBDAPHIP33oUkNK3F9Kzzdyzr2iI7YMqfvxD_MalP9JB4fXp5rbZxL9tgYv2Eb9S79giYGyB72RZFJZCfi4w9HEro7Nmt4juBVHUcHQp2rIVfYALv_BGWChprTsi5yQyEnkIkLUtSUF7NqTGDm_tcbOYDsbxSE9U_DBI7oR6Zi8YWO07vr97Tv4rROxakvVZHeCLLA-GBmQITyVTZMssoojLO8HtqrHbSsRKFISF1oTmmcArUZlp7ffR6jX_5GNlCpRqPjkkOR2N4o7d1iGnTlGOqop0ueEEQqkNkKSn_oLy9rL589lr3uikpSq75Hn9Tu1dkIgsYAHLtdi29NvuFfUSIgKCvrmmrcThwO5iQJ92xEe5M3bRZubz9TNUlCNQ7xNTPAoFz&sai=AMfl-YR9WJfoBzSNoAqSwEZk8VCt_GsmFLzlGhqEffM8koTQPk-s-WTUtS-1Jiy34d1MHDujxa1Lmg_Q-JDQbOEV-vnuyxfo_tJZ9Ey9N71-0XLhYOELSnaCzCvA7MgtZHoIuaWBLNjm7vewQUeYMKUqUp67Q6XaFVc&sig=Cg0ArKJSzJUDPPwGnuM2EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Tue, 19 Jul 2022 20:04:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 pixel
googleads.g.doubleclick.net/xbbe/ Frame 9349 0
16 B 33ms
31ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvIn8kCEOKvotkCGKy-os4BIAEwAQ&v=APEucNWYTPOuaXdpC2MVQFHhGCAVig_Ca6IEnp2iB_6fdfVLMy6fSv8u45lSWmmagl_YDCe69zD_pS1TH3yqGGrkn42b7dMRkw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4989892168778415&output=html&h=280&slotname=8350989238&adk=92410651&adf=2170088206&pi=t.ma~as.8350989238&w=750&fwrn=1&fwrnh=100&lmt=1658261049&rafmt=1&psa=0&format=750x280&url=https%3A%2F%2Fwww.croxyproxy.com%2F&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658261048887&bpp=1&bdt=345&idt=230&shv=r20220718&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280%2C0x0&nras=1&correlator=6082819289803&frm=20&pv=1&ga_vid=1720127308.1658261049&ga_sid=1658261049&ga_hid=1560700570&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=826&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C31068390%2C42531606&oid=2&pvsid=4414199030543765&tmod=708258018&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=XcyYynkltq&p=https%3A//www.croxyproxy.com&dtd=233
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 20:04:10 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9349 0
20 B 54ms
53ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Jul 2022 20:04:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMIzdTR5t-F-QIVp6ZRCh0QyAFKEAAYACCigo9TOhoI4q-i2QIQ8I3QnZwEGKGR3-ADIMG1seetEEITCLCPn-bfhfkCFRkdewodce8LJA;dc_rmcid=CAASBORoXkg;eps=CIDhgBAQARgfMgKqAjoCgEA;met=1;acvw=sv%3D929%26v%3D20220711%...
ade.googlesyndication.com/ddm/activity/ Frame 9349 42 B
107 B 121ms
58ms Image
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIzdTR5t-F-QIVp6ZRCh0QyAFKEAAYACCigo9TOhoI4q-i2QIQ8I3QnZwEGKGR3-ADIMG1seetEEITCLCPn-bfhfkCFRkdewodce8LJA;dc_rmcid=CAASBORoXkg;eps=CIDhgBAQARgfMgKqAjoCgEA;met=1;acvw=sv%3D929%26v%3D20220711%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D20010%26vmtime%3D4%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D957490499%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1658261050411;ecn1=1;etm1=0;eid1=200101;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Jul 2022 20:04:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 9349 42 B
64 B 58ms
57ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvO889r8lTA4DLhXhbhuA6tvqaVHRFOvwmLvG7CjJIph318w_-5TlCrZ2KRr2db4I6dFvKld4TnqiGkkaoQKe8Jfy-I16qFSeUG9o6xlQCSN_-IlrC6Aw_R0XUU3LOEM30xufBbPSem4BAz&sai=AMfl-YTaqeRDF0Ry3-NxQnXszclU5NhyVkwn6z6cQ_2GsWRjX_INzSdgcCXG21w9LRTBQgAa-XltJ0o8LN00&sig=Cg0ArKJSzN1EANrIiMQjEAE&cid=CAASBORoXkg&id=lidarv&acvw=sv%3D929%26v%3D20220711%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D20010%26vmtime%3D4%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D957490499%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1658261050411&avm=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Jul 2022 20:04:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 9349 42 B
64 B 32ms
31ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CnE40OQ7XYvCOCpm67APx3q-gAqaU5fBqwbWx560Q8C4QASCKjYsJYJWqs4LAB6AB6pHKpwHIAQWpAsefYJWkNLE-qAMByAObBKoE9wFP0HzPD1pSCIHTQdXUXEKnn_1Nr4IE5KsbrHXekNRNPSMVNO5Y-DvvQ36YzqSN-iJtR13po7q-zSIYwm27f_3bxRrE-dYpb4ImDBAP9Tt0GBw_bzjX2ualreDwOHXzEgQJ-JUmZmSUVCVKH7ErqmvaaPRkA3FJaqRjqqPU9q_ONkIZkhZkyJlIRpWD38KCY2IDg5iNol6sOh1jmIpFhtyBtbjToW99O0V4Syr6MYxtKw-YXtgmYG_z0cv0mWxFvbbHn-m987XoYa6-35t-Z1Ed4YXGk065SyoNpVEnphe9UFRg8HFsJQr4AFmdfbTnVrlYexDv6StjwATwjdCdnATgBAOQBgGgBk6AB_7ttdgCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIEQiA4YAQEAEYHzICqgI6AoBAgAoBmAsByAsBgAwBsBOEhdcPyBOhkd_gA9gTCogUPtgUAdAVAfgWAYAXAQ&sigh=U8eUrJTOFE4&label=vast_creativeview&ad_mt=5&acvw=sv%3D929%26v%3D20220711%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D20010%26vmtime%3D4%26is%3D18%26i0%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D957490499%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1658261050411

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4989892168778415&output=html&h=280&slotname=8350989238&adk=92410651&adf=2170088206&pi=t.ma~as.8350989238&w=750&fwrn=1&fwrnh=100&lmt=1658261049&rafmt=1&psa=0&format=750x280&url=https%3A%2F%2Fwww.croxyproxy.com%2F&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658261048887&bpp=1&bdt=345&idt=230&shv=r20220718&mjsv=m202207130101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280%2C0x0&nras=1&correlator=6082819289803&frm=20&pv=1&ga_vid=1720127308.1658261049&ga_sid=1658261049&ga_hid=1560700570&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=425&ady=826&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763505%2C31068390%2C42531606&oid=2&pvsid=4414199030543765&tmod=708258018&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=XcyYynkltq&p=https%3A//www.croxyproxy.com&dtd=233
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Jul 2022 20:04:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 9349 0
17 B 62ms
62ms Ping
image/gif 2a00:1450:4006:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~l5sltbdo&c=1479712991453&slotId=739856495726.5&qqid=CLCPn-bfhfkCFRkdewodce8LJA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=736&mt=video%2Fmp4&vs=720x720&dm=20000&event_name=first_play&asset_bytes=219339&video_bytes=0&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=11&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=1&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=ff.103~videopreviewstarted.105
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220711_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4006:808::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Jul 2022 20:04:10 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.croxyproxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 20:04:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 19 Jul 2022 20:04:10 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 05F0 13 KB
5 KB 21ms
21ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.croxyproxy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1760
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 19 Jul 2022 19:34:50 GMT
expires: Wed, 19 Jul 2023 19:34:50 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6118 783 B
535 B 33ms
32ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9f570afb5f9770b2fb2ba8938b4bab9619dddd987611fddaf0a5a91ab37d8242

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-RZROTZZqstHMKY8kqgJDoA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.croxyproxy.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-RZROTZZqstHMKY8kqgJDoA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 19 Jul 2022 20:04:10 GMT
expires: Tue, 19 Jul 2022 20:04:10 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Jb5du1wVqba4or3nurh6HQr9svaNG92rNWcoGauPISE.js Show response
pagead2.googlesyndication.com/bg/ Frame 05F0 36 KB
14 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Jb5du1wVqba4or3nurh6HQr9svaNG92rNWcoGauPISE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25be5dbb5c15a9b6b8a2bde7bab87a1d0afdb2f68d1bddab35672819ab8f2121

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 16 Jul 2022 18:41:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 264152
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13868
x-xss-protection: 0
last-modified: Thu, 07 Jul 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 16 Jul 2023 18:41:38 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6118 0
0 119ms
118ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220718&jk=4414199030543765&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 05F0 0
9 B 21ms
20ms Image
text/plain 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?BiKGCA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 20:04:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E323 42 B
64 B 60ms
60ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvsN_PdDaWtq8uHNX-K2m2h_BMnYBiwpdKBuQbTAy_NmG1ZY3PZH8SmLB882d6VDbxmgBx5JrMUlfbN_dnRvJmu_kkZ5IfHPAb_aL0uNV7z1GDPBnMmZyI0VcqRavSb-fPeYvzkUT1TXm5I&sai=AMfl-YQ9U6Q9b2KhruAbibAMTFzDbVo8uzU-NagA7me6X9AvSxP3zbwv7a_fDo0hBurV8N8tlLJrq2hwFm26&sig=Cg0ArKJSzFAGRGCcWDdTEAE&id=lidar2&mcvt=1000&p=0,0,280,336&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220718&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=250807456&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1658261049096&rpt=863&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Jul 2022 20:04:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 160B 42 B
64 B 58ms
57ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu38QR8dWRu_cBgXsNTaYG1WU_4nxAmzyDWa0_UmRHf5DI-OYr1gWcjyT8ExT-vSI20U4QJe3jLDCdGmOs8tx-O-m-p8JhkZysIJAGIHU3DFBn9Qs86ZvgW9002sDnEpJXmpCZSVHquSFbA&sai=AMfl-YQKaIqDZaKolikyHMcEYMTaizKmg4VXV7LLqfQI9rZQqLktCjb-FCbWaA5rmMF8ovJuI-9qcHXW-gAT&sig=Cg0ArKJSzM1yEt4bICtrEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=127,811,1000,1134,1134&tos=127,684,189,134,0&v=20220718&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1658261049638&rpt=262&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Jul 2022 20:04:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B44B 42 B
64 B 58ms
58ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssVdlseqVupZe-vFi4ip3txLHZ52Ad9flXPOJYifcuelSX4VcUZjWG_IZaz8e4VSrrrHgI3ZAlXQ06rjRAI6cK-fTkI4Ko7ifp9M9xsTBu9hprBnVkugbec9UWEnNma5q7NWUWyvg9FCEeV&sai=AMfl-YRKJVJlG69jFK_monMJ4YefnrMQAPFjClV6YpmdXezLuuXasTQ2VCvoq-zZE_LzTz2UhQOh5cpOBDE6&sig=Cg0ArKJSzPMtjTHqpuXzEAE&id=lidar2&mcvt=1001&p=0,0,280,336&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220718&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=879348656&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1658261049083&rpt=1024&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Jul 2022 20:04:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 89ms
89ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220718&jk=4414199030543765&bg=!7e6l7qrNAAZlvz3gRb87ACkAdvg8Wkr_53Kl28reauRZ0Ve71Qvkc_1gXwPoIAatnyQXEVgFI52i7gIAAABQUgAAAAJoAQcKAKLlffTt07Ga0dw1Sq2GeIMnAiMKNYKwRcWqG1dBNaNAzgqQuuKXGi1bIs3fkVn91o42YtWvs98YRL4uzyLfh_sXxlecpaSaFsyzacPTIT_e2htBpi98kL0g9hbQaOai8_jsZ3UyrUzupeq3SioLWm7n070_VxXMqVZd9XyINlvXkmBGUd9wocbiwWgrkN2sNmkbA-LOglDmuMMBjzZluT8nMoGZApnkLsPA5tAJjDcErlP9hk8xWZ53vJ1d4QXk_mBFxZI08EIdNVA1A5Y3SCod5oBPEyVRGZEXJ-pwZ5emLkpvTdHjm5ZE6Lqof3zdRCsYZP9v9v3W5j1nzXd1S9uFSbURzSdgHkie_MglU9wPkMyN7U0g_UjFN3R61STB_MLR3D7OhStdHWOgpLNONp7CyMGi9dM4SLN6FjE33WdkmIvzX6qzXCytTywitfxSYSG2YPBIOjiKiTYY3TRXytcXu1dEoJo70Zh34c78DMIi_5VJs6xKFkcwddASJk-l-ClnTQ5uDgzU-Ash2cURx0iWqeXT-jjN6ryxT7AwU76kpNGLpCAg_7PuLs5QaF_HBvaTj3OmEMvtfisNvYF4e980V3kV1nJZqlOgy48Ij5xi-HPjouasZCe2hMbPv5ZkodNEdSkOF47AujTkRnHWekuIIskKaPOP6pyRySqbz0bXUkfPgaxWaI93f98IaIPNZZJQFykZDY0G10qj-T6dUZOCXJkrGkbcIuH_2vts9o9aL6Z1JC83FiBkF-9mBssWD0dMcsR5eFT96u9EOkRObOaOTFyXSXc-I63Q3Ikp8zU8CUcUWhuocr3joQrQe2qbzc2WxVXxyVPNDhDllGInmKwntdQCOi3N4YWkWC0Edo0uZj7w9U_it93j4Ozo6Lkhtuo9prt33C0iv29gUOOLumVr3H-TV62jRANxKQVF5gRwkr_6USVxPkqpOfdVzrffFK6j3ouMad55U-pqZjlPzQpsKWihyqIoeDiM9OgZBePZ9QFEvc62SStHtC2BWzPDoMErk6uJWpFgv3YM-2InTEMnLS-ahn1H5Yl-WIqC3bT6Q8oLgwslmw0LdLYeQycfafBnhz96LOfGwJPlHwtPlw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.croxyproxy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 200 dc_oe=ChMIzdTR5t-F-QIVp6ZRCh0QyAFKEAAYACCigo9TOhoI4q-i2QIQ8I3QnZwEGKGR3-ADIMG1seetEEITCLCPn-bfhfkCFRkdewodce8LJA;dc_rmcid=CAASBORoXkg;eps=CIDhgBAQARgfMgKqAjoCgEA;met=1;acvw=sv%3D929%26v%3D20220711%...
ade.googlesyndication.com/ddm/activity/ Frame 9349 42 B
63 B 97ms
57ms Image
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIzdTR5t-F-QIVp6ZRCh0QyAFKEAAYACCigo9TOhoI4q-i2QIQ8I3QnZwEGKGR3-ADIMG1seetEEITCLCPn-bfhfkCFRkdewodce8LJA;dc_rmcid=CAASBORoXkg;eps=CIDhgBAQARgfMgKqAjoCgEA;met=1;acvw=sv%3D929%26v%3D20220711%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,242,273,508%26tos%3D2004,0,0,0,0%26mtos%3D2004,2004,2004,2004,2004%26amtos%3D0,0,0,0,0%26mcvt%3D2004%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2166%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D40%26pst%3D201%26dur%3D20010%26vmtime%3D2171%26dtos%3D2004%26dtoss%3D1%26dvs%3D2004%26dfvs%3D2004%26dvpt%3D2166%26is%3D275%26i0%3D18%26ic%3D16777473%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D957490499%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,2004;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.03%26t%3D1658261050411;ecn1=1;etm1=0;eid1=200000;

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Jul 2022 20:04:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 9349 42 B
64 B 57ms
57ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvO889r8lTA4DLhXhbhuA6tvqaVHRFOvwmLvG7CjJIph318w_-5TlCrZ2KRr2db4I6dFvKld4TnqiGkkaoQKe8Jfy-I16qFSeUG9o6xlQCSN_-IlrC6Aw_R0XUU3LOEM30xufBbPSem4BAz&sai=AMfl-YTaqeRDF0Ry3-NxQnXszclU5NhyVkwn6z6cQ_2GsWRjX_INzSdgcCXG21w9LRTBQgAa-XltJ0o8LN00&sig=Cg0ArKJSzN1EANrIiMQjEAE&cid=CAASBORoXkg&id=lidarv&acvw=sv%3D929%26v%3D20220711%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D7,242,273,508%26tos%3D2004,0,0,0,0%26mtos%3D2004,2004,2004,2004,2004%26amtos%3D0,0,0,0,0%26mcvt%3D2004%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2166%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D40%26pst%3D201%26dur%3D20010%26vmtime%3D2171%26dtos%3D2004%26dtoss%3D1%26dvs%3D2004%26dfvs%3D2004%26dvpt%3D2166%26is%3D275%26i0%3D18%26ic%3D16777473%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D957490499%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,2004&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.03%26t%3D1658261050411

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Jul 2022 20:04:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: lmmpgfjnchldhcieiiegcpdmaidkaanb
URL: chrome-extension://lmmpgfjnchldhcieiiegcpdmaidkaanb/shared/images/test.png

Domain: djpehmepgepfpoiaendmglmnjmmfalio
URL: chrome-extension://djpehmepgepfpoiaendmglmnjmmfalio/shared/images/test.png

Domain: ckjnnmdnpicjmpmcheonhjhbhamjclhi
URL: chrome-extension://ckjnnmdnpicjmpmcheonhjhbhamjclhi/shared/images/test.png

Domain: haanbmjmhcofgngkioelkdablmmmbhoo
URL: chrome-extension://haanbmjmhcofgngkioelkdablmmmbhoo/shared/images/test.png

Domain: docbehmolikiogjomonmfieaidgfcbpc
URL: chrome-extension://docbehmolikiogjomonmfieaidgfcbpc/shared/images/test.png

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.croxyproxy.com/	1970-01-20 22:08:53	Name: _ga Value: GA1.2.1720127308.1658261049
.croxyproxy.com/	1970-01-20 04:39:07	Name: _gid Value: GA1.2.1996062922.1658261049
.croxyproxy.com/	1970-01-20 04:37:41	Name: _gat_gtag_UA_111548442_4 Value: 1
.croxyproxy.com/	1970-01-20 04:37:41	Name: _gat_gtag_UA_111548442_12 Value: 1
.addthis.com/	1970-01-20 14:07:55	Name: uvc Value: 1%7C29
.croxyproxy.com/	1970-01-20 13:59:17	Name: __gads Value: ID=051df2465e8b4218-22032835d1cd00f6:T=1658261049:RT=1658261049:S=ALNI_MZMoqDVUYfeG-1GpIHyTVR3cnmRUQ
.userreport.com/	1970-01-20 13:23:17	Name: __bpn_uid Value: db4b0d46-fe0b-4534-8014-ab0ff4f73095
.userreport.com/	1970-01-20 13:23:17	Name: __ur_i Value: 0
.userreport.com/	1970-01-20 13:23:17	Name: __ur_dc Value: 1658261049248
.adform.net/	1970-01-20 05:22:19	Name: C Value: 1
.adform.net/	1970-01-20 06:04:05	Name: uid Value: 7874544230180438437
.doubleclick.net/	1970-01-20 13:59:17	Name: IDE Value: AHWqTUk5RNZA7MYxkJU2LenAkqpzrfdMoJJuVLe99IekMs3UtOc3A_9Z5JoVzDGOcLQ
.addthis.com/	1970-01-20 14:07:55	Name: loc Value: MDAwMDBFVURFTkkyMzMzMTg4NTAwMTAwMDBDSA==
.doubleclick.net/	1970-01-20 04:37:44	Name: DSID Value: NO_DATA

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.croxyproxy.com/ Message: Refused to load the image 'chrome-extension://lmmpgfjnchldhcieiiegcpdmaidkaanb/shared/images/test.png' because it violates the following Content Security Policy directive: "default-src https: data: 'unsafe-eval' 'unsafe-inline'". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
security	error	URL: https://www.croxyproxy.com/ Message: Refused to load the image 'chrome-extension://djpehmepgepfpoiaendmglmnjmmfalio/shared/images/test.png' because it violates the following Content Security Policy directive: "default-src https: data: 'unsafe-eval' 'unsafe-inline'". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
security	error	URL: https://www.croxyproxy.com/ Message: Refused to load the image 'chrome-extension://ckjnnmdnpicjmpmcheonhjhbhamjclhi/shared/images/test.png' because it violates the following Content Security Policy directive: "default-src https: data: 'unsafe-eval' 'unsafe-inline'". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
security	error	URL: https://www.croxyproxy.com/ Message: Refused to load the image 'chrome-extension://haanbmjmhcofgngkioelkdablmmmbhoo/shared/images/test.png' because it violates the following Content Security Policy directive: "default-src https: data: 'unsafe-eval' 'unsafe-inline'". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
security	error	URL: https://www.croxyproxy.com/ Message: Refused to load the image 'chrome-extension://docbehmolikiogjomonmfieaidgfcbpc/shared/images/test.png' because it violates the following Content Security Policy directive: "default-src https: data: 'unsafe-eval' 'unsafe-inline'". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20220718/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271801&client=ca-pub-4989892168778415&fa=1&ifi=6&uci=a!6&btvi=2&xpc=zwwHwtXyjq&p=https%3A//www.croxyproxy.com Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src https: data: 'unsafe-eval' 'unsafe-inline'; object-src https:
Strict-Transport-Security	max-age=0 max-age=15768000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ade.googlesyndication.com
adservice.google.com
adservice.google.de
audex.userreport.com
bid.g.doubleclick.net
cdn.blockaway.net
cdn.croxyproxy.com
cdn.userreport.com
cdnjs.cloudflare.com
cdw-dcl.userreport.com
ckjnnmdnpicjmpmcheonhjhbhamjclhi
cm.g.doubleclick.net
csi.gstatic.com
djpehmepgepfpoiaendmglmnjmmfalio
dmp.adform.net
docbehmolikiogjomonmfieaidgfcbpc
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
haanbmjmhcofgngkioelkdablmmmbhoo
imasdk.googleapis.com
lmmpgfjnchldhcieiiegcpdmaidkaanb
m.addthis.com
pagead2.googlesyndication.com
partner.googleadservices.com
platform.twitter.com
r3---sn-4g5e6nsr.c.2mdn.net
s7.addthis.com
stats.g.doubleclick.net
syndication.twitter.com
tag.userreport.com
tpc.googlesyndication.com
v1.addthisedge.com
visitanalytics.userreport.com
www.croxyproxy.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
z.moatads.com
ckjnnmdnpicjmpmcheonhjhbhamjclhi
djpehmepgepfpoiaendmglmnjmmfalio
docbehmolikiogjomonmfieaidgfcbpc
haanbmjmhcofgngkioelkdablmmmbhoo
lmmpgfjnchldhcieiiegcpdmaidkaanb
s7.addthis.com
104.244.42.8
104.75.88.126
13.32.99.15
13.32.99.27
142.250.185.66
142.250.185.98
142.250.186.66
142.250.186.98
143.204.215.89
173.194.76.154
23.35.237.151
2600:9000:223f:1600:11:af01:b40:93a1
2600:9000:2315:a600:19:d208:7940:93a1
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700:3031::6815:5aa7
2606:4700::6811:180e
2a00:1450:4001:63::8
2a00:1450:4001:803::2003
2a00:1450:4001:806::2002
2a00:1450:4001:809::200a
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::200e
2a00:1450:4001:80e::2003
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:812::200e
2a00:1450:4001:829::2003
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2004
2a00:1450:4006:808::2003
2a00:1450:400c:c0d::9d
2a06:98c1:3120::3
37.157.6.246
64.227.120.231
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
069c81d3601088f444901b1efbed69d35a0594d021c55f7bd456df54a117ff31
09e298fd9b3051dfcab1ec4dc4931a9e476a0de10ce2a11db1a367ae6782f521
0d940ac7e8c3c49747d915c3ef7e6dc9d5b6d50f9f1184386ffb6e594f8c5503
0de50a799ee39bde80bfb0943ba85616975f5c71e0e746b49c27c5b0d1731ef6
10aabba53db37c57fc91cd84452a59ddb48c7c1e44b720d091f9a0fa600a4b50
136746cd0054dfe845433089d522bdc91dfe36a8faf1c1a19dac935ea8e82e04
13b4caa06607d1b3db7546b924243dcfd5353c9f605db1d66f00cb04a0bb7380
1774cf1666074c7bb9b378b2a6df98ab91703ad64163524822a6f6fa6941c384
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
20a3ef6979bbe5e4de1afaecc703e1d34cbc5e3ceab36d378539506327692d72
25be5dbb5c15a9b6b8a2bde7bab87a1d0afdb2f68d1bddab35672819ab8f2121
268c53733cf6c4af20b7d8677b38317e500ba029c1b7b81911fb5b07dfe86c82
2f7f8fc77f71c162c7907a35dda7b01cc2d098685b2a1554e6514655911af8e8
37197965a09a027984d4287726afead602fd1483ef37907636026d5055cf8249
3eb33abcc9e17566662916a5dffff94c84a6819c2d20244a6acd54e47a9ec6bc
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
418f40e2f98d71f923f4be59df3b7e021a237a76105891c7d93fafb3f3090069
41c12262453783f916105c53e3513dcf49cfae58b805b09c92eeac8d43b8b022
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
4a4036eaa6a660030e4afbf38fbe1a8b6ce8d3731f11d30fbd88a511dd44942f
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4cfe75789fc7f1119379e9ed88ea21440c1572a0c2292f8e1ef9fc2f16074ec1
53e5ce9e8c434dfe1c2482d11d5aceffc05c4beb221c58f034cee6169e77feea
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c2b1b052e39ff32c00f7f743274c3f853601a19cc0c194b4d392f82427a2b04
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
67cd2d215dfe5c7b17cfa9b3ee43c744ae069d1aae2f0d371898a90f59b0876f
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b8117a56d756ce4021f0773d384069aac7187ab701e9226c5f78e355e304e6e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7275f0fb8158cedd2aca99a9bb760d297331473511835855cf2614badbef18ef
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7d8c62049816b4a834204bb3a79b014f88a6c6dc916e7ab26abf0d40c2e69ed4
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8600ac725c29cc9b3e0e71a22ad384e6c42a2f088c49bab84d366ff91bd63868
862979d831d09008de4b751f3b5536e24e66e3e4cca8c1e388e4bda68d69498b
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8c527240491ebcd30d2f3f131422d5a5d10a57da26d0f17b93fdd7ba7a3ec9f0
9464552e64337889ef3a9dc120396d91f87b2015ad60a8bc0b61d846839f28af
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9f570afb5f9770b2fb2ba8938b4bab9619dddd987611fddaf0a5a91ab37d8242
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1ca3d513297f3d2ec676bcd89d5651dd83f4279251640f668c917c9e9997343
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a502f79cb5fa985d8b516eeb3b2ce66e500731cd1999e64b3bb1cb035e784f66
ac3c76afd5f27f1774dc0546d00f2f0791440da6c1dca5cb7fde7c4237df576f
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
b09d436fe2c56cf42bb403f4ed2f6dd14ee897d4194c3b609f20ff604c9c3e59
b84e77cbaa895622c2fad9a99865ad9a9508c1fb370b72dad56a2829bbfc3eb7
bc53f2d02646c9adf5a0a2207aa37782253372565ec18928a849766f7a432772
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
c3e5424c940e81b700243272693cbd0ef8e46a75e5e420d479974cfa7c022665
c8852fce88538d0d49c1e0f01353d5855d06484b3608b117d2a6373ef19e76d2
c8b88111616dc58d757e3bdbd3057cc8bd8afc861f9e71bd29c74398d8b9d1e6
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d2967e52cf9203016a3c2559a0b72b2c061eb319c3b277cea34455d1d8b6e563
d2d5b3272292d40974cddc95fe948b8c52fe78290f9fc83f98cc942a4b695ec7
d2da1c50c107fee37262b07122a238fabd2dc78e6319a4699e1efc6f3b7f83a6
d60a64393c2cddc96ee641c63c946323bec501f57852db8397fb9a43bee430f5
d9a6e71441811bf8ad12d3fdd93bf7dc4a187a9de4982996189e90cd6ba295b2
dd73aaa40aaa3f68485ce0099ab91f2db304523f542b95da68397340d58d5c4f
ddbfe0b990100c27546b1fcf339d6a034f9f85d253782269626a47e970658860
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e32d9408acb2e2abd68a0c26aac3040d906f556cb6085626147b2e0a12cac19d
e352bd3598be515c20c398e90549e3f966fbce570d88adea32a7f43de7b08f83
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61f04ea795a27a75e1fa93d276cba291bd1066bc87cc321bb13988a659f860c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f142b41ded989e7073c9bda8679c59a6cbe9fef877388e9c567947ac559f13a0
f57911de8027504c18f9a099e927b9ebbfbe7f2c299200569f93ebb2aac2abcc
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fb27dedaec7ab90d33283b1751e55cf6eeeb9ea3ee75c3ef567ec6df774420e6
fe0dd527489b9ada352a33c4c98447e0070705bc816dfb87f3b008fb8ff5514a
ff043bbec7f561560586e38eab02c3fe05508da36a123a1313f9a7c59921c700

www.croxyproxy.com Open in urlscan Pro 64.227.120.231 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

147 Requests

93 %HTTPS

64 %IPv6

21 Domains

44 Subdomains

34 IPs

5 Countries

4722 kBTransfer

9453 kBSize

14 Cookies

5 Outgoing links

Page URL History

Redirected requests

147 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.croxyproxy.com Open in urlscan Pro
64.227.120.231 Public Scan

Screenshot
Live screenshot

Full Image

147
Requests

93 %
HTTPS

64 %
IPv6

21
Domains

44
Subdomains

34
IPs

5
Countries

4722 kB
Transfer

9453 kB
Size

14
Cookies

147 HTTP transactions
8 data transactions